firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 03 Oct 2022 19:46:51 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZuiNBq-Gu4sXEOKA-i7WVAM-WNQGCx2oJuETEsiY-RiuMa42mZppkg==
Age: 143
www.reversomatic.com/
34.237.251.45301 Moved Permanently 3 B IP 34.237.251.45:0
File type ASCII text, with CRLF, LF line terminators
Hash 0c11bb317bd26e93c30821526c3834bd
70b99746fbf26b12b541d4c1a8451fd98b249bb2
7393ba4f11e19a5f6bee10ed995b0d959a52c4470855f6d68d4d1e34e26cb70f
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 03 Oct 2022 19:49:14 GMT
Server: Apache
X-Powered-By: PHP/7.3.13
Pragma: no-cache
Expires: Mon, 03 Oct 2022 20:49:14 GMT
X-Redirect-By: WordPress
Set-Cookie: PHPSESSID=2v3vmbbc7jl4038cbq0vs9oocq; path=/
X-Frame-Options: SAMEORIGIN
Location: https://reversomatic.com/
Cache-Control: max-age=3600, s-maxage=10
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7942
Expires: Mon, 03 Oct 2022 22:01:36 GMT
Date: Mon, 03 Oct 2022 19:49:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 74134730f642b6f6dfeca3ecc61a329e
668914cc93cceb123d199a45df13ad764704fa84
d681a4c2e20a6019c7e2d980cbfa77b34db9356899099296c3b8b4263ca5fb5f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D681A4C2E20A6019C7E2D980CBFA77B34DB9356899099296C3B8B4263CA5FB5F"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5867
Expires: Mon, 03 Oct 2022 21:27:01 GMT
Date: Mon, 03 Oct 2022 19:49:14 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: vpPN0rGLm8uWz9vtivojQqNX5zxiMk1zv/D/2f5+PtJkI86vmFfg2Ip1keZA+GY6Ma9wFbQPZOo=
x-amz-request-id: F5FJ0SQ7GRC0YBRW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 03 Oct 2022 18:50:44 GMT
age: 3510
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 19:49:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 13e6ced699788259f9a67a13c01ca60d
037c4f0a517a260cc222f4c2bc60046e1f48454b
3c8c95b19d94a7051e40d18ea378db26f1c4f1c514856527afc666be48e7ef7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C8C95B19D94A7051E40D18EA378DB26F1C4F1C514856527AFC666BE48E7EF7A"
Last-Modified: Mon, 03 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 04 Oct 2022 01:49:15 GMT
Date: Mon, 03 Oct 2022 19:49:15 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 03 Oct 2022 19:29:33 GMT
Expires: Mon, 03 Oct 2022 20:15:09 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WfBHyxvlnLd--cfIikvq_MAo3LVTJ17ROLTqRmWW9Qg_K1pffraSMQ==
Age: 1182
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 321fa9a78e31dcb66601ac5890bfba73
c325580db79bde6fd00d2d0c7e3f675e4c0046bb
83029b324b4c36522ae47eef9614c124b0ad2994de412d7ea82f990ad8ae9d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4196
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 19:49:15 GMT
Last-Modified: Mon, 03 Oct 2022 18:39:19 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.27.12.161101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.27.12.161:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qtL30+CB73ZCvnSoRAbPBA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: D9kNJCwqfFR5XvNJI5NVnK/0HNA=
reversomatic.com/
34.237.251.45200 OK 37 kB IP 34.237.251.45:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (26110), with CRLF, LF line terminators
Hash 63395d2887c07024b0f8ce8891282384
81f6ef8f40d914a5eaa3f1ab159dfd6cd5222ca2
8bb5e01afd015d4e19bac39b138481bb6a75756d42b63ae698c053c74b71ec78
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:15 GMT
Server: Apache
X-Powered-By: PHP/7.3.13
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Link: <https://reversomatic.com/wp-json/>; rel="https://api.w.org/", <https://reversomatic.com/wp-json/wp/v2/pages/5681>; rel="alternate"; type="application/json", <https://reversomatic.com/>; rel=shortlink
Set-Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3; path=/
X-Frame-Options: SAMEORIGIN
X-Mod-Pagespeed: 1.13.35.2-0
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, no-cache, s-maxage=10
Content-Length: 37092
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
reversomatic.com/wp-includes/css/dist/block-library/style.min.css?ver=964c6ec6dcf7a95c70e4aa5b8954d266
34.237.251.45200 OK 12 kB URL HTTP/1.1 reversomatic.com/wp-includes/css/dist/block-library/style.min.css?ver=964c6ec6dcf7a95c70e4aa5b8954d266
IP 34.237.251.45:0
File type ASCII text, with very long lines (43771)
Hash e5548800176e913a9084f47a3e1e04f6
eff4604acc5c26ae82a19188de2f98bf5b79d80c
a2569c768eaca09f2483b971fcebb97badd57c9a16b5ae3e16b8cdcd8c688b07
GET /wp-includes/css/dist/block-library/style.min.css?ver=964c6ec6dcf7a95c70e4aa5b8954d266 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:15 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 28 Jul 2022 13:26:55 GMT
ETag: "15b64-5e4dd7cc34f9b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11681
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/plugins/LayerSlider/static/css/layerslider.css?ver=5.3.0
34.237.251.45200 OK 3.1 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/LayerSlider/static/css/layerslider.css?ver=5.3.0
IP 34.237.251.45:0
File type ASCII text, with CRLF line terminators
Hash 5870c88983aa14424a153bbf9555e857
2c3016769775c3e91dfae688972c87960ed59702
6cbc3b079dd55be9efe6c5e5ee73df5656aa92ec98324862bc9b27ea776a0644
GET /wp-content/plugins/LayerSlider/static/css/layerslider.css?ver=5.3.0 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:15 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 30 Jan 2020 20:56:58 GMT
ETag: "40da-59d61b2ab8026-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3073
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/plugins/easy-bootstrap-shortcodes/styles/font-awesome.min.css?ver=964c6ec6dcf7a95c70e4aa5b8954d266
34.237.251.45200 OK 5.0 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/easy-bootstrap-shortcodes/styles/font-awesome.min.css?ver=964c6ec6dcf7a95c70e4aa5b8954d266
IP 34.237.251.45:0
File type ASCII text, with very long lines (21822)
Hash 5fc680fa1d13940a1a9cba6f89965f74
98a85daaf67d23ff264953e583c68315f76f5549
0f61bee70c4eca1d92acdfd8ad8285206bced50ef37af0ad2c846d1e5cbc3534
GET /wp-content/plugins/easy-bootstrap-shortcodes/styles/font-awesome.min.css?ver=964c6ec6dcf7a95c70e4aa5b8954d266 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:15 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:51:24 GMT
ETag: "55e0-5e8359f2c2d30-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5042
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.0.0
34.237.251.45200 OK 1.3 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.0.0
IP 34.237.251.45:0
File type ASCII text, with very long lines (4933), with no line terminators
Hash d2d7f4c273d3b4cd972a337969b14754
b441775d1dcba61a5234df0256a40c7f58a8b059
fcfdbdf2a45072bbb545934d419cf76e5272d3193742eb8b659e938cafab4cdf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.0.0 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:15 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:52:16 GMT
ETag: "1345-5e835a238162c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1286
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/themes/astra/assets/css/minified/style.min.css?ver=3.9.2
34.237.251.45200 OK 12 kB URL HTTP/1.1 reversomatic.com/wp-content/themes/astra/assets/css/minified/style.min.css?ver=3.9.2
IP 34.237.251.45:0
File type ASCII text, with very long lines (63070), with CRLF line terminators
Hash aab8da333613933cc37485d8a7ba13be
29762b20907f8feda444d83de5e1b08b07351713
02762812ff8f9094fca15e4e5361fcffbb7b9be75acfb46ed6e87f43acdcbbdc
GET /wp-content/themes/astra/assets/css/minified/style.min.css?ver=3.9.2 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:15 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:53:47 GMT
ETag: "11449-5e835a7ae877f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11733
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/plugins/embed-any-document/css/embed-public.min.css?ver=2.7.1
34.237.251.45200 OK 443 B URL HTTP/1.1 reversomatic.com/wp-content/plugins/embed-any-document/css/embed-public.min.css?ver=2.7.1
IP 34.237.251.45:0
File type ASCII text, with very long lines (1217), with no line terminators
Hash d7c339c0a27002ac4848593156af4153
c1f4b02b57438e7e6389b48653c9163826aafc7f
4f598bd666c92058d7d170f2245f15093d37347dc73f08582ebc14f09945ff07
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/embed-any-document/css/embed-public.min.css?ver=2.7.1 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:15 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:51:31 GMT
ETag: "4c1-5e8359f8e90c8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 443
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-includes/js/wp-emoji-release.min.js?ver=964c6ec6dcf7a95c70e4aa5b8954d266
34.237.251.45200 OK 4.9 kB URL HTTP/1.1 reversomatic.com/wp-includes/js/wp-emoji-release.min.js?ver=964c6ec6dcf7a95c70e4aa5b8954d266
IP 34.237.251.45:0
File type ASCII text, with very long lines (15660)
Hash 3c715ab86eaccf713adc6deb91f17255
4b65649deef6fd31e6db6e6ff55c82aead242f24
3622940c9354916631e92d44ac09c5abfb93f229554bf3a5c28c7aeb488eb053
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=964c6ec6dcf7a95c70e4aa5b8954d266 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:15 GMT
Server: Apache
Content-Length: 4917
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:26:15 GMT
ETag: "48b9-5e835452f0ada-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Expires: Mon, 03 Oct 2022 19:51:24 GMT
X-Original-Content-Length: 18617
Content-Encoding: gzip
Cache-Control: s-maxage=10
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 19:49:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s7.addthis.com/js/300/addthis_widget.js?ver=964c6ec6dcf7a95c70e4aa5b8954d266
2.18.172.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js?ver=964c6ec6dcf7a95c70e4aa5b8954d266
IP 2.18.172.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116360 bytes)
Hash b87cd33d44e99d7bb4fa59f97915a154
429b6461bab5189d6987d39713c3405223c461b8
9ad12a8b1ed82ccdfc74eebce578bd8f146b04ba08476f8a9a237e346f1772b2
GET /js/300/addthis_widget.js?ver=964c6ec6dcf7a95c70e4aa5b8954d266 HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
content-encoding: gzip
content-length: 116360
date: Mon, 03 Oct 2022 19:49:16 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
reversomatic.com/wp-content/plugins/anti-spam/assets/css/admin-bar.css?ver=7.3.1
34.237.251.45200 OK 478 B URL HTTP/1.1 reversomatic.com/wp-content/plugins/anti-spam/assets/css/admin-bar.css?ver=7.3.1
IP 34.237.251.45:0
Hash f9878a5963bb1e3a0c6b7d1a681523ab
2c93dff76f04566cf244532c835b6ee19b5a9b79
c167f10b6eaa3ee33704227aa15a247ec02907ea04be93dec79f25570322a60f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/anti-spam/assets/css/admin-bar.css?ver=7.3.1 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:52:12 GMT
ETag: "52d-5e835a2035a1f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 478
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
34.237.251.45200 OK 972 B URL HTTP/1.1 reversomatic.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP 34.237.251.45:0
Hash 8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:51:14 GMT
ETag: "aab-5e8359e88f7c9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 972
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.9.2
34.237.251.45200 OK 424 B URL HTTP/1.1 reversomatic.com/wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.9.2
IP 34.237.251.45:0
File type ASCII text, with very long lines (882), with no line terminators
Hash ee80e5093d4e46344ea1eadd7306ae9f
63a9ad2501f4a6dc61ba9a31230ccb96e2fc99d9
ad7a17c7be30b44ef409671f71e0e2c6f99d839e1927a4825e6b3f930be4a7c7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.9.2 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:53:47 GMT
ETag: "372-5e835a7ae971f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 424
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/plugins/revslider/rs-plugin/css/settings.css?rev=4.6.0&ver=964c6ec6dcf7a95c70e4aa5b8954d266
34.237.251.45200 OK 8.7 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/revslider/rs-plugin/css/settings.css?rev=4.6.0&ver=964c6ec6dcf7a95c70e4aa5b8954d266
IP 34.237.251.45:0
File type Unicode text, UTF-8 text, with very long lines (374), with CRLF line terminators
Hash 52f5b82b671c480f320ac726db497a31
eda7e1a4a63b585a9835276e91c1e95f8aa84945
4c0e124400810c4a85dea9727c66a61634f61d5ab1a661fd1c0d619ef3593422
GET /wp-content/plugins/revslider/rs-plugin/css/settings.css?rev=4.6.0&ver=964c6ec6dcf7a95c70e4aa5b8954d266 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 30 Jan 2020 20:56:59 GMT
ETag: "d3b0-59d61b2bb00bf-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8669
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.0.0
34.237.251.45200 OK 22 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.0.0
IP 34.237.251.45:0
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash 11690c5db49ee860820607748f2cbdc7
961a3a43bbbe170897cc3d6f7f42c56184ce3e31
9332ed0962c28fee8236a89805af8355b5df93107548c2c538c276217609f720
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.0.0 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:15 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:52:16 GMT
ETag: "333cb-5e835a238356c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 22450
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/plugins/woocommerce-colororimage-variation-select/css/front-end.css?ver=964c6ec6dcf7a95c70e4aa5b8954d266
34.237.251.45200 OK 256 B URL HTTP/1.1 reversomatic.com/wp-content/plugins/woocommerce-colororimage-variation-select/css/front-end.css?ver=964c6ec6dcf7a95c70e4aa5b8954d266
IP 34.237.251.45:0
File type ASCII text, with CRLF, CR line terminators
Hash 01adaea799c05c0d0af4b8cd07dbc20c
dae27e6cb48b11f63efecd7cd2fd800cdf09e198
b852ed1ed9502e7eafd2052f8089bc1589a2cf899276921ea0dba010c1f51570
GET /wp-content/plugins/woocommerce-colororimage-variation-select/css/front-end.css?ver=964c6ec6dcf7a95c70e4aa5b8954d266 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 30 Jan 2020 20:56:59 GMT
ETag: "29d-59d61b2bfb3d4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 256
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout.min.css?ver=3.9.2
34.237.251.45200 OK 2.1 kB URL HTTP/1.1 reversomatic.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout.min.css?ver=3.9.2
IP 34.237.251.45:0
File type ASCII text, with very long lines (18333), with no line terminators
Hash 493b5458e78e50e8f3f4c5b7201f4fe5
827d9dd1a7048fc26cbbea5cca8a003917a55f08
21e51535a4b3701189a71e9a8a3760cd5392eefcc7fd835ca98c374809313d43
GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout.min.css?ver=3.9.2 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:53:47 GMT
ETag: "479d-5e835a7ae971f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2147
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/themes/astra-child/style.css?ver=1.0.0
34.237.251.45200 OK 1.0 kB URL HTTP/1.1 reversomatic.com/wp-content/themes/astra-child/style.css?ver=1.0.0
IP 34.237.251.45:0
Hash f8a70b0962eb6827fa026e700782e793
e7f85b1b4b505f6129c0b6700483ec55e96060ab
f11729b254f1aec1b9eecd56ccfb605459a67c8ee458dc94649bc2e878add611
GET /wp-content/themes/astra-child/style.css?ver=1.0.0 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 09 Mar 2020 17:56:03 GMT
ETag: "a1a-5a06fb7769615-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1010
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/themes/astra/style.css?ver=964c6ec6dcf7a95c70e4aa5b8954d266
34.237.251.45200 OK 1.9 kB URL HTTP/1.1 reversomatic.com/wp-content/themes/astra/style.css?ver=964c6ec6dcf7a95c70e4aa5b8954d266
IP 34.237.251.45:0
File type ASCII text, with very long lines (901), with CRLF line terminators
Hash 44b25068649b6380997c64757b8712c3
91feb91d9c0e46f60db747b0feff452408d6763b
8017cc97ccd27e8dfdb05580ed4c88fdf925b4b59e8bec7d697eb39ea596d156
GET /wp-content/themes/astra/style.css?ver=964c6ec6dcf7a95c70e4aa5b8954d266 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:53:47 GMT
ETag: "11d4-5e835a7afbfff-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1860
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/plugins/astra-addon/addons/advanced-hooks/assets/css/minified/astra-hooks-sticky-header-footer.min.css?ver=3.9.1
34.237.251.45200 OK 345 B URL HTTP/1.1 reversomatic.com/wp-content/plugins/astra-addon/addons/advanced-hooks/assets/css/minified/astra-hooks-sticky-header-footer.min.css?ver=3.9.1
IP 34.237.251.45:0
File type ASCII text, with very long lines (1537), with no line terminators
Hash 7cbb8b76b624a5ac4f9898dad3c2fc87
6a80df0484db67a3b292716b31d7b104538e6c1a
07c1ff1285a2a35ef606ac1e282feec284bcaca56da5bd12cf7ef06592775352
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/astra-addon/addons/advanced-hooks/assets/css/minified/astra-hooks-sticky-header-footer.min.css?ver=3.9.1 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Sat, 30 Jul 2022 15:19:16 GMT
ETag: "601-5e5074a3811af-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 345
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/plugins/astra-addon/addons/advanced-hooks/assets/css/minified/style.min.css?ver=3.9.1
34.237.251.45200 OK 110 B URL HTTP/1.1 reversomatic.com/wp-content/plugins/astra-addon/addons/advanced-hooks/assets/css/minified/style.min.css?ver=3.9.1
IP 34.237.251.45:0
File type ASCII text, with no line terminators
Hash 0cbc08dc178f2ee5821caa75a27ee602
876c2767c3ad0d5da42b9ab4610b047cc76d4900
e06326fce62627b1e3e9217d0d1c0816c21eae0207154f1790c424c42e633267
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/astra-addon/addons/advanced-hooks/assets/css/minified/style.min.css?ver=3.9.1 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Sat, 30 Jul 2022 15:19:16 GMT
ETag: "97-5e5074a3811af-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 110
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/plugins/astra-addon/addons/advanced-footer/assets/css/minified/style.min.css?ver=3.9.1
34.237.251.45200 OK 168 B URL HTTP/1.1 reversomatic.com/wp-content/plugins/astra-addon/addons/advanced-footer/assets/css/minified/style.min.css?ver=3.9.1
IP 34.237.251.45:0
File type ASCII text, with no line terminators
Hash 35e04903cb69af5f4dade5350b6430c5
d0e033d27f35d2e6cc63fe187b64431f0c454b27
82d4592ea22d6d41706cf0af8f96f50941ed274e0ed77eef3b2928a18b274aed
GET /wp-content/plugins/astra-addon/addons/advanced-footer/assets/css/minified/style.min.css?ver=3.9.1 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Sat, 30 Jul 2022 15:19:16 GMT
ETag: "fe-5e5074a37e2cf-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 168
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 19:49:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
reversomatic.com/wp-content/plugins/astra-addon/addons/advanced-footer/assets/css/minified/layout-1.min.css?ver=3.9.1
34.237.251.45200 OK 92 B URL HTTP/1.1 reversomatic.com/wp-content/plugins/astra-addon/addons/advanced-footer/assets/css/minified/layout-1.min.css?ver=3.9.1
IP 34.237.251.45:0
File type ASCII text, with no line terminators
Hash 708590b78b15290e9da78f5a121fb28c
baa0de928d25c98fadc82abd6381c73b0710c930
bad0a0512b83a401cca8d002e61474fa6b2c9de503c791212a04cfb27ca37470
GET /wp-content/plugins/astra-addon/addons/advanced-footer/assets/css/minified/layout-1.min.css?ver=3.9.1 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Sat, 30 Jul 2022 15:19:16 GMT
ETag: "54-5e5074a37e2cf-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 92
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce.min.css?ver=3.9.2
34.237.251.45200 OK 16 kB URL HTTP/1.1 reversomatic.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce.min.css?ver=3.9.2
IP 34.237.251.45:0
File type Unicode text, UTF-8 text, with very long lines (65526), with no line terminators
Hash d3f08474921c6d851d14c2ed696171ba
a11eaa3c3efb9d26ddaab9f3556b116d7f0bcade
df57e23dcaa0a4737c4b68672b7277e3affb1cef2521e5eecc65238db3fcf770
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce.min.css?ver=3.9.2 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:53:47 GMT
ETag: "1ca45-5e835a7ae877f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16217
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/plugins/astra-addon/addons/site-layouts/assets/css/minified/style.min.css?ver=3.9.1
34.237.251.45200 OK 427 B URL HTTP/1.1 reversomatic.com/wp-content/plugins/astra-addon/addons/site-layouts/assets/css/minified/style.min.css?ver=3.9.1
IP 34.237.251.45:0
File type ASCII text, with very long lines (1267), with no line terminators
Hash 03193a131989d36da37a7f65d0d779c2
4d5cf3d895ae70d15a2ad6560a36a97a727c7329
ac375215d2b70e21c0a1f0f20b79bb5a043cd5b20c0327587307e12044d7eb3e
GET /wp-content/plugins/astra-addon/addons/site-layouts/assets/css/minified/style.min.css?ver=3.9.1 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Sat, 30 Jul 2022 15:19:16 GMT
ETag: "4f3-5e5074a37e2cf-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 427
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/plugins/astra-addon/addons/scroll-to-top/assets/css/minified/style.min.css?ver=3.9.1
34.237.251.45200 OK 281 B URL HTTP/1.1 reversomatic.com/wp-content/plugins/astra-addon/addons/scroll-to-top/assets/css/minified/style.min.css?ver=3.9.1
IP 34.237.251.45:0
File type ASCII text, with very long lines (451), with no line terminators
Hash 81f8b670d69d5506186b43652dfddf60
0a82d5e4270187a1c3ad8cb4d8315dc3b976e646
46e355bbed0fe06d91bef0f45185e2dd59e6c3722413bb3aa129dbb86ced8ba3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/astra-addon/addons/scroll-to-top/assets/css/minified/style.min.css?ver=3.9.1 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Sat, 30 Jul 2022 15:19:16 GMT
ETag: "1c3-5e5074a3830ef-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 281
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/plugins/astra-addon/addons/woocommerce/assets/css/minified/style.min.css?ver=3.9.1
34.237.251.45200 OK 3.5 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/astra-addon/addons/woocommerce/assets/css/minified/style.min.css?ver=3.9.1
IP 34.237.251.45:0
File type ASCII text, with very long lines (24205), with no line terminators
Hash d4a5dd4ab9476b8b5a783b832ca78cd3
4c76e8a3baefed5e468e3b36bf7715cac20ad892
befc354cea5707244219644b418756e61c849403aa91664d5bcafb5d5fc96179
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/astra-addon/addons/woocommerce/assets/css/minified/style.min.css?ver=3.9.1 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Sat, 30 Jul 2022 15:19:16 GMT
ETag: "5e8d-5e5074a37a44f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3536
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/plugins/astra-addon/addons/woocommerce/assets/css/minified/add-to-cart-quantity-btn.min.css?ver=3.9.1
34.237.251.45200 OK 382 B URL HTTP/1.1 reversomatic.com/wp-content/plugins/astra-addon/addons/woocommerce/assets/css/minified/add-to-cart-quantity-btn.min.css?ver=3.9.1
IP 34.237.251.45:0
File type ASCII text, with very long lines (934), with no line terminators
Hash 70dc52e09697d68a43d55357da6140ef
9453304cfae9d5c24447b1f1e9377cc67ca3f99e
88e2db8d26ba699628d06c99e9343814fc22df25ea0c9c6170242b55327c3fc5
GET /wp-content/plugins/astra-addon/addons/woocommerce/assets/css/minified/add-to-cart-quantity-btn.min.css?ver=3.9.1 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Sat, 30 Jul 2022 15:19:16 GMT
ETag: "3a6-5e5074a37a44f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 382
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/plugins/astra-addon/addons/woocommerce/assets/css/minified/quick-view.min.css?ver=3.9.1
34.237.251.45200 OK 1.6 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/astra-addon/addons/woocommerce/assets/css/minified/quick-view.min.css?ver=3.9.1
IP 34.237.251.45:0
File type ASCII text, with very long lines (6122), with no line terminators
Hash 536cfdc5334892ea2c79c46a0b452429
767371811ceb18902142759d2c8ae720082ff6f7
a794f2b7fb6a5857c1dcfdbf11f3eb7b109aa254c3cdf8d87cb929d80312f5e4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/astra-addon/addons/woocommerce/assets/css/minified/quick-view.min.css?ver=3.9.1 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Sat, 30 Jul 2022 15:19:16 GMT
ETag: "17ea-5e5074a37a44f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1604
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/plugins/astra-addon/addons/advanced-search/assets/css/minified/style.min.css?ver=3.9.1
34.237.251.45200 OK 1.4 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/astra-addon/addons/advanced-search/assets/css/minified/style.min.css?ver=3.9.1
IP 34.237.251.45:0
File type ASCII text, with very long lines (8850), with no line terminators
Hash e4ba1bf925801666815ce26d0fa8bca0
3138e40a1ee3511d26de64f5fe2b0cfb3c74b119
8535af04273e81ef94a2ea4ef434173e60d99c58902d19dd40caaca25ecd53e7
GET /wp-content/plugins/astra-addon/addons/advanced-search/assets/css/minified/style.min.css?ver=3.9.1 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Sat, 30 Jul 2022 15:19:16 GMT
ETag: "2292-5e5074a3736ef-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1377
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.4
34.237.251.45200 OK 855 B URL HTTP/1.1 reversomatic.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.4
IP 34.237.251.45:0
File type ASCII text, with very long lines (13766)
Hash 68d186ab8dbe8a634f8a050d7a51ac42
32d104cabc7aa62b6f8a589c4faa8f33641bff42
3a7ca09d30be65ad7da3537306110c3d2fbd9f55d101299444658ac07fe5088b
GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.4 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:51:29 GMT
ETag: "35ed-5e8359f6e08a0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 855
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.4
34.237.251.45200 OK 20 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.4
IP 34.237.251.45:0
File type ASCII text, with very long lines (65497)
Hash d27a459df68cc49e1f1efdb049916681
86c599a7fabc3ac4922e8858b43080fd33dde4db
0c3db03d3825f827280193f649d09b64e3e1ae8c7a446e48189b075eb97faf0d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.4 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:51:29 GMT
ETag: "28722-5e8359f6df900-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20219
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/uploads/elementor/css/post-5178.css?ver=1662690430
34.237.251.45200 OK 701 B URL HTTP/1.1 reversomatic.com/wp-content/uploads/elementor/css/post-5178.css?ver=1662690430
IP 34.237.251.45:0
File type ASCII text, with very long lines (3307), with no line terminators
Hash 1d2088defc112d9ab36e1eaa3889a490
29288776b28576811897ac925602b081b243733a
ef6610ffad34b4ce7ab9378228513fa775fe9c957c7f4b8b8622fd1f14267011
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-5178.css?ver=1662690430 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:27:10 GMT
ETag: "ceb-5e8354875ab1e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 701
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 19:49:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
reversomatic.com/wp-content/plugins/multiple-products-to-cart-for-woocommerce/assets/css/mpc-frontend.css?ver=6.0
34.237.251.45200 OK 2.8 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/multiple-products-to-cart-for-woocommerce/assets/css/mpc-frontend.css?ver=6.0
IP 34.237.251.45:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash bc8aacc3a13c3ecf8c413f853f951374
c8622dbe269f81c42b471775cbaf7db00b154462
a125eebe5089a3ff3de55a69773d1fdf4e9f3ee5d3039c8fd2d5e5fad7a754ca
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/multiple-products-to-cart-for-woocommerce/assets/css/mpc-frontend.css?ver=6.0 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:51:39 GMT
ETag: "2f58-5e835a00c5c06-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2772
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/plugins/tablepress/css/default.min.css?ver=1.14
34.237.251.45200 OK 2.2 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/tablepress/css/default.min.css?ver=1.14
IP 34.237.251.45:0
File type ASCII text, with very long lines (5092), with no line terminators
Hash fadb046ad02dc98892f8a102040a18ee
6fc3072fcbd94c7722145447bd3dc00f2458f8a6
926ee0e9d5a4ec3f859d7d49cf490a6a8f1694fef7df4bcc8de128123cf3eb9b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/tablepress/css/default.min.css?ver=1.14 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:52:10 GMT
ETag: "13e4-5e835a1dc9836-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2244
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
34.237.251.45200 OK 4.0 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP 34.237.251.45:0
File type ASCII text, with very long lines (19233)
Hash 24dc15839234f4dbd06f677098762e1c
a285318fa3f4d9a1491f523f080cd32e1df12315
016fdb3d864bb8491d6450906f97c734548f76ca9ead4b13b92dc7112c5568c6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:51:29 GMT
ETag: "4b4f-5e8359f6dba80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3961
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/uploads/elementor/css/global.css?ver=1662690430
34.237.251.45200 OK 834 B URL HTTP/1.1 reversomatic.com/wp-content/uploads/elementor/css/global.css?ver=1662690430
IP 34.237.251.45:0
File type ASCII text, with very long lines (6697)
Hash 2293ed79272563f3da94cb6591e19a1f
e5168d2f62c954f85611089ea8e6be9241c37cd9
977634309dfe776c26f96766e342a63b53b66d187191b80131237362879fae05
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/global.css?ver=1662690430 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:27:10 GMT
ETag: "2503-5e8354877aebf-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 834
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/uploads/elementor/css/post-5681.css?ver=1662690915
34.237.251.45200 OK 1.4 kB URL HTTP/1.1 reversomatic.com/wp-content/uploads/elementor/css/post-5681.css?ver=1662690915
IP 34.237.251.45:0
File type ASCII text, with very long lines (17182), with no line terminators
Hash f7b3d234a70aaa364200420720194c3b
ffbabcb5fd05c793376bd5da1b92c3ceba7057bc
47129cd4c7f2213a843e27861ad06653357a3ccd8d0775f7aef9c344d84b7a80
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-5681.css?ver=1662690915 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:35:15 GMT
ETag: "431e-5e835655ec201-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1366
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/plugins/addthis/frontend/build/addthis_wordpress_public.min.css?ver=964c6ec6dcf7a95c70e4aa5b8954d266
34.237.251.45200 OK 284 B URL HTTP/1.1 reversomatic.com/wp-content/plugins/addthis/frontend/build/addthis_wordpress_public.min.css?ver=964c6ec6dcf7a95c70e4aa5b8954d266
IP 34.237.251.45:0
File type ASCII text, with very long lines (504)
Hash 12711e1c856d6b459fda3d6bd0bf6eda
bd6750d02ccb8f9a340d77b35f4cbf53284c3488
e9f5c7fe2e69f18c19d456bb52706b71bb6a858a15019822ee6f5385c593e9f9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/addthis/frontend/build/addthis_wordpress_public.min.css?ver=964c6ec6dcf7a95c70e4aa5b8954d266 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:51:59 GMT
ETag: "24b-5e835a13ad9cf-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 284
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/plugins/ubermenu/pro/assets/css/ubermenu.min.css?ver=3.6.0.1
34.237.251.45200 OK 7.2 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/ubermenu/pro/assets/css/ubermenu.min.css?ver=3.6.0.1
IP 34.237.251.45:0
File type ASCII text, with very long lines (52635), with no line terminators
Hash 36e1995b3cc559c8cde1266bb6a56e61
54b500b5e5bfa7ba2b7cf270e1a9ba52dcd32861
78eb667e8d6cce5a249874c696b60e06fbb0ec2fde36001ffcc32b00146d462c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ubermenu/pro/assets/css/ubermenu.min.css?ver=3.6.0.1 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 30 Jan 2020 20:56:59 GMT
ETag: "cd9b-59d61b2bef856-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7175
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/plugins/ubermenu/assets/css/skins/minimal.css?ver=964c6ec6dcf7a95c70e4aa5b8954d266
34.237.251.45200 OK 657 B URL HTTP/1.1 reversomatic.com/wp-content/plugins/ubermenu/assets/css/skins/minimal.css?ver=964c6ec6dcf7a95c70e4aa5b8954d266
IP 34.237.251.45:0
Hash 5ec3a7aec795b0af75f086304db087cd
97701aea81bbdb7d8cc6f5c7ab9a1843f19eaf6b
220544da546b0c501c606ea5bfc37eb1f1b17c6314d0fa167c7c6b0f7d6dbad0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ubermenu/assets/css/skins/minimal.css?ver=964c6ec6dcf7a95c70e4aa5b8954d266 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 30 Jan 2020 20:56:59 GMT
ETag: "f18-59d61b2bdbfd9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 657
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/plugins/ubermenu/assets/fontawesome/css/all.min.css?ver=964c6ec6dcf7a95c70e4aa5b8954d266
34.237.251.45200 OK 12 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/ubermenu/assets/fontawesome/css/all.min.css?ver=964c6ec6dcf7a95c70e4aa5b8954d266
IP 34.237.251.45:0
File type ASCII text, with very long lines (55782)
Hash a03ba9fd6149555cde8b262c1dd7297f
d09f78f94ea2da2e14398d5301ea3b91d2b8c454
da37b0c7806b880801629294a45576ec57e77849a395c933721db91174247cbe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ubermenu/assets/fontawesome/css/all.min.css?ver=964c6ec6dcf7a95c70e4aa5b8954d266 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 30 Jan 2020 20:56:59 GMT
ETag: "da9f-59d61b2bdbfd9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12204
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/plugins/easy-bootstrap-shortcodes/styles/ebs_dynamic_css.php?ver=964c6ec6dcf7a95c70e4aa5b8954d266
34.237.251.45200 OK 0 B URL HTTP/1.1 reversomatic.com/wp-content/plugins/easy-bootstrap-shortcodes/styles/ebs_dynamic_css.php?ver=964c6ec6dcf7a95c70e4aa5b8954d266
IP 34.237.251.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/easy-bootstrap-shortcodes/styles/ebs_dynamic_css.php?ver=964c6ec6dcf7a95c70e4aa5b8954d266 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Powered-By: PHP/7.3.13
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Length: 0
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css;charset=UTF-8
reversomatic.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
34.237.251.45200 OK 308 B URL HTTP/1.1 reversomatic.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
IP 34.237.251.45:0
File type ASCII text, with very long lines (489)
Hash 0a08469d24387f830bbaaa00b3c228ae
01f5dfeb8f93a32c9a8f66fe5940758109771fcd
3c7c29e5fc1193ff7ce24f72f77b2dc129e1a9434a97ef7b625f6f715531803c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:51:29 GMT
ETag: "2a3-5e8359f6dd9c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 308
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
34.237.251.45200 OK 13 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 34.237.251.45:0
File type ASCII text, with very long lines (57726)
Hash 991d00cd7cb62d50a29295522d554f1f
e128a5238f141e9c4da1979716108d858340fe03
b8fcb61816168fc6a7ee01bb09fa4378398838dc6e4f49dc411872876355d113
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:51:29 GMT
ETag: "e238-5e8359f6dd9c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12582
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 19:49:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 19:49:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 19:49:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
reversomatic.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider.min.css?ver=e122aaff
34.237.251.45200 OK 4.1 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider.min.css?ver=e122aaff
IP 34.237.251.45:0
File type ASCII text, with very long lines (22127), with no line terminators
Hash 09a3bdea6fd66f1af936d059df4c1355
3f1833f50f33049faae94ec392ce268b64251f53
6119640c09d59b6ea4e1bc0bc9caaa3258f63812205bb4b541e44f6b7d7f18d1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider.min.css?ver=e122aaff HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:52:04 GMT
ETag: "566f-5e835a186a821-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4063
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 19:49:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
reversomatic.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
34.237.251.45200 OK 4.2 kB URL HTTP/1.1 reversomatic.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 34.237.251.45:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:26:15 GMT
ETag: "2bd8-5e835452e3019-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4169
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
reversomatic.com/wp-content/plugins/LayerSlider/static/js/layerslider.kreaturamedia.jquery.js?ver=5.3.0
34.237.251.45200 OK 21 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/LayerSlider/static/js/layerslider.kreaturamedia.jquery.js?ver=5.3.0
IP 34.237.251.45:0
File type ASCII text, with very long lines (56242), with CRLF, LF line terminators
Hash 05f81756b4da520fd48d8e2b16db61ac
50e02d009b05246c25752847c165282d007aa76d
b05a0dd20e34376f41c4a692358592924e67ab8c486a872150c927f99c6e2a3d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/static/js/layerslider.kreaturamedia.jquery.js?ver=5.3.0 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Sat, 03 Sep 2022 13:23:38 GMT
ETag: "eb01-5e7c5c129cc17-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20682
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14475
Expires: Mon, 03 Oct 2022 23:50:31 GMT
Date: Mon, 03 Oct 2022 19:49:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 523edd86af4757d0bc5fa5b3b8a3596a
8118ee462077c291b9d6f1402b85b55a9ceba8c2
c27de9970317636df8c4a517a9ed38e573235b351bf92c9b8bb1f964cd100031
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9083
x-amzn-requestid: fda71fd3-ef25-4a63-94ae-1bfc8aef8d14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXD2H0DIAMFjrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-198915fc17ce3dab571b7575;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _JxPe8uPQIgRKoJxtJAKjXpVy1hCW0rFcs8K_erJOHbVNpw339Pz6w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
age: 79429
etag: "8118ee462077c291b9d6f1402b85b55a9ceba8c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14475
Expires: Mon, 03 Oct 2022 23:50:31 GMT
Date: Mon, 03 Oct 2022 19:49:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TVz3oiy-Z2r9lGFDgsnGNxotvvAPeOaa7LMzqs432QjZpZo-PNt1-g==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 04:42:51 GMT
age: 54385
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
reversomatic.com/wp-content/plugins/ajax-content-filter/js/acf_script.js?ver=964c6ec6dcf7a95c70e4aa5b8954d266
34.237.251.45200 OK 157 B URL HTTP/1.1 reversomatic.com/wp-content/plugins/ajax-content-filter/js/acf_script.js?ver=964c6ec6dcf7a95c70e4aa5b8954d266
IP 34.237.251.45:0
Hash 0ba809d4d72a63fd565ef3c2d7a4a409
272892b358b9ec5907cb1c5723ba50f7ec3f7942
0e131c886e0c1117012118833351d14d9faca1be06ee227cb00493d7faf07b92
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ajax-content-filter/js/acf_script.js?ver=964c6ec6dcf7a95c70e4aa5b8954d266 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:37:33 GMT
ETag: "b9-5e8356d988a2c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 157
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14475
Expires: Mon, 03 Oct 2022 23:50:31 GMT
Date: Mon, 03 Oct 2022 19:49:16 GMT
Connection: keep-alive
fonts.googleapis.com/css?display=swap&family=Bree+Serif%3A300%2C400
142.250.74.10200 OK 11 kB URL HTTP/2 fonts.googleapis.com/css?display=swap&family=Bree+Serif%3A300%2C400
IP 142.250.74.10:0
Hash e5f5607ca92c5916927587c9fa160da4
4820751dc6dd6b749b5f4400eec33218e744a11f
f2015511d5d158f9b321e80d0a4f75543a30455c5bb07c00c8ce12ced0aeb63c
GET /css?display=swap&family=Bree+Serif%3A300%2C400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 03 Oct 2022 19:49:16 GMT
date: Mon, 03 Oct 2022 19:49:16 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14475
Expires: Mon, 03 Oct 2022 23:50:31 GMT
Date: Mon, 03 Oct 2022 19:49:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d589035-4143-4e43-a45c-b842ae27b9a3.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d589035-4143-4e43-a45c-b842ae27b9a3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 34ba42086104460665f7f4f579235592
58f10485c5273cbed8159c98b9065b192ba3d00b
79f1febc020ab611c5d9a8bc1af237a63420f8215963fd97f6c4b9bccfa17d24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d589035-4143-4e43-a45c-b842ae27b9a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4522
x-amzn-requestid: cc836204-3c4f-48d0-9569-b1622e6d2178
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMVoRH9toAMFwig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334cfce-096ff90412945ca06335e987;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 22:50:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fudDd0zzDKrnJFkd5SprRVtrhRWr9sSccbhORco9XUEJTO2TXYouzQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 12:54:19 GMT
age: 24897
etag: "58f10485c5273cbed8159c98b9065b192ba3d00b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
reversomatic.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
34.237.251.45200 OK 31 kB URL HTTP/1.1 reversomatic.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 34.237.251.45:0
File type ASCII text, with very long lines (65447)
Hash 9640915738503451aa21181699feab5b
c053eaf36ef0da96619706b3abda326305063bd6
f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:26:15 GMT
ETag: "15db1-5e835452e3019-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30908
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 721a8d8f94c3796abf021978fcdbc831
3fc3aeae907a0ce0db21753c67c1000681e48b8e
cb497b15e7c2e49930b99f8d6659f0394acefb7b11613ca04397ee782dac759d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8158
x-amzn-requestid: 424c8c6c-7075-4ace-97e6-2b0a609d1b7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXDxGRlIAMFZrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-046d963a345c15e81dc74e4d;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AM8Ox9ObWGoXI-QnnoI7QkY5mOh8j6xBPetTrhyVktVO40ekk4X2Eg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
age: 79429
etag: "3fc3aeae907a0ce0db21753c67c1000681e48b8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14475
Expires: Mon, 03 Oct 2022 23:50:31 GMT
Date: Mon, 03 Oct 2022 19:49:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d8a8cc8-8c9a-4305-bb96-a248c5e44655.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d8a8cc8-8c9a-4305-bb96-a248c5e44655.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f1af609199093985d73fd1d256482c12
a54f3f4af645c1c93299360bc7dcf06bbae8de81
047e15a2d3ea5b7d1f3d22cdac2ac0446c6267c99deb0b12576366088d29d5b3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d8a8cc8-8c9a-4305-bb96-a248c5e44655.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8657
x-amzn-requestid: 172be66b-6140-4ff6-a061-22d177e75c23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YtlXZGujoAMF2vQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63288295-6f74795f2b26d54409b2f388;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 14:54:13 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JuivAaE3zJE1Hyn9GdpPB3Z94FvDmfvGyuIYPrAOFlhyClh9yQfefQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:59:39 GMT
age: 78577
etag: "a54f3f4af645c1c93299360bc7dcf06bbae8de81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
reversomatic.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/n2.min.js?ver=e122aaff
34.237.251.45200 OK 12 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/n2.min.js?ver=e122aaff
IP 34.237.251.45:0
File type ASCII text, with very long lines (41234), with no line terminators
Hash 83d87f65d3e77a6788d87a140324223c
780e8b8f8c95c5ac06aab19531412ceeedce6e98
ed855166c9e9e5b84b9ae7f5cf7ca86e993fbbc2506d241b8044d940c0b71120
GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/n2.min.js?ver=e122aaff HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:52:04 GMT
ETag: "a112-5e835a186a821-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12336
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
reversomatic.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider-frontend.min.js?ver=e122aaff
34.237.251.45200 OK 26 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider-frontend.min.js?ver=e122aaff
IP 34.237.251.45:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash b6eb13a2a9e3b2abad939f3d243c03d1
32e0f6431096d9ae70247038a62347a4b86e067d
7832b3a274a860ce31ada21c4f5e109b3e3b34d7fc34943978a727d737bda5f8
GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider-frontend.min.js?ver=e122aaff HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:52:04 GMT
ETag: "1bb0d-5e835a186b7c1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 26286
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
reversomatic.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/ss-simple.min.js?ver=e122aaff
34.237.251.45200 OK 3.1 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/ss-simple.min.js?ver=e122aaff
IP 34.237.251.45:0
File type ASCII text, with very long lines (13218), with no line terminators
Hash ec24a24fec2dcd0cf449463838899deb
acfc3646c865e3818d6c276dd8991f0d1b8eec53
abed6ef94afe46756ad949953a6bdefeb035dac5b43867d7b45a0762029402f7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/ss-simple.min.js?ver=e122aaff HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:52:04 GMT
ETag: "33a2-5e835a186e6a1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3093
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
reversomatic.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Bar/BarHorizontal/Assets/dist/w-bar-horizontal.min.js?ver=e122aaff
34.237.251.45200 OK 1.4 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Bar/BarHorizontal/Assets/dist/w-bar-horizontal.min.js?ver=e122aaff
IP 34.237.251.45:0
File type ASCII text, with very long lines (3911), with no line terminators
Hash e3b9c6aa7fb4c64b9d45188ede542896
8f52874492b1db842f06265cc6d0fef1977bb547
aa3b31bf5643665bcc7a78ed01c7f9451864a5ce3ccf6a27affe3adb3fb05af5
GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Bar/BarHorizontal/Assets/dist/w-bar-horizontal.min.js?ver=e122aaff HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:52:04 GMT
ETag: "f47-5e835a186c761-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1438
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
reversomatic.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Arrow/ArrowImage/Assets/dist/w-arrow-image.min.js?ver=e122aaff
34.237.251.45200 OK 605 B URL HTTP/1.1 reversomatic.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Arrow/ArrowImage/Assets/dist/w-arrow-image.min.js?ver=e122aaff
IP 34.237.251.45:0
File type ASCII text, with very long lines (1248), with no line terminators
Hash d0fb0723b8838b1ef3e6ac8d2fa64255
b7c1568844435a5956f4ef3d9d8cfea388ca45d6
a3d5b43fd2291139a2cf5381ef0ee90378d282ddc04e1774efcc72a74b035fdf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Arrow/ArrowImage/Assets/dist/w-arrow-image.min.js?ver=e122aaff HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:17 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:52:04 GMT
ETag: "4e0-5e835a186c761-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 605
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
reversomatic.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Autoplay/AutoplayImage/Assets/dist/w-autoplay.min.js?ver=e122aaff
34.237.251.45200 OK 930 B URL HTTP/1.1 reversomatic.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Autoplay/AutoplayImage/Assets/dist/w-autoplay.min.js?ver=e122aaff
IP 34.237.251.45:0
File type ASCII text, with very long lines (2327), with no line terminators
Hash c8b8e7804228d19b9200e42b0e6f7b57
d3be180ec72b4775a4028a1f07f186f1e91836d0
58362886037ba5e48d5ba9d9b185535f55b55a4f75ca0308beb9a5a12d5758e1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Autoplay/AutoplayImage/Assets/dist/w-autoplay.min.js?ver=e122aaff HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:17 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:52:04 GMT
ETag: "917-5e835a186d701-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 930
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
reversomatic.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.4
34.237.251.45200 OK 2.6 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.4
IP 34.237.251.45:0
File type ASCII text, with very long lines (10019)
Hash 0ea81c35141c6a4692506e4fe8d36edb
392c5f96995e66d74c27ed5a42f93169c2f32d18
b7488fd21ad73e483cdcaf42097ea7787ffe0616477e29a537f53f6064e321ab
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.4 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:17 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:51:29 GMT
ETag: "4824-5e8359f6dba80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2592
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-content/themes/astra/assets/js/minified/style.min.js,qver=3.9.2.pagespeed.ce.kBCKqEq9Mt.js
34.237.251.45200 OK 2.7 kB URL HTTP/1.1 reversomatic.com/wp-content/themes/astra/assets/js/minified/style.min.js,qver=3.9.2.pagespeed.ce.kBCKqEq9Mt.js
IP 34.237.251.45:0
File type ASCII text, with very long lines (10398), with no line terminators
Hash 97cea445c7c0cec6df1760fc0cf5fefb
69aef0529522fab7eb0a6807897ade7eb0f4e90c
19f00f952b91cd466ae2dceee052773304dcc4a7f103d9b87d0ea62f9c0d0f4c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/astra/assets/js/minified/style.min.js,qver=3.9.2.pagespeed.ce.kBCKqEq9Mt.js HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:17 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
X-Original-Content-Length: 10398
Last-Modified: Fri, 09 Sep 2022 02:53:47 GMT
Expires: Tue, 03 Oct 2023 19:49:17 GMT
Cache-Control: max-age=31536000
Etag: W/"0-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2744
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
reversomatic.com/wp-content/plugins/embed-any-document/js/pdfobject.min.js?ver=2.7.1
34.237.251.45200 OK 1.7 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/embed-any-document/js/pdfobject.min.js?ver=2.7.1
IP 34.237.251.45:0
File type HTML document, ASCII text, with very long lines (3616)
Hash edbe458aa8735b5a5714e5e45de94ead
313b1af162c303f9aa81639d1732ea57e766b6f5
615ef7aa1978a061fd92b64db3d7b49dd774d0163ceac75a31354c90c8afc1fc
GET /wp-content/plugins/embed-any-document/js/pdfobject.min.js?ver=2.7.1 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:17 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:51:31 GMT
ETag: "f39-5e8359f8e90c8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1736
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
reversomatic.com/wp-content/plugins/embed-any-document/js/embed-public.min.js?ver=2.7.1
34.237.251.45200 OK 565 B URL HTTP/1.1 reversomatic.com/wp-content/plugins/embed-any-document/js/embed-public.min.js?ver=2.7.1
IP 34.237.251.45:0
File type ASCII text, with very long lines (1175), with no line terminators
Hash 012a5a51ef20ea0f2b784dea83bbbcac
4b2269523edd3d5c652ea08dc27f37d61154bc9f
bbc315d3cf690665ec6c0d2bb4809b9561fb2c84d7172d40f5f884399ed2dfd6
GET /wp-content/plugins/embed-any-document/js/embed-public.min.js?ver=2.7.1 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:17 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:51:31 GMT
ETag: "497-5e8359f8e90c8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 565
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
reversomatic.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
34.237.251.45200 OK 2.9 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP 34.237.251.45:0
File type ASCII text, with very long lines (9680), with no line terminators
Hash 7c2c4ebd10adb73367b5c5f0e1e5d3ce
a67e4fd0e3e7452e74b22517ba924b58307d7758
5244443e699788a134cc77adfc3fd18f03386df5fe49e6c82b057387ba4d0ebd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:17 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:51:14 GMT
ETag: "25d0-5e8359e88f7c9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2914
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/javascript
reversomatic.com/wp-content/plugins/contact-form-7,_includes,_js,_index.js,qver==5.6.3+woocommerce,_assets,_js,_jquery-blockui,_jquery.blockUI.min.js,qver==2.7.0-wc.6.8.2+woocommerce,_assets,_js,_js-cookie,_js.cookie.min.js,qver==2.1.4-wc.6.8.2.pagespeed.jc.pfXByNFAI0.js
34.237.251.45200 OK 7.9 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/contact-form-7,_includes,_js,_index.js,qver==5.6.3+woocommerce,_assets,_js,_jquery-blockui,_jquery.blockUI.min.js,qver==2.7.0-wc.6.8.2+woocommerce,_assets,_js,_js-cookie,_js.cookie.min.js,qver==2.1.4-wc.6.8.2.pagespeed.jc.pfXByNFAI0.js
IP 34.237.251.45:0
File type HTML document, ASCII text, with very long lines (12686)
Hash ce3282815ff3ca5e07d6f2219fb719e6
e5a2b0d41b81140da742d77778002ad763f6f3b4
e2a2b7be2c218c8780dd6a411b6f2c46454826e383a93de99d87fc6557dffb26
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7,_includes,_js,_index.js,qver==5.6.3+woocommerce,_assets,_js,_jquery-blockui,_jquery.blockUI.min.js,qver==2.7.0-wc.6.8.2+woocommerce,_assets,_js,_js-cookie,_js.cookie.min.js,qver==2.1.4-wc.6.8.2.pagespeed.jc.pfXByNFAI0.js HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:17 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Expires: Tue, 03 Oct 2023 19:49:07 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Mon, 03 Oct 2022 19:49:07 GMT
X-Original-Content-Length: 23554
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7920
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
reversomatic.com/wp-content/plugins/LayerSlider/static/js/greensock.js?ver=1.11.8
34.237.251.45404 Not Found 186 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/LayerSlider/static/js/greensock.js?ver=1.11.8
IP 34.237.251.45:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (29999), with CRLF, LF line terminators
Size 186 kB (186536 bytes)
Hash 46c5515c75dd57a7c93cf3893382be17
3851c6e4786a249f0d4047b17bf52d500cdfb89b
03b15d54cd600e509be4479abb6661053bed35d92ddd2647a24e54c41b55343b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/static/js/greensock.js?ver=1.11.8 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Powered-By: PHP/7.3.13
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://reversomatic.com/wp-json/>; rel="https://api.w.org/"
X-Frame-Options: SAMEORIGIN
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
reversomatic.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js,qver=6.8.2.pagespeed.ce.tywcuxUwoB.js
34.237.251.45200 OK 794 B URL HTTP/1.1 reversomatic.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js,qver=6.8.2.pagespeed.ce.tywcuxUwoB.js
IP 34.237.251.45:0
File type ASCII text, with very long lines (2139), with no line terminators
Hash 29307e8dec33cf3411ca4e1f2c84e9d0
484402289464d7ffb1475827f3438329d520bfc6
a2db59efaa416ef0c9d5d58f142cd5e44c475348cff20a664586fd3cda1b5f5b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js,qver=6.8.2.pagespeed.ce.tywcuxUwoB.js HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:17 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
X-Original-Content-Length: 2139
Last-Modified: Fri, 09 Sep 2022 02:52:15 GMT
Expires: Tue, 03 Oct 2023 19:49:17 GMT
Cache-Control: max-age=31536000
Etag: W/"0-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 794
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: application/javascript
reversomatic.com/wp-content,_plugins,_woocommerce,_assets,_js,_frontend,_cart-fragments.min.js,qver==6.8.2+wp-includes,_js,_imagesloaded.min.js,qver==4.1.4.pagespeed.jc.VPGyifz_NL.js
34.237.251.45200 OK 2.7 kB URL HTTP/1.1 reversomatic.com/wp-content,_plugins,_woocommerce,_assets,_js,_frontend,_cart-fragments.min.js,qver==6.8.2+wp-includes,_js,_imagesloaded.min.js,qver==4.1.4.pagespeed.jc.VPGyifz_NL.js
IP 34.237.251.45:0
File type ASCII text, with very long lines (5607)
Hash e254c3dc1ef88df1a11623425e0eea87
5d6514f9cf867591ee3bf81f056ce4fa19d89d80
eb2038c600f5082341f29fc1104896915c65495123339ae15b8737ac9529f4d9
Analyzer Verdict Alert fortinet Malware
GET /wp-content,_plugins,_woocommerce,_assets,_js,_frontend,_cart-fragments.min.js,qver==6.8.2+wp-includes,_js,_imagesloaded.min.js,qver==4.1.4.pagespeed.jc.VPGyifz_NL.js HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:17 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Expires: Tue, 03 Oct 2023 19:47:12 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Mon, 03 Oct 2022 19:47:12 GMT
X-Original-Content-Length: 8567
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2739
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/javascript
reversomatic.com/wp-content/plugins/LayerSlider/static/js/layerslider.transitions.js?ver=5.3.0
34.237.251.45404 Not Found 186 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/LayerSlider/static/js/layerslider.transitions.js?ver=5.3.0
IP 34.237.251.45:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (29999), with CRLF, LF line terminators
Size 186 kB (186536 bytes)
Hash e7004c68f2cc5e92c56dbd24c4f59ccc
475736337aed806a8660235a0067b166a1a95eb9
e671d072207100c87d7da60ff8986cd39392a4333738330932073486f4be33a2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/static/js/layerslider.transitions.js?ver=5.3.0 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Powered-By: PHP/7.3.13
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://reversomatic.com/wp-json/>; rel="https://api.w.org/"
X-Frame-Options: SAMEORIGIN
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
reversomatic.com/wp-content/plugins/multiple-products-to-cart-for-woocommerce/assets/js/mpc-frontend.js,qver=6.0.pagespeed.jm.2zBBclaw6k.js
34.237.251.45200 OK 4.0 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/multiple-products-to-cart-for-woocommerce/assets/js/mpc-frontend.js,qver=6.0.pagespeed.jm.2zBBclaw6k.js
IP 34.237.251.45:0
File type ASCII text, with very long lines (11107)
Hash 5b6649bfddff8121ccc87b31be2f817c
3c822a41a13c70052e17dc53655ce3bd45229e02
f152b813ddb467426287f7276cad4fb178ba740d1f3e15e3da761b33a89fe12b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/multiple-products-to-cart-for-woocommerce/assets/js/mpc-frontend.js,qver=6.0.pagespeed.jm.2zBBclaw6k.js HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:17 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Expires: Tue, 03 Oct 2023 19:47:12 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Mon, 03 Oct 2022 19:47:12 GMT
X-Original-Content-Length: 24695
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3992
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
reversomatic.com/wp-includes/js/underscore.min.js,qver=1.13.3.pagespeed.jm.f-5x3zCdcK.js
34.237.251.45200 OK 7.3 kB URL HTTP/1.1 reversomatic.com/wp-includes/js/underscore.min.js,qver=1.13.3.pagespeed.jm.f-5x3zCdcK.js
IP 34.237.251.45:0
File type ASCII text, with very long lines (18876), with no line terminators
Hash fd2d5121e1bdfd7facc8fa85afa00123
ccb72a06e251371abccaacd9e9ddd4961aeaaf75
4d5147bd7d5634b6e90698619763a0fd83f41b8a23a130ff0f71d21fe2fbe106
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/underscore.min.js,qver=1.13.3.pagespeed.jm.f-5x3zCdcK.js HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:17 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Expires: Tue, 03 Oct 2023 19:47:12 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Mon, 03 Oct 2022 19:47:12 GMT
X-Original-Content-Length: 18911
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7272
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
reversomatic.com/wp-content/plugins/woocommerce/assets/js/frontend,_add-to-cart-variation.min.js,qver==6.8.2+flexslider,_jquery.flexslider.min.js,qver==2.7.2-wc.6.8.2.pagespeed.jc.XxORcfKlGb.js
34.237.251.45200 OK 10 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/woocommerce/assets/js/frontend,_add-to-cart-variation.min.js,qver==6.8.2+flexslider,_jquery.flexslider.min.js,qver==2.7.2-wc.6.8.2.pagespeed.jc.XxORcfKlGb.js
IP 34.237.251.45:0
File type ASCII text, with very long lines (23460)
Hash 712c89cb910bc635e6f4434abf8ebcec
0791db7256d95a591d2039d507fafd9cf8cc64b4
2f0b5bf03f7e25c02009538b41c56a90b16eec0b32831cc40fbadc299a9cef5d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend,_add-to-cart-variation.min.js,qver==6.8.2+flexslider,_jquery.flexslider.min.js,qver==2.7.2-wc.6.8.2.pagespeed.jc.XxORcfKlGb.js HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:17 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Expires: Tue, 03 Oct 2023 19:49:07 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Mon, 03 Oct 2022 19:49:07 GMT
X-Original-Content-Length: 36655
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10029
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
reversomatic.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.4
34.237.251.45200 OK 2.2 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.4
IP 34.237.251.45:0
File type ASCII text, with very long lines (4918)
Hash abb2562ceee4773df98cc901e4c61cde
efddcd92a69b097df49c243dc0963dc281600392
9066b7f939e1b991e409f25d3308b523da39efcb70bef563a829b9cccd837c0a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.4 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:17 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:51:29 GMT
ETag: "135d-5e8359f6d8ba0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2194
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
reversomatic.com/wp-content,_plugins,_elementor,_assets,_js,_frontend-modules.min.js,qver==3.7.4+wp-content,_plugins,_elementor,_assets,_lib,_waypoints,_waypoints.min.js,qver==4.0.2+wp-includes,_js,_jquery,_ui,_core.min.js,qver==1.13.1.pagespeed.jc.tdc9_HkxKA.js
34.237.251.45200 OK 20 kB URL HTTP/1.1 reversomatic.com/wp-content,_plugins,_elementor,_assets,_js,_frontend-modules.min.js,qver==3.7.4+wp-content,_plugins,_elementor,_assets,_lib,_waypoints,_waypoints.min.js,qver==4.0.2+wp-includes,_js,_jquery,_ui,_core.min.js,qver==1.13.1.pagespeed.jc.tdc9_HkxKA.js
IP 34.237.251.45:0
File type Unicode text, UTF-8 text, with very long lines (33526)
Hash 4f375ef4e62ea8cfa53d985020c17a5b
5f30ff0d567117263ef02942bb2763d3f0ad7976
e722630f36f44af08b642d64c323cae017a079f066e1f1f7d323f9d6f4309c5c
Analyzer Verdict Alert fortinet Malware
GET /wp-content,_plugins,_elementor,_assets,_js,_frontend-modules.min.js,qver==3.7.4+wp-content,_plugins,_elementor,_assets,_lib,_waypoints,_waypoints.min.js,qver==4.0.2+wp-includes,_js,_jquery,_ui,_core.min.js,qver==1.13.1.pagespeed.jc.tdc9_HkxKA.js HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:17 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Expires: Tue, 03 Oct 2023 19:49:07 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Mon, 03 Oct 2022 19:49:07 GMT
X-Original-Content-Length: 65842
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 19890
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
reversomatic.com/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.tools.min.js?rev=4.6.0&ver=964c6ec6dcf7a95c70e4aa5b8954d266
34.237.251.45404 Not Found 186 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.tools.min.js?rev=4.6.0&ver=964c6ec6dcf7a95c70e4aa5b8954d266
IP 34.237.251.45:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (29999), with CRLF, LF line terminators
Size 186 kB (186536 bytes)
Hash c19b960b1e52841cbb38c1ce1fa91f6b
b7cbebc9968585fb30a3c92f7777ef221c2143ae
f418824dc010f476d399e9083c8dbc8a3c71c58d862e48e7c10a7716c985f148
GET /wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.tools.min.js?rev=4.6.0&ver=964c6ec6dcf7a95c70e4aa5b8954d266 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Powered-By: PHP/7.3.13
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://reversomatic.com/wp-json/>; rel="https://api.w.org/"
X-Frame-Options: SAMEORIGIN
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
reversomatic.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js,qver=5.3.6.pagespeed.jm.0kJnTpXBgJ.js
34.237.251.45200 OK 35 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js,qver=5.3.6.pagespeed.jm.0kJnTpXBgJ.js
IP 34.237.251.45:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ff98a2bc4af31f043dcd5ed432eaacf5
a9ba91adcba0b583a5b7ce4e2d12139e59c58c0b
6d6dff4dab152c69949634f3249c5fba4879e4d134eba96ff2a7ae29e8fef981
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js,qver=5.3.6.pagespeed.jm.0kJnTpXBgJ.js HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:17 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Expires: Tue, 03 Oct 2023 19:47:12 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Mon, 03 Oct 2022 19:47:12 GMT
X-Original-Content-Length: 139153
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 35163
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
reversomatic.com/wp-content/plugins/elementor/assets/lib/share-link,_share-link.min.js,qver==3.7.4+dialog,_dialog.min.js,qver==4.9.0.pagespeed.jc.fUMaCK-AQ8.js
34.237.251.45200 OK 4.5 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/elementor/assets/lib/share-link,_share-link.min.js,qver==3.7.4+dialog,_dialog.min.js,qver==4.9.0.pagespeed.jc.fUMaCK-AQ8.js
IP 34.237.251.45:0
File type ASCII text, with very long lines (10845)
Hash 76c4e0b7c82816ba7acb1b162b06fafd
537df27cfcdc15caa1977e5bc17da725a2ed7463
540701e67aa1d1579371e6d8cc43559f1a1d27ff8813259927375d8f8f5b1f23
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/share-link,_share-link.min.js,qver==3.7.4+dialog,_dialog.min.js,qver==4.9.0.pagespeed.jc.fUMaCK-AQ8.js HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:17 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Expires: Tue, 03 Oct 2023 19:49:07 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Mon, 03 Oct 2022 19:49:07 GMT
X-Original-Content-Length: 13302
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4454
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
reversomatic.com/wp-content/plugins/elementor/assets/js/frontend.min.js,qver==3.7.4+preloaded-modules.min.js,qver==3.7.4.pagespeed.jc.ZMqW74bI0I.js
34.237.251.45200 OK 25 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/elementor/assets/js/frontend.min.js,qver==3.7.4+preloaded-modules.min.js,qver==3.7.4.pagespeed.jc.ZMqW74bI0I.js
IP 34.237.251.45:0
File type ASCII text, with very long lines (41387)
Hash 1c38a3b8c99f587bcd3d2d94e1335ff9
eb634d143c40d11273a51b6ed1c751a2d266f8dc
fa2031664103764d88c2e659b5dd13b3d0031e92c95bf88ef09ca93b4aad9d55
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/frontend.min.js,qver==3.7.4+preloaded-modules.min.js,qver==3.7.4.pagespeed.jc.ZMqW74bI0I.js HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:17 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Expires: Tue, 03 Oct 2023 19:47:12 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Mon, 03 Oct 2022 19:47:12 GMT
X-Original-Content-Length: 83653
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 24645
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
reversomatic.com/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?rev=4.6.0&ver=964c6ec6dcf7a95c70e4aa5b8954d266
34.237.251.45404 Not Found 186 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?rev=4.6.0&ver=964c6ec6dcf7a95c70e4aa5b8954d266
IP 34.237.251.45:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (29999), with CRLF, LF line terminators
Size 186 kB (186536 bytes)
Hash b3a0e6b6ee0f876791a1f6229878357a
7f864805ebd3fbc4473a103713ef545a4dd2b80c
31200c988cff8514e64ca13857a4111db4bb557b2289cc5c7b8b1ad5f7c6cb8b
GET /wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?rev=4.6.0&ver=964c6ec6dcf7a95c70e4aa5b8954d266 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 03 Oct 2022 19:49:16 GMT
Server: Apache
X-Powered-By: PHP/7.3.13
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://reversomatic.com/wp-json/>; rel="https://api.w.org/"
X-Frame-Options: SAMEORIGIN
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
reversomatic.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen.min.css?ver=3.9.2
34.237.251.45200 OK 936 B URL HTTP/1.1 reversomatic.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen.min.css?ver=3.9.2
IP 34.237.251.45:0
File type ASCII text, with very long lines (5992), with no line terminators
Hash a57a348e593978ca4dad7d2927ff983c
df00fa58d343098632bdb9525e6dfe7acc99ff6d
1e1cf17a9bde06b7e012c6334fe7f7803359b0b705f965b8ef82df63a68e86a7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen.min.css?ver=3.9.2 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:17 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:53:47 GMT
ETag: "1768-5e835a7ae877f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 936
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/css
reversomatic.com/wp-admin/admin-ajax.php?action=addthis_global_options_settings&ver=964c6ec6dcf7a95c70e4aa5b8954d266
34.237.251.45200 OK 570 B URL HTTP/1.1 reversomatic.com/wp-admin/admin-ajax.php?action=addthis_global_options_settings&ver=964c6ec6dcf7a95c70e4aa5b8954d266
IP 34.237.251.45:0
File type ASCII text, with very long lines (870), with CRLF, LF line terminators
Hash 997c0e1cd71421c8ef1209a749ff2e04
0d58bba3e6f5932af0c6868ad31c1854ad3eb8ca
86e65f12105b6d2118a5fda47bae896fe61140ed23653ea787325eaeb45a3e15
GET /wp-admin/admin-ajax.php?action=addthis_global_options_settings&ver=964c6ec6dcf7a95c70e4aa5b8954d266 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:17 GMT
Server: Apache
X-Powered-By: PHP/7.3.13
Pragma: no-cache
X-Robots-Tag: noindex
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 570
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: application/x-javascript
reversomatic.com/wp-content/uploads/2019/08/Proudly-Canadian.jpg
34.237.251.45200 OK 3.1 kB URL HTTP/1.1 reversomatic.com/wp-content/uploads/2019/08/Proudly-Canadian.jpg
IP 34.237.251.45:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 116x30, components 3\012- data
Hash 1d482cf5b06695908545b7a46148d809
a33a9941d553d4798eacdf8292a0d7dc706de617
7f497c7646dff5983b2d6217000a3685e14eb5a35fe6887052dcbfa8d7115597
GET /wp-content/uploads/2019/08/Proudly-Canadian.jpg HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:17 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 23 Jun 2020 20:19:46 GMT
ETag: "c4a-5a8c614973c80"
Accept-Ranges: bytes
Content-Length: 3146
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
reversomatic.com/wp-content/uploads/2019/08/Reverso_Logo-358x72.gif
34.237.251.45200 OK 14 kB URL HTTP/1.1 reversomatic.com/wp-content/uploads/2019/08/Reverso_Logo-358x72.gif
IP 34.237.251.45:0
File type GIF image data, version 89a, 358 x 72\012- data
Hash d942192ca6323670564db6815a9c5c59
7f758a7afc962b146aea6059b2bde3664c30ba43
d4ba1e32288e771ba310822863622735d00041fb74676ae2c214a36ae4323b90
GET /wp-content/uploads/2019/08/Reverso_Logo-358x72.gif HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:17 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 30 Aug 2022 15:14:26 GMT
ETag: "3641-5e776d604dbff"
Accept-Ranges: bytes
Content-Length: 13889
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/gif
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 19:49:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 19:49:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
reversomatic.com/wp-content/plugins/ubermenu/assets/js/ubermenu.min.js?ver=3.6.0.1
34.237.251.45404 Not Found 186 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/ubermenu/assets/js/ubermenu.min.js?ver=3.6.0.1
IP 34.237.251.45:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (29999), with CRLF, LF line terminators
Size 186 kB (186536 bytes)
Hash e03f148676e50d995f52d39fa83c4d0d
91010b53e42476f91e67b92ecc299032febf1490
211da0cef05e4b6f222bd5bf82c6a957ffcff290c61e1d24260068ef9b61b2f1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ubermenu/assets/js/ubermenu.min.js?ver=3.6.0.1 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 03 Oct 2022 19:49:17 GMT
Server: Apache
X-Powered-By: PHP/7.3.13
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://reversomatic.com/wp-json/>; rel="https://api.w.org/"
X-Frame-Options: SAMEORIGIN
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 19:49:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 19:49:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://reversomatic.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 432910
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotoslab/v24/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4Omb2Rj.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/robotoslab/v24/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4Omb2Rj.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 12820, version 1.0\012- data
Hash 5c02543fd50416d417c4fde1410008d5
82803a4554e56c2247c2ce50e9a0a3c77b5e0730
084c044e1a353a41a04f9c923b418d582f8e8d3a1996053c8e4912a57d158799
GET /s/robotoslab/v24/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4Omb2Rj.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://reversomatic.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 16:41:43 GMT
expires: Fri, 29 Sep 2023 16:41:43 GMT
cache-control: public, max-age=31536000
age: 356855
last-modified: Mon, 11 Jul 2022 19:15:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://reversomatic.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 432910
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://reversomatic.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 03:08:55 GMT
expires: Sun, 01 Oct 2023 03:08:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 232823
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
reversomatic.com/wp-content/plugins/ubermenu/assets/fontawesome/webfonts/fa-solid-900.woff2
34.237.251.45200 OK 75 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/ubermenu/assets/fontawesome/webfonts/fa-solid-900.woff2
IP 34.237.251.45:0
File type Web Open Font Format (Version 2), TrueType, length 75440, version 329.-1049\012- data
Hash b5cf8ae26748570d8fb95a47f46b69e1
07bed153d47f9129a944ee54dd72952deed074c8
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ubermenu/assets/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://reversomatic.com/wp-content/plugins/ubermenu/assets/fontawesome/css/all.min.css?ver=964c6ec6dcf7a95c70e4aa5b8954d266
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:18 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 30 Jan 2020 20:56:59 GMT
ETag: "126b0-59d61b2beaa36"
Accept-Ranges: bytes
Content-Length: 75440
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: font/woff2
reversomatic.com/wp-content/themes/astra/assets/fonts/astra.woff
34.237.251.45200 OK 3.3 kB URL HTTP/1.1 reversomatic.com/wp-content/themes/astra/assets/fonts/astra.woff
IP 34.237.251.45:0
File type Web Open Font Format, TrueType, length 3304, version 1.0\012- data
Hash bfe0ed8503c926d68f58ed0408dfe0d0
0346d02d96ff7d2a0278bc10f4dfdf365c80eac3
ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/astra/assets/fonts/astra.woff HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:18 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:53:47 GMT
ETag: "ce8-5e835a7ae683f"
Accept-Ranges: bytes
Content-Length: 3304
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: font/woff
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 19:49:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
reversomatic.com/wp-content/uploads/2014/12/QCF-80-ES.png
34.237.251.45200 OK 127 kB URL HTTP/1.1 reversomatic.com/wp-content/uploads/2014/12/QCF-80-ES.png
IP 34.237.251.45:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 127 kB (127059 bytes)
Hash 32b906e8a351ccc7bad64310b310b949
72996b3ae6ae82257e9d028b986898894683a0fe
c2b61486bffbefc0abbf4de284d2cc2a0284b298c792d407f10d369612b52577
GET /wp-content/uploads/2014/12/QCF-80-ES.png HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:18 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 14 Aug 2019 13:56:17 GMT
ETag: "1f053-590141efa0240"
Accept-Ranges: bytes
Content-Length: 127059
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/png
reversomatic.com/wp-content/uploads/2021/04/softair-1.png
34.237.251.45200 OK 358 kB URL HTTP/1.1 reversomatic.com/wp-content/uploads/2021/04/softair-1.png
IP 34.237.251.45:0
File type PNG image data, 682 x 682, 8-bit/color RGBA, non-interlaced\012- data
Size 358 kB (358505 bytes)
Hash b7b84a03651456f695d4108df8d401c0
627149fa0ca15a055ceef164615cced9a19f5ef4
e0d5d8f8b1aab845579c18502bdbaacab8489c3ffbfa19ddcc36d7bf8661e8c6
GET /wp-content/uploads/2021/04/softair-1.png HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:18 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 28 Apr 2021 19:02:19 GMT
ETag: "57869-5c10d049e0478"
Accept-Ranges: bytes
Content-Length: 358505
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/png
reversomatic.com/wp-content/uploads/2015/01/RHRV-D100A.png
34.237.251.45200 OK 64 kB URL HTTP/1.1 reversomatic.com/wp-content/uploads/2015/01/RHRV-D100A.png
IP 34.237.251.45:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash 422494871072204f72cfdf92e2e50a1b
e6c0f9031058cadb7fd54838ccffc9ce4be5f67a
1ec7afda0663233b126e36378d8285bdec957202ad527ac5caf150cd9a76b380
GET /wp-content/uploads/2015/01/RHRV-D100A.png HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:18 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 14 Aug 2019 13:56:29 GMT
ETag: "f987-590141fb11d40"
Accept-Ranges: bytes
Content-Length: 63879
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/png
reversomatic.com/wp-content/uploads/2015/01/RI-150C-RI-200C-RI-250C-RI-500C-RI-700C-RI-900C.png
34.237.251.45200 OK 58 kB URL HTTP/1.1 reversomatic.com/wp-content/uploads/2015/01/RI-150C-RI-200C-RI-250C-RI-500C-RI-700C-RI-900C.png
IP 34.237.251.45:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash e450b64de5070739a94516cd6f4c40fb
1cffa414c6d8f0f0ca8e0c34e8028f9d2c7487aa
6b844f46e2e5feab0d5d2681108e9f05e50203d4dc4ec1095b6597757f0dd327
GET /wp-content/uploads/2015/01/RI-150C-RI-200C-RI-250C-RI-500C-RI-700C-RI-900C.png HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:18 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 14 Aug 2019 13:56:28 GMT
ETag: "e4a8-590141fa1db00"
Accept-Ranges: bytes
Content-Length: 58536
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png
reversomatic.com/?wordfence_lh=1&hid=FB99CA7B197942AC96C4748B3E50FF0D&r=0.06804048486783854
34.237.251.45200 OK 0 B URL HTTP/1.1 reversomatic.com/?wordfence_lh=1&hid=FB99CA7B197942AC96C4748B3E50FF0D&r=0.06804048486783854
IP 34.237.251.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?wordfence_lh=1&hid=FB99CA7B197942AC96C4748B3E50FF0D&r=0.06804048486783854 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:18 GMT
Server: Apache
X-Powered-By: PHP/7.3.13
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Link: <https://reversomatic.com/wp-json/>; rel="https://api.w.org/", <https://reversomatic.com/wp-json/wp/v2/pages/5681>; rel="alternate"; type="application/json", <https://reversomatic.com/>; rel=shortlink
Connection: close
X-Robots-Tag: noindex
X-Frame-Options: SAMEORIGIN
Content-Length: 0
Cache-Control: no-store, no-cache, must-revalidate, s-maxage=10
Content-Type: text/javascript;charset=UTF-8
reversomatic.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
34.237.251.45200 OK 77 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP 34.237.251.45:0
File type Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Hash f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://reversomatic.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:18 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 09 Sep 2022 02:51:29 GMT
ETag: "12bdc-5e8359f6dd9c0"
Accept-Ranges: bytes
Content-Length: 76764
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: font/woff2
reversomatic.com/wp-content/uploads/2020/06/Vacuum-Cleaner.png
34.237.251.45200 OK 128 kB URL HTTP/1.1 reversomatic.com/wp-content/uploads/2020/06/Vacuum-Cleaner.png
IP 34.237.251.45:0
File type PNG image data, 719 x 720, 8-bit/color RGBA, non-interlaced\012- data
Size 128 kB (128393 bytes)
Hash f2ad8cf0ffe6c8c64b31e71f2dcb7645
62324f0a4c8b069ecfca7b50ba60509d9b5be05c
ccf4b4aa202ecaa8bf7f143749dc26cf09bb341678fed608f30441a04ebfa796
GET /wp-content/uploads/2020/06/Vacuum-Cleaner.png HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:18 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 30 Jun 2020 18:44:29 GMT
ETag: "1f589-5a95190b85d40"
Accept-Ranges: bytes
Content-Length: 128393
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/png
reversomatic.com/wp-content/uploads/2015/01/4000-200.png
34.237.251.45200 OK 33 kB URL HTTP/1.1 reversomatic.com/wp-content/uploads/2015/01/4000-200.png
IP 34.237.251.45:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash afedce0afc609305dcce2a0a8374c536
9b6262f5e1779d5d374bf7e25058806ee5bd1a60
83802fe119db125fecaec135d2c142a63cb73f39c10876ec5791f42ee5f74fd2
GET /wp-content/uploads/2015/01/4000-200.png HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:18 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 14 Aug 2019 13:56:25 GMT
ETag: "80cd-590141f741440"
Accept-Ranges: bytes
Content-Length: 32973
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/png
reversomatic.com/wp-content/uploads/2020/06/bg-2.png
34.237.251.45200 OK 87 kB URL HTTP/1.1 reversomatic.com/wp-content/uploads/2020/06/bg-2.png
IP 34.237.251.45:0
File type PNG image data, 1200 x 150, 8-bit/color RGB, non-interlaced\012- data
Hash a6895326e9b1cea268b0c75b3d16a1d9
924bc74ce4e69e93d76a127198ef48b108244d6a
f2bd50794f38ae20e31c3dfee8821815ff88213a78067312bccaa38f86fb9ea6
GET /wp-content/uploads/2020/06/bg-2.png HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:18 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 03 Jun 2020 17:31:29 GMT
ETag: "15497-5a73165f21c43"
Accept-Ranges: bytes
Content-Length: 87191
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
reversomatic.com/wp-content/uploads/2015/01/RBD-RDD-Series.png
34.237.251.45200 OK 78 kB URL HTTP/1.1 reversomatic.com/wp-content/uploads/2015/01/RBD-RDD-Series.png
IP 34.237.251.45:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash 287b4148a37054913f3e63ca0f94593c
efa390cbd40c6cdccc03336d2f0faf115c711336
285aa07aed56c0fcafdbc8a5d32ce4dad6266755611893410cb7c44a98e59d39
GET /wp-content/uploads/2015/01/RBD-RDD-Series.png HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:18 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 14 Aug 2019 13:56:29 GMT
ETag: "13262-590141fb11d40"
Accept-Ranges: bytes
Content-Length: 78434
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: image/png
reversomatic.com/wp-content/uploads/2020/11/HEAP.png
34.237.251.45200 OK 466 kB URL HTTP/1.1 reversomatic.com/wp-content/uploads/2020/11/HEAP.png
IP 34.237.251.45:0
File type PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced\012- data
Size 466 kB (466095 bytes)
Hash d75b01cbc1f8bd091571891e4722d4ef
6906caffb22d4a2639ff3b640d116c2c7ae3d078
7b1d19cfd8545cd411e0efa28d65c8ee9121c7187f96fe71431f15bdd21fac16
GET /wp-content/uploads/2020/11/HEAP.png HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:18 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 24 Nov 2020 14:44:59 GMT
ETag: "71caf-5b4db5ae6aff3"
Accept-Ranges: bytes
Content-Length: 466095
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/png
reversomatic.com/wp-content/uploads/elementor/thumbs/Untitled-1%20(002)-p2ror54lbb9804lylc8o8badamgi2k9pacogbxfyb2.png
34.237.251.45200 OK 169 kB URL HTTP/1.1 reversomatic.com/wp-content/uploads/elementor/thumbs/Untitled-1%20(002)-p2ror54lbb9804lylc8o8badamgi2k9pacogbxfyb2.png
IP 34.237.251.45:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 169 kB (168586 bytes)
Hash 208beec2cd92fae2a716eb5572b81359
02bc8529834a09efae8d745fd5695ab442ce395a
7cd16af82b371bf2daa93f81a384b6e5331cf463e1bf944a1802bea497f470e1
GET /wp-content/uploads/elementor/thumbs/Untitled-1%20(002)-p2ror54lbb9804lylc8o8badamgi2k9pacogbxfyb2.png HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:17 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 12 Feb 2021 19:36:32 GMT
ETag: "3961e-5bb28c0e59ada"
Accept-Ranges: bytes
Content-Length: 235038
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/png
reversomatic.com/wp-content/uploads/2022/03/COVID-19-768x432.png
34.237.251.45200 OK 111 kB URL HTTP/1.1 reversomatic.com/wp-content/uploads/2022/03/COVID-19-768x432.png
IP 34.237.251.45:0
File type PNG image data, 768 x 432, 8-bit/color RGBA, non-interlaced\012- data
Size 111 kB (111252 bytes)
Hash 89c0344a421064ac9fb19c4b7e6f9bb9
3888505d5a8c2e0f4760665732d28f08e04c4b4e
cd323560db553a0cb23b6c1f7cd576df0ea170af46dc6140ec20452bab09d348
GET /wp-content/uploads/2022/03/COVID-19-768x432.png HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:18 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 17 Mar 2022 13:14:26 GMT
ETag: "1b294-5da69cf34734c"
Accept-Ranges: bytes
Content-Length: 111252
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: image/png
reversomatic.com/wp-content/uploads/2015/01/UBD-UDD-Series.png
34.237.251.45200 OK 64 kB URL HTTP/1.1 reversomatic.com/wp-content/uploads/2015/01/UBD-UDD-Series.png
IP 34.237.251.45:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash 474c8eadcb1992e095ce618087da09cc
8560255bb8805a911171991cb4b6649de4566b67
05158e0adbc1c023824dbc016bfbd7b08fd9c5ab2c7708e5ba52796157397c18
GET /wp-content/uploads/2015/01/UBD-UDD-Series.png HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:18 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 14 Aug 2019 13:56:24 GMT
ETag: "f84f-590141f64d200"
Accept-Ranges: bytes
Content-Length: 63567
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: image/png
reversomatic.com/wp-content/uploads/2018/01/bg-.png
34.237.251.45200 OK 256 kB URL HTTP/1.1 reversomatic.com/wp-content/uploads/2018/01/bg-.png
IP 34.237.251.45:0
File type PNG image data, 1120 x 380, 8-bit/color RGB, non-interlaced\012- data
Size 256 kB (255759 bytes)
Hash 4d5730ea62470ca9b920bc2897f785d5
c6164b1014bd37bb9fbcf19a90c7779d00421929
9266c35eccdbf1c3fb563adf3fc865612e103dfca60b77d9e5d75dd2c1781c53
GET /wp-content/uploads/2018/01/bg-.png HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:18 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 03 Jun 2020 07:35:50 GMT
ETag: "3e70f-5a72913c16f1d"
Accept-Ranges: bytes
Content-Length: 255759
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
reversomatic.com/wp-content/plugins/ubermenu/assets/js/ubermenu.min.js?ver=3.6.0.1
34.237.251.45404 Not Found 185 kB URL HTTP/1.1 reversomatic.com/wp-content/plugins/ubermenu/assets/js/ubermenu.min.js?ver=3.6.0.1
IP 34.237.251.45:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (29999), with CRLF, LF line terminators
Size 185 kB (185149 bytes)
Hash c3af978bfd8fdd31a474267ad898e3bd
4b180715b3f22e4c3bc59a1edafff6a59cb144ec
e9995c4b1a46271fdf812d0be90915d4fe64b5cb65b31f38eea211b038b8a868
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ubermenu/assets/js/ubermenu.min.js?ver=3.6.0.1 HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 03 Oct 2022 19:49:18 GMT
Server: Apache
X-Powered-By: PHP/7.3.13
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://reversomatic.com/wp-json/>; rel="https://api.w.org/"
X-Frame-Options: SAMEORIGIN
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
reversomatic.com/wp-content/uploads/2015/01/500-S.D..png
34.237.251.45200 OK 79 kB URL HTTP/1.1 reversomatic.com/wp-content/uploads/2015/01/500-S.D..png
IP 34.237.251.45:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash 280d3aa4f031757792db8a6e861443f3
3627785fe614f19fa850d183b64440c544d25baf
b49264d3c70d92fb8a359532e004da07ffa9877a77eca898301c9c8e034866d6
GET /wp-content/uploads/2015/01/500-S.D..png HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:18 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 14 Aug 2019 13:56:26 GMT
ETag: "1355b-590141f835680"
Accept-Ranges: bytes
Content-Length: 79195
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
z.moatads.com/addthismoatframe568911941483/moatframe.js
95.101.172.146200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 95.101.172.146:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TYrAmp44ddThNKrHeBmfOrJOox8ItZdAJeP4Uj7Uut6T7Jvp1PpX/XFzXT0gU1oJH/SwK8Irisw=
x-amz-request-id: 598E0BAF9E725A50
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
unused62: 8096267
cache-control: max-age=31708
date: Mon, 03 Oct 2022 19:49:18 GMT
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
216.58.207.202200 OK 23 B URL HTTP/2 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 216.58.207.202:0
File type JSON data\012- , ASCII text
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://reversomatic.com
Connection: keep-alive
Referer: https://reversomatic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 03 Oct 2022 19:49:18 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://reversomatic.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
reversomatic.com/favicon.ico
34.237.251.45302 Found 3 B URL HTTP/1.1 reversomatic.com/favicon.ico
IP 34.237.251.45:0
File type ASCII text, with CRLF, LF line terminators
Hash 0c11bb317bd26e93c30821526c3834bd
70b99746fbf26b12b541d4c1a8451fd98b249bb2
7393ba4f11e19a5f6bee10ed995b0d959a52c4470855f6d68d4d1e34e26cb70f
GET /favicon.ico HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3; __atuvc=1%7C40; __atuvs=633b3cbd60cb97a1000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Date: Mon, 03 Oct 2022 19:49:18 GMT
Server: Apache
X-Powered-By: PHP/7.3.13
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Link: <https://reversomatic.com/wp-json/>; rel="https://api.w.org/"
X-Redirect-By: WordPress
X-Frame-Options: SAMEORIGIN
Location: https://reversomatic.com/wp-includes/images/w-logo-blue-white-bg.png
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
2.18.172.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 2.18.172.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Mon, 03 Oct 2022 19:49:18 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
reversomatic.com/?wc-ajax=get_refreshed_fragments
34.237.251.45200 OK 992 B URL HTTP/1.1 reversomatic.com/?wc-ajax=get_refreshed_fragments
IP 34.237.251.45:0
File type JSON data\012- HTML document, ASCII text, with very long lines (989), with CRLF, LF line terminators
Hash 85206605c192c016b93b4cb3a5316eb1
a87977458dd645c4f7e3784e26cc8b423617df0e
6a8d919f051a2970d62fd059289c984a2c018e98940ee49d43b1b1d1df65ea82
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://reversomatic.com
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3; __atuvc=1%7C40; __atuvs=633b3cbd60cb97a1000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:18 GMT
Server: Apache
X-Powered-By: PHP/7.3.13
Pragma: no-cache
Access-Control-Allow-Origin: https://reversomatic.com
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Frame-Options: SAMEORIGIN
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8
m.addthis.com/live/red_lojson/300lo.json?si=633b3cbde7d1b7ff&bkl=0&bl=1&pdt=1704&sid=633b3cbde7d1b7ff&pub=wp-2eb0d9f94fe6da2377537f9e8cb6d12b&rev=v8.28.8-wp&ln=en&pc=wpp&cb=0&ab=-&dp=reversomatic.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1664826558540&wpv=wpp-6.2.7&addthis_plugin_info=%7B%22info_status%22%3A%22enabled%22%2C%22cms_name%22%3A%22WordPress%22%2C%22plugin_name%22%3A%22Share%20Buttons%20by%20AddThis%22%2C%22plugin_version%22%3A%226.2.7%22%2C%22plugin_mode%22%3A%22WordPress%22%2C%22anonymous_profile_id%22%3A%22wp-2eb0d9f94fe6da2377537f9e8cb6d12b%22%2C%22page_info%22%3A%7B%22template%22%3Afalse%7D%7D&jsl=1&uvs=633b3cbd60cb97a1000&skipb=1&callback=addthis.cbs.jsonp__033611276444860840
2.18.172.123200 OK 90 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=633b3cbde7d1b7ff&bkl=0&bl=1&pdt=1704&sid=633b3cbde7d1b7ff&pub=wp-2eb0d9f94fe6da2377537f9e8cb6d12b&rev=v8.28.8-wp&ln=en&pc=wpp&cb=0&ab=-&dp=reversomatic.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1664826558540&wpv=wpp-6.2.7&addthis_plugin_info=%7B%22info_status%22%3A%22enabled%22%2C%22cms_name%22%3A%22WordPress%22%2C%22plugin_name%22%3A%22Share%20Buttons%20by%20AddThis%22%2C%22plugin_version%22%3A%226.2.7%22%2C%22plugin_mode%22%3A%22WordPress%22%2C%22anonymous_profile_id%22%3A%22wp-2eb0d9f94fe6da2377537f9e8cb6d12b%22%2C%22page_info%22%3A%7B%22template%22%3Afalse%7D%7D&jsl=1&uvs=633b3cbd60cb97a1000&skipb=1&callback=addthis.cbs.jsonp__033611276444860840
IP 2.18.172.123:0
File type ASCII text, with no line terminators
Hash 6aef78a54a6ec59c29a573065431948e
1aa8e0f8c63066a0f10a7798460c72f554c18126
3d101854d735f11013f0e3af95c3e10be1bae3f0e72ea8681eca4c4711f55a5b
GET /live/red_lojson/300lo.json?si=633b3cbde7d1b7ff&bkl=0&bl=1&pdt=1704&sid=633b3cbde7d1b7ff&pub=wp-2eb0d9f94fe6da2377537f9e8cb6d12b&rev=v8.28.8-wp&ln=en&pc=wpp&cb=0&ab=-&dp=reversomatic.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1664826558540&wpv=wpp-6.2.7&addthis_plugin_info=%7B%22info_status%22%3A%22enabled%22%2C%22cms_name%22%3A%22WordPress%22%2C%22plugin_name%22%3A%22Share%20Buttons%20by%20AddThis%22%2C%22plugin_version%22%3A%226.2.7%22%2C%22plugin_mode%22%3A%22WordPress%22%2C%22anonymous_profile_id%22%3A%22wp-2eb0d9f94fe6da2377537f9e8cb6d12b%22%2C%22page_info%22%3A%7B%22template%22%3Afalse%7D%7D&jsl=1&uvs=633b3cbd60cb97a1000&skipb=1&callback=addthis.cbs.jsonp__033611276444860840 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 90
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Mon, 03 Oct 2022 19:49:19 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 129fe858bf2aa7291fd2c6dd4cf9d226
e3e048b964b851ebbdcfb5bd80ebdbad13720cf6
addc7e4ddab73c8c7ee50f6d33fc1e4ff73b71cc014e481049a393c3b87b0924
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 19:49:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/breeserif/v17/4UaHrEJCrhhnVA3DgluA96rp5w.woff2
216.58.207.195200 OK 10 kB URL HTTP/2 fonts.gstatic.com/s/breeserif/v17/4UaHrEJCrhhnVA3DgluA96rp5w.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 10408, version 1.0\012- data
Hash 81c6acfc5359bb4444253fa19103bd44
659399ecc0510c3ec7e042baded9b51644298631
cb27fcf27e09328582b85835364d5a2dd4dd134ed69841913069574c3676f272
GET /s/breeserif/v17/4UaHrEJCrhhnVA3DgluA96rp5w.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://reversomatic.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10408
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 20:52:49 GMT
expires: Fri, 29 Sep 2023 20:52:49 GMT
cache-control: public, max-age=31536000
age: 341790
last-modified: Thu, 21 Apr 2022 16:47:17 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
reversomatic.com/wp-includes/images/w-logo-blue-white-bg.png
34.237.251.45200 OK 4.1 kB URL HTTP/1.1 reversomatic.com/wp-includes/images/w-logo-blue-white-bg.png
IP 34.237.251.45:0
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://reversomatic.com/
Connection: keep-alive
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3; __atuvc=1%7C40; __atuvs=633b3cbd60cb97a1000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:19 GMT
Server: Apache
Content-Length: 4119
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 19 Aug 2020 20:41:00 GMT
ETag: "1017-5ad41057d9cc7"
Accept-Ranges: bytes
Expires: Mon, 03 Oct 2022 19:52:14 GMT
Cache-Control: s-maxage=10
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/png
www.youtube.com/iframe_api
142.250.74.14200 OK 958 B URL HTTP/2 www.youtube.com/iframe_api
IP 142.250.74.14:0
File type ASCII text, with very long lines (509)
Hash 69e35e3fa768f7636777bfb1065c750f
ba4e4aa228ce39bf6f61737e3a6d27b7c5394490
60ba66a3dc1d141f8853825267b67ebd8f800b06e50f54a31a12d61a659908d1
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Mon, 03 Oct 2022 19:49:19 GMT
date: Mon, 03 Oct 2022 19:49:19 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=C-iaO1BjHcs; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=sFzoOL32LdM; Domain=.youtube.com; Expires=Sat, 01-Apr-2023 19:49:19 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+369; expires=Wed, 02-Oct-2024 19:49:19 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
reversomatic.com/wp-content/uploads/2020/06/COMERCIAL-FANS-0.jpg
34.237.251.45200 OK 429 kB URL HTTP/1.1 reversomatic.com/wp-content/uploads/2020/06/COMERCIAL-FANS-0.jpg
IP 34.237.251.45:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.2 (Windows), datetime=2020:06:30 15:23:39], baseline, precision 8, 1280x576, components 3\012- data
Size 429 kB (428643 bytes)
Hash 0d5bcbbb436186e7b3b842833a6df7f5
aec7cc26d74fe1587ef19c475277b788f80164b9
90a01dad90e7288620bb6c7d885b873c7e7026573eeababbe5a8c99eec23c2a6
GET /wp-content/uploads/2020/06/COMERCIAL-FANS-0.jpg HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3; __atuvc=1%7C40; __atuvs=633b3cbd60cb97a1000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:19 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 30 Jun 2020 19:29:56 GMT
ETag: "68a63-5a9523346aed6"
Accept-Ranges: bytes
Content-Length: 428643
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/jpeg
reversomatic.com/wp-content/uploads/2020/06/HRV-ERV-SERIES-0.jpg
34.237.251.45200 OK 394 kB URL HTTP/1.1 reversomatic.com/wp-content/uploads/2020/06/HRV-ERV-SERIES-0.jpg
IP 34.237.251.45:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.2 (Windows), datetime=2020:06:30 15:22:32], baseline, precision 8, 1024x461, components 3\012- data
Size 394 kB (394381 bytes)
Hash 8e56bb9c755472873c64072ca68fa8e4
77e1dde400e9f03dc5c3492808fc4ae975055d5c
3744bb1b6861d04584f02b1def8aae6404810c5a58f2b49bdb824b4df97e7c5e
GET /wp-content/uploads/2020/06/HRV-ERV-SERIES-0.jpg HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3; __atuvc=1%7C40; __atuvs=633b3cbd60cb97a1000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:19 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 30 Jun 2020 19:28:35 GMT
ETag: "6048d-5a9522e7880bb"
Accept-Ranges: bytes
Content-Length: 394381
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/jpeg
reversomatic.com/wp-content/uploads/2020/06/KITCHEN-RANGE-HOODS-0.jpg
34.237.251.45200 OK 270 kB URL HTTP/1.1 reversomatic.com/wp-content/uploads/2020/06/KITCHEN-RANGE-HOODS-0.jpg
IP 34.237.251.45:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.2 (Windows), datetime=2020:06:30 15:20:18], baseline, precision 8, 1024x461, components 3\012- data
Size 270 kB (270443 bytes)
Hash de24bda664e6e941cfd3986a5739be52
e56f9fa750fa70cce4d7d82c42274d6a97570010
c18a209a2e207cd608e6ccbfec80eea8220427ef34c29a6b8cd66526b231c0ba
GET /wp-content/uploads/2020/06/KITCHEN-RANGE-HOODS-0.jpg HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3; __atuvc=1%7C40; __atuvs=633b3cbd60cb97a1000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:19 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 30 Jun 2020 19:28:51 GMT
ETag: "4206b-5a9522f703c4f"
Accept-Ranges: bytes
Content-Length: 270443
Keep-Alive: timeout=5, max=80
Connection: Keep-Alive
Content-Type: image/jpeg
reversomatic.com/wp-content/uploads/2020/06/BATHROOM-FANS-0.jpg
34.237.251.45200 OK 303 kB URL HTTP/1.1 reversomatic.com/wp-content/uploads/2020/06/BATHROOM-FANS-0.jpg
IP 34.237.251.45:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.2 (Windows), datetime=2020:06:30 15:21:47], baseline, precision 8, 1024x461, components 3\012- data
Size 303 kB (303275 bytes)
Hash f71dc915ee67fa0054d049bd9af711e3
0d2b4d0e342baa4127288180974fb7e6998f6bb2
afb5ece81e45815064776e683cb938fec5ea3929580d8b2cc25b12de45a87209
GET /wp-content/uploads/2020/06/BATHROOM-FANS-0.jpg HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3; __atuvc=1%7C40; __atuvs=633b3cbd60cb97a1000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:19 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 30 Jun 2020 19:28:20 GMT
ETag: "4a0ab-5a9522d96cd92"
Accept-Ranges: bytes
Content-Length: 303275
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: image/jpeg
reversomatic.com/wp-content/uploads/2020/06/DRYER-BOOSTER-FANS-0.jpg
34.237.251.45200 OK 216 kB URL HTTP/1.1 reversomatic.com/wp-content/uploads/2020/06/DRYER-BOOSTER-FANS-0.jpg
IP 34.237.251.45:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.2 (Windows), datetime=2020:06:30 15:20:59], baseline, precision 8, 1024x461, components 3\012- data
Size 216 kB (216394 bytes)
Hash de57183f4136ad81333b4a48de02706b
559b0eb8d0fb1d98bfdbf60840b43bd22ad99809
09b194bda10d9721b18f150c8ce2e2e7fd9d074edcb8e70e046bccc58d43c066
GET /wp-content/uploads/2020/06/DRYER-BOOSTER-FANS-0.jpg HTTP/1.1
Host: reversomatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Cookie: PHPSESSID=op4tg8g8b0nj3inrcpe1dhovi3; __atuvc=1%7C40; __atuvs=633b3cbd60cb97a1000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 19:49:19 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 30 Jun 2020 19:27:42 GMT
ETag: "34d4a-5a9522b4b2d83"
Accept-Ranges: bytes
Content-Length: 216394
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 12:31:58 GMT
expires: Sun, 01 Oct 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 199041
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Sep 2022 00:48:31 GMT
expires: Sat, 30 Sep 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 327648
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=964c6ec6dcf7a95c70e4aa5b8954d266
142.250.74.10200 OK 1.6 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=964c6ec6dcf7a95c70e4aa5b8954d266
IP 142.250.74.10:0
Hash 0e552907fc503ad898d6c43a95f506b4
271e755b2954dfedc4df4cf90eb5c0ee38970fbb
b8a21e6dde6207c1031a6b910f96529f4075c3c2e5d12ac0a36291ef1f1a8624
GET /css?family=Open+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=964c6ec6dcf7a95c70e4aa5b8954d266 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 03 Oct 2022 19:49:16 GMT
date: Mon, 03 Oct 2022 19:49:16 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 544d205b2f709e0bed39ebfc751d6187
71559b505f318323405eeb5ff59499c63e806559
692e14681ceb7536d5c09cf8700810a258b574e02e93c391e7551690111a5bc7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 19:49:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.166200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.166:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 19:37:31 GMT
expires: Mon, 03 Oct 2022 19:52:31 GMT
cache-control: public, max-age=900
age: 709
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.202200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 03 Oct 2022 19:49:20 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
216.58.207.226302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 216.58.207.226:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Mon, 03 Oct 2022 19:49:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.202200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.202:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash d0f264501159a479d969034a94d9bdb8
9a994e6f5dcd3f937019ab9288f9028cc6b6fbca
4f1f40b47f274b46ce68d1b43c3fe558f992a45e0cbd9205fe14187388a3e3b5
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 03 Oct 2022 19:49:20 GMT
server: ESF
cache-control: private
content-length: 30935
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7fcf68ce4ab8a8c46d949f42f2961759
83dcd143e8516eabdd91670eeb6c2a824d1fcf18
ee14566fcde4411a8290f07bc61c28b02e953fc766c8b450f2419479f49b47f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 19:49:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 544d205b2f709e0bed39ebfc751d6187
71559b505f318323405eeb5ff59499c63e806559
692e14681ceb7536d5c09cf8700810a258b574e02e93c391e7551690111a5bc7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 19:49:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53aa134dc3b33b709b6ccf39e549055f
2e85a28ef73d7c403ad693fc8602e95fe3d803f3
877de7cadd4fc848afaac488f89ed987929505b563a03eb79e4e9d8fa0b41a0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 19:49:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ba9ef0c50e7620672d6f76aefd565aad
732ed324db4ae23ae4d1673b0402672415db4edf
5ee71b7ce1f34397dd6af1b51acd28a364c8bb39f4498651a8d464b8be490fd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 19:49:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/RLowZH2Xcwtj3dY_yGSeKf8RcILu2Rj3JTO2BWyvP7U.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/RLowZH2Xcwtj3dY_yGSeKf8RcILu2Rj3JTO2BWyvP7U.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36288)
Hash fbfd3c94b2bff52e528e30e47e759e35
610c710509fd4c81f8c1cb6373694cdd756b9c6a
ba673825910e584be07daff4cccffd1b0b1653b936bd3c5841a268a030164912
GET /js/th/RLowZH2Xcwtj3dY_yGSeKf8RcILu2Rj3JTO2BWyvP7U.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14348
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 04:21:54 GMT
expires: Sun, 01 Oct 2023 04:21:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 27 Sep 2022 17:00:00 GMT
content-type: text/javascript
age: 228446
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c13a9bf4003891ab621ca04b258f9880
8b0fb77ebf4d31235c62a8f10b1b8e4b4f77ad77
eb06a3da143e66c58a0e707ecd9b2b0818adc44b0f4e5244ac62545be8db4dd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 19:49:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/G0LgVR9b3rM/sddefault.jpg
142.250.74.150200 OK 46 kB URL HTTP/2 i.ytimg.com/vi/G0LgVR9b3rM/sddefault.jpg
IP 142.250.74.150:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash 89fc20c5765144f493b333bbf941a9bf
e25cdfce261b312214e9e8123953146d1f2590d4
71aa5d88b2fac256c66a63ba928394191f13f59f86d915c8b163419d0e53f615
GET /vi/G0LgVR9b3rM/sddefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 45485
date: Mon, 03 Oct 2022 19:49:20 GMT
expires: Mon, 03 Oct 2022 21:49:20 GMT
cache-control: public, max-age=7200
etag: "1595422873"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9aefbd5315a10afbd9dadc8536e2824a
797eaba10ac56913f4f21546da9afb302ca1cf6b
f55778da82d7fbb46ebbe45c52172c3f9970c3638836298caf592d160174b2e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 19:49:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu8M53wuOUon_fZRbz4ewueOwWdAYdc1mtX0yQ=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 1.0 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu8M53wuOUon_fZRbz4ewueOwWdAYdc1mtX0yQ=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash eaca51b5ac4580373ae226893b6f1091
d0e6cb4691c2392d1eadca71ddfdbc5f892313af
b8fdf80509225019556bc78463b5d9d87029c336f8d8ce19b3f23b7940053c42
GET /ytc/AMLnZu8M53wuOUon_fZRbz4ewueOwWdAYdc1mtX0yQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 04 Oct 2022 19:49:20 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 19:49:20 GMT
server: fife
content-length: 1010
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 330a54973c6803084afff8e22fdc650d
59986d6e103903fe988a943c2e97189a0adac1ce
bcc948b36dad8f333fa6454a13d4df6f940d5b2d2ddbca330a3848831b81a576
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 19:49:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.207.202200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.207.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 03 Oct 2022 19:49:20 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.207.202200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.207.202:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 51a7051536b48aec83c89b2d4e20b57d
be22a6a56a0bc63dd4ddb09bae130d67cbf47922
80cb7297d076794b6823c9added602e7d30d297ee71b221766696309a4f3dba1
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1171
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 03 Oct 2022 19:49:20 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A%2C300%2C400%2C700&ver=964c6ec6dcf7a95c70e4aa5b8954d266
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A%2C300%2C400%2C700&ver=964c6ec6dcf7a95c70e4aa5b8954d266
IP 142.250.74.10:0
GET /css?family=Open+Sans%3A%2C300%2C400%2C700&ver=964c6ec6dcf7a95c70e4aa5b8954d266 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 03 Oct 2022 19:49:16 GMT
date: Mon, 03 Oct 2022 19:49:16 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular%7COswald:300,regular,700&subset=latin%2Clatin-ext
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular%7COswald:300,regular,700&subset=latin%2Clatin-ext
IP 142.250.74.10:0
GET /css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular%7COswald:300,regular,700&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 03 Oct 2022 19:49:16 GMT
date: Mon, 03 Oct 2022 19:49:16 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A400%2C%2C500%2C700%7CRoboto+Slab%3A700%7CLora%3A400&display=fallback&ver=3.9.2
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A400%2C%2C500%2C700%7CRoboto+Slab%3A700%7CLora%3A400&display=fallback&ver=3.9.2
IP 142.250.74.10:0
GET /css?family=Roboto%3A400%2C%2C500%2C700%7CRoboto+Slab%3A700%7CLora%3A400&display=fallback&ver=3.9.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reversomatic.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 03 Oct 2022 19:49:16 GMT
date: Mon, 03 Oct 2022 19:49:16 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2