r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12924
Expires: Mon, 05 Dec 2022 23:22:33 GMT
Date: Mon, 05 Dec 2022 19:47:09 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5708
Cache-Control: max-age=145158
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:47:09 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 12:06:27 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6681
Expires: Mon, 05 Dec 2022 21:38:30 GMT
Date: Mon, 05 Dec 2022 19:47:09 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 19:20:18 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1611
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: eEmrDsa1xX+Xa10nNZvr6TldMfYKek402M2kBZvGPxaWG7VS+XiuxMhmY79Y2VL0OSXWWiU/Prs=
x-amz-request-id: 7QSYK1YH30EXTZG3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 18:48:37 GMT
age: 3512
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 19:47:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 19:11:19 GMT
cache-control: public,max-age=3600
age: 2151
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
kbec.3rdeyehosting.com/
192.185.129.96200 OK 37 kB IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (18740)
Hash 7ae48a4d6a85004e5d535f1e24582a27
c9cc9b5d606c30d02d93998d776818e865c6809f
0411b35afecd8b0bae3277f73f0d565b46fb0672b1bafa9f9a5f178b139d0782
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:09 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5693
Cache-Control: max-age=140075
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:47:10 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 10:41:45 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:47:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kbec.3rdeyehosting.com/wp-content/uploads/elementor/css/post-9.css?ver=1646653287
192.185.129.96200 OK 826 B URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/uploads/elementor/css/post-9.css?ver=1646653287
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3935), with no line terminators
Hash 625eb4f548f8727903a11e0f408821f7
5df6cc76bd1766a48881106c39f8f839b133f481
73171ef02dcf9fef9e142b3a9cbc825b21850ba754910d28204f4f3f9e94f3ec
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-9.css?ver=1646653287 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:10 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:41:27 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 826
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
kbec.3rdeyehosting.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
192.185.129.96200 OK 18 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (47826)
Hash 9415c9562591af7a582c29139621505f
0b12eecf36a48b871a3198550f4f65bb4a6d9b1b
06c70d3232c2ae3ed2aa259eb7a1beb329b654926813935fffa8902cd5ebaa4a
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:10 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 17 Nov 2022 01:32:38 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/css
kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
192.185.129.96200 OK 7.1 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30837)
Hash 09b8b6cbc1b0486aa66786792e8c6984
73a077a16ce58b6b5c7169a61989f7421a913936
a8e462cb54773ddf7cd4fdc03715c0cd12a537c633c026635d5810b621246db6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:10 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 07 Mar 2022 11:19:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7112
Keep-Alive: timeout=5, max=75
Content-Type: text/css
kbec.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.6.2
192.185.129.96200 OK 1.8 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.6.2
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11362)
Hash c700ddb69f49a046abdb67d64d22d803
3a89ca7289ff33ef6eb9d0f5f3ebaa80e48eec70
303a2e91da49271e4b5e22218042ffac7a7050e45b1946aeecb6e6520d1e780c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.6.2 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:10 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 07 Mar 2022 11:20:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1839
Keep-Alive: timeout=5, max=75
Content-Type: text/css
kbec.3rdeyehosting.com/wp-content/uploads/elementor/css/post-14.css?ver=1646719085
192.185.129.96200 OK 9.5 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/uploads/elementor/css/post-14.css?ver=1646719085
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (56780), with no line terminators
Hash d743b8062316ba5f8c961c86acdfc0bd
6269001d66296f47b5e1c2f97f796080ec3e9cdf
97ad41936e7cf3cb94bb93bb444ab44dc82c5fe7df31e8a7106fd52331c81003
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-14.css?ver=1646719085 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:10 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 08 Mar 2022 05:58:05 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9462
Keep-Alive: timeout=5, max=75
Content-Type: text/css
kbec.3rdeyehosting.com/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.9
192.185.129.96200 OK 12 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.9
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (1646)
Hash e56098a703c5beb99abc9c3a870be594
76e54634e0628ab91310c760d619360151e26be1
0eb4438e57550f2c2a321d45a5cb1c92fb22d58f6dbcc9c189fc3bd1e4f78b8f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.9 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:10 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 07 Mar 2022 11:40:16 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11654
Keep-Alive: timeout=5, max=75
Content-Type: text/css
kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=5.0.9
192.185.129.96200 OK 13 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=5.0.9
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (59158)
Hash e6b67e11736ae36a062b381717f2ea9f
a663a79bc8d42aa58bfea1351cc27e0d0b09c9b2
a07a94d36246d0b3e5b9b18e274e31995d0e23cda955babf5e350e91a879523d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=5.0.9 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:10 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:19:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12862
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
push.services.mozilla.com/
35.161.230.192101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.230.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: S0BdpEyRCzIe7wgkS+wTvQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iSJNuoHBV4qj8OAozyQh5Can6co=
kbec.3rdeyehosting.com/wp-content/themes/WP-Skeleton-Theme-master/stylesheets/base.css?ver=6.1.1
192.185.129.96200 OK 2.2 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/themes/WP-Skeleton-Theme-master/stylesheets/base.css?ver=6.1.1
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (493)
Hash 84f8b343d30532dcddc1fdb81ec138b3
86f5036040c741b6db17af4015589dab4b93dfb7
826085cc507faf3341d6ab452aa4940c4a8c627ad76ede7e001566984ed3d4b8
GET /wp-content/themes/WP-Skeleton-Theme-master/stylesheets/base.css?ver=6.1.1 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:10 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:40:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2240
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
kbec.3rdeyehosting.com/wp-content/themes/WP-Skeleton-Theme-master/stylesheets/layout.css?ver=6.1.1
192.185.129.96200 OK 392 B URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/themes/WP-Skeleton-Theme-master/stylesheets/layout.css?ver=6.1.1
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash c9c525ef7438d3c65d9a8534c51d44b5
9b5720b30296a2142076af1916c23e10074b4822
fd3f2f32bfdfc2863a2fdaf401278e2bcf9ff11296e620df36b133d30e6d13d5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/WP-Skeleton-Theme-master/stylesheets/layout.css?ver=6.1.1 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:10 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:40:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 392
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=5.0.9
192.185.129.96200 OK 4.4 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=5.0.9
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (26516)
Hash fdd462f58aee3f9349eabdefb5ca0b57
bb6e017d5537630516ccb98952593690a8c69864
ca51806fcedbe90dd613c4c28673af8693381806a5cb3b43dce2ea4f43e8b314
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=5.0.9 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:10 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:19:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4436
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
kbec.3rdeyehosting.com/wp-content/themes/WP-Skeleton-Theme-master/style.css?ver=6.1.1
192.185.129.96200 OK 2.3 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/themes/WP-Skeleton-Theme-master/style.css?ver=6.1.1
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 81e651c95eff8831b7c95fa42aad153b
9f80cbb83badd9221e1d38f1f52fe37bff694d47
84225715877e530e76a59cb97512e978f9f5cb184bae8b7ff34cdb36455153d3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/WP-Skeleton-Theme-master/style.css?ver=6.1.1 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:10 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:40:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2257
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12733
Expires: Mon, 05 Dec 2022 23:19:23 GMT
Date: Mon, 05 Dec 2022 19:47:10 GMT
Connection: keep-alive
kbec.3rdeyehosting.com/wp-content/uploads/elementor/css/post-19.css?ver=1646654294
192.185.129.96200 OK 2.1 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/uploads/elementor/css/post-19.css?ver=1646654294
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7179)
Hash b9ae3e8727d6e13d2dfc3e96685bec87
cf4d5c33e0cba7aa9c362e1364f312b58ba384e9
fc3eb7a509bfd34e0f81d356a7b6d8958658ce972f4470458967e6a9bde07a86
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-19.css?ver=1646654294 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:10 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:58:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2083
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8ugcixaNsXG-AIHYCfoyOWa5zowv2lb4qwWc8o5_7SQc_0w5HW4mBw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:48 GMT
age: 78862
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kmki-SBINSx1kbiIkaSGebdCLrnDeHVhYeotAWzE__CevkNDdfzRGg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:44:01 GMT
age: 79389
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 027480c06cd67621f373c6765dafee4d
9f80bb7ca6f699d88eaec2248dec508c589fe994
f69a0d6bd6e79d8fa7f2f15df11237c0a8b04d45af3cd5870eeef86d18f553bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7728
x-amzn-requestid: 9f37e7a6-1f00-4a81-9b14-962fd0b6cdf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMEJxoAMFchQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-4a4cce217327b44525ea1e98;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PGz98Kv7xrcdfvzwMFbA9V206DdlXitB-Xk8dllnaLlk1QMhZZEs9Q==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:03:04 GMT
age: 78246
etag: "9f80bb7ca6f699d88eaec2248dec508c589fe994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:41 GMT
age: 78869
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcb8fe0c4ba323ab2483fa290c291051
6706e02d6b95edc3a33c951f07d04b0fb7415b77
6be68deb3a330955027ec16eaca2cdf4e2776620ffb7cb995922664b24400f02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8749
x-amzn-requestid: ee03c447-299b-45d5-b8c6-12d4d1dc436d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_spHdBIAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-0c9805c6112ec9ec6b9d1544;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tsL8hmcWaBeKYVG2b4g7ebl-sQ0Z5jZaexEfvldfzq9COcOdzqLhUA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 79135
etag: "6706e02d6b95edc3a33c951f07d04b0fb7415b77"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:03:01 GMT
age: 78249
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12733
Expires: Mon, 05 Dec 2022 23:19:23 GMT
Date: Mon, 05 Dec 2022 19:47:10 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:47:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kbec.3rdeyehosting.com/wp-content/plugins/happy-elementor-addons/assets/fonts/style.min.css?ver=3.4.4
192.185.129.96200 OK 5.1 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/happy-elementor-addons/assets/fonts/style.min.css?ver=3.4.4
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (24770)
Hash 2bd9ae33bb495670acef0b03302f134a
43afbfa3de689ca45ac0af481cb841d5f766e67c
2230fcf663f4a6a90dfadce1ef1c10b27efb9629a602b483f94a1a4551ba078b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/happy-elementor-addons/assets/fonts/style.min.css?ver=3.4.4 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:10 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:40:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5118
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12733
Expires: Mon, 05 Dec 2022 23:19:23 GMT
Date: Mon, 05 Dec 2022 19:47:10 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
142.250.74.106200 OK 2.6 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP 142.250.74.106:0
Hash 7ac522c64612bf84c077e7c4528abd1e
381b3a950a31e804e09f64bd4e5eed359a47fe99
038d06fcea34558f13406c2b79e7657f4d5bda0348957bdc82b6542da2d7fedd
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 19:47:10 GMT
date: Mon, 05 Dec 2022 19:47:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kbec.3rdeyehosting.com/wp-content/uploads/elementor/css/post-28.css?ver=1646668583
192.185.129.96200 OK 1.8 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/uploads/elementor/css/post-28.css?ver=1646668583
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10325), with no line terminators
Hash 782cb4f9d099505c752592ba64cd7d2f
3f14d101ba27da77f96c371e2f0d0664678e2daf
d0dd6a6df7a79c5884753c73535af68ebd59aaf13f4bf9e323b3ed02e643d925
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-28.css?ver=1646668583 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:10 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 15:56:23 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1841
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
kbec.3rdeyehosting.com/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.5.4
192.185.129.96200 OK 12 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.5.4
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4fb0795711301ef32d45d6f3fdef07b4
631536b58397ce6a01ea02f5b15bd445176f4a06
9ae496f3fc96cb6feec38d3965fefe4f998320f9a0c92130658d81367a696fa5
GET /wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.5.4 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:10 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:40:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12485
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=5.0.9
192.185.129.96200 OK 4.4 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=5.0.9
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (14869)
Hash 7bab7ad64ffbd7846dd6819250b93e2e
c924918d540389aff62220088b6761f38a5da272
045250efe67364c953a91f6a60cf407ebb5cfdb2da04e84c3d98e5bab5eca9ba
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=5.0.9 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:10 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:19:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4359
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
kbec.3rdeyehosting.com/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.5.4
192.185.129.96200 OK 4.4 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.5.4
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30283), with no line terminators
Hash c2c381b76f533a3992b1060b1e8275ed
8441603d412df07e265d70d72569bd3ed90c51ee
6b1c02e5f7f5a04d0320c0a69a67651c6c322b81dfcf1ad9ca29e0f7374cf613
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.5.4 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:10 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:40:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4436
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
kbec.3rdeyehosting.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
192.185.129.96200 OK 39 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65447)
Hash 32f58a61f7c5a7e10f8b2dcf8e9a8e34
865c25589283ab1debd45bdfa6c4d8c6ecf15ad3
481cb2216fbdb0797af8c61b69c0bda2c10d025f7b11f2cdfac382d35dc45d63
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:11 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 01:44:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
kbec.3rdeyehosting.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
192.185.129.96200 OK 4.6 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:11 GMT
Server: Apache
Last-Modified: Wed, 18 Nov 2020 14:36:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4618
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
kbec.3rdeyehosting.com/wp-includes/css/classic-themes.min.css?ver=1
192.185.129.96200 OK 189 B URL HTTP/1.1 kbec.3rdeyehosting.com/wp-includes/css/classic-themes.min.css?ver=1
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:11 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 01:44:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 189
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css
kbec.3rdeyehosting.com/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.9
192.185.129.96200 OK 323 B URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.9
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash b24c24b7da3ffeed6ae8ade102a4d317
c4445b3977ce704b927508108e100213eea67a3c
5421ad49b70f379553eaceec744d753e74d4b065966c08aa7c7dd949553ca9a8
GET /wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.9 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:11 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:40:16 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 323
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css
kbec.3rdeyehosting.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
192.185.129.96200 OK 5.3 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:11 GMT
Server: Apache
Last-Modified: Tue, 24 May 2022 23:10:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5321
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
kbec.3rdeyehosting.com/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.5.4
192.185.129.96200 OK 80 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.5.4
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash f6a3a4cb4117d525367591703988f205
60e8a82836b12f0651550304c23304819f32023b
23cbe243e6f5f7fe278a137b6ae8f0f8a0df226eb608ad680feea6cb2c8cb7a3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.5.4 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:10 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:40:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.14.0
192.185.129.96200 OK 4.0 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.14.0
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19004)
Hash 3770d40a3b6bfb7fd2847fefdc93cf2c
0ae9564463a16c29233adefdf92bb7375ad46bcb
af5ed5aa155dc7252334407c53ee97a0d296d0bfb30590304a39abadb589c73c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.14.0 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:11 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:19:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3961
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: text/css
kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.5.5
192.185.129.96200 OK 19 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.5.5
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65497)
Hash e071f529ac314874883d1535f6e8ca25
23ac27ff248e204f7323e9afc3427a5d4e4491df
0b55f94dde27384d6432c666e4421fe2a4850fdfc7c9b9819df8305b7e89679b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.5.5 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:11 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:19:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
kbec.3rdeyehosting.com/wp-content/plugins/metform/public/assets/css/style.css?ver=2.1.2
192.185.129.96200 OK 6.2 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/metform/public/assets/css/style.css?ver=2.1.2
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (23669), with no line terminators
Hash e1e37252f10da33623814d6e3c3fbd20
0684b0e49212f82222eccc1f5474087925e3280f
a1b4aa56f7fb24d50e4c7492cca9669d719861ea8237a34da75405f4844adc4b
GET /wp-content/plugins/metform/public/assets/css/style.css?ver=2.1.2 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:11 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:40:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6211
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/css
kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.5.5
192.185.129.96200 OK 3.0 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.5.5
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10019)
Hash c2b5af6052f630a96e450e5e2a3cea52
00ca76a8828a1bbec1534eb10786804fd36492f2
58f6cc2d4fa3e528622102975fb62949dc0170bd47b588a67318d18552a57d59
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.5.5 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:11 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:19:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2997
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/css
kbec.3rdeyehosting.com/wp-content/plugins/metform/public/assets/css/metform-ui.css?ver=2.1.2
192.185.129.96200 OK 23 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/metform/public/assets/css/metform-ui.css?ver=2.1.2
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash c372b2302e84d6dba6fcdfa02f1d3ac0
1afede8c3792b0887b6bf0b8aa476f08c2377053
cd4ec2c8aba7ec5cc74cccd8e913aec7b8e25b3a021ad447bc0c51e4010cd311
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/metform/public/assets/css/metform-ui.css?ver=2.1.2 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:11 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:40:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
kbec.3rdeyehosting.com/wp-content/plugins/happy-elementor-addons/assets/js/happy-addons.min.js?ver=3.4.4
192.185.129.96200 OK 11 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/happy-elementor-addons/assets/js/happy-addons.min.js?ver=3.4.4
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash bb6fc9df55885d1a76f3229f650f2227
45f5106f07db2fd898168a5deab3d1a9a63f9753
aed777e80c517b0486b24b75ec3d754f7bd6943cf30bdd8cd6cce1f85e9893f1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/happy-elementor-addons/assets/js/happy-addons.min.js?ver=3.4.4 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:11 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:40:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10728
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
kbec.3rdeyehosting.com/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.5.4
192.185.129.96200 OK 40 B URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.5.4
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with no line terminators
Hash 94d041d462db321cdb888066586f2068
717d2f9da7fb9f9e2bf2058a8177a0344f8a8647
b8166c5475df6a64ab2456e95f64564164ed697d258e8bfed8cebca40efd6fa5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.5.4 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:11 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:40:06 GMT
Accept-Ranges: bytes
Content-Length: 40
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:47:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.google.com/maps?q=London%20Eye%2C%20London%2C%20United%20Kingdom&t=m&z=10&output=embed&iwloc=near
142.250.74.142301 Moved Permanently 303 B URL HTTP/2 maps.google.com/maps?q=London%20Eye%2C%20London%2C%20United%20Kingdom&t=m&z=10&output=embed&iwloc=near
IP 142.250.74.142:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 9a3a80d15009bef9022ed800d354fec0
5e086ac09f2e1474a54dd493e08257751468c42b
434ac890924835a3420f3dfdf631533b895de6cef2ecbcd739231b5d30d74ba3
GET /maps?q=London%20Eye%2C%20London%2C%20United%20Kingdom&t=m&z=10&output=embed&iwloc=near HTTP/1.1
Host: maps.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Mon, 05 Dec 2022 19:47:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sLondon+Eye,+London,+United+Kingdom!5e0!6i10
content-type: text/html; charset=UTF-8
server: mafe
content-length: 303
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:47:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:47:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.35200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kbec.3rdeyehosting.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 06:30:11 GMT
expires: Sat, 02 Dec 2023 06:30:11 GMT
cache-control: public, max-age=31536000
age: 307020
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:47:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js?ver=0.2.1
192.185.129.96200 OK 736 B URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js?ver=0.2.1
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1801), with no line terminators
Hash ae098a17e8889ff188a7a1ca4545c729
250400844f4e830503e2e9b8642fb00bc337eb62
0f5aecfe5c23d3149b592488ac69726074ee450de920b0e7ecf3071c1acd0771
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js?ver=0.2.1 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:11 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:19:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 736
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
kbec.3rdeyehosting.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
192.185.129.96200 OK 2.7 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6475), with no line terminators
Hash 45bd1d6f7fc3a4069fc6fd400b90c961
903c7e28c7141e9fc1bdb4dfc62d043a97a01e2d
c638a0057b4be0a61cfb65b1860a855a327397e9871f5dde28fa2f138fb394dc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:11 GMT
Server: Apache
Last-Modified: Tue, 24 May 2022 23:10:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2675
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
kbec.3rdeyehosting.com/wp-content/plugins/metform/public/assets/js/htm.js?ver=2.1.2
192.185.129.96200 OK 677 B URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/metform/public/assets/js/htm.js?ver=2.1.2
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1264), with no line terminators
Hash c9c167597319770014ec96049f580966
f445c96241ce7e2371341aa5b730127e5de73226
ddc95177633be34dea224faef4f79992a5c824e41f11bc989f85684562c2206e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/metform/public/assets/js/htm.js?ver=2.1.2 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:11 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:40:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 677
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2e388f1ab4ec88104f57cf23944ee684
39178c45ed645709cc388d5790b1b58a3272a62f
e33b88f6f77d90b65a8fed943a45623e51f1efbdae401a1652f24be68408dba0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:47:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:47:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kbec.3rdeyehosting.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
192.185.129.96200 OK 7.6 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash 66c68f2158dcf7d97a02f3719a17aab0
fdb04fb4c632b9fb4275006a4e402cd0d4fa393a
e4b360f0e6ae1afc06f05f958e8696e5ae45257912bc2ab0b9334bd1382a51aa
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:11 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 01:44:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7621
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:47:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kbec.3rdeyehosting.com/wp-includes/js/dist/vendor/react.min.js?ver=17.0.1
192.185.129.96200 OK 4.9 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-includes/js/dist/vendor/react.min.js?ver=17.0.1
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11082)
Hash b725a8dd8c43cfde32eb6e5a8022a56c
e20b1ff3f34a8c093fe1db28c8ff2b3c1f1e6475
8952ccc0253b7045512ea80e9319dd51f6e812ef6abf0eba5fc72553a689b454
GET /wp-includes/js/dist/vendor/react.min.js?ver=17.0.1 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:11 GMT
Server: Apache
Last-Modified: Tue, 24 May 2022 23:10:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4893
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: application/javascript
kbec.3rdeyehosting.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.5.4
192.185.129.96200 OK 58 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.5.4
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (45027)
Hash db251e823aec5c44a83ee60f68ca8e71
9a6a34aa5298fefa5f506091e2cb830f6c828a27
6459db9659474076fea94c2f168b71be140e15c7044303a9fdac3e03daf8e626
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.5.4 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:11 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:40:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
kbec.3rdeyehosting.com/wp-includes/js/dist/element.min.js?ver=47162ff4492c7ec4956b
192.185.129.96200 OK 5.4 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-includes/js/dist/element.min.js?ver=47162ff4492c7ec4956b
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7680)
Hash a78b8e78e3796f5bd784bca85dcc8a4e
cf5d97062602182596b523bc1fe882cbaa7a6771
4267a26c6eb7d8117ad8b62038b6e191743aa74d270e9e8b1083a36ba5ad9d9f
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/element.min.js?ver=47162ff4492c7ec4956b HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:11 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 01:44:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5356
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript
kbec.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.6.2
192.185.129.96200 OK 2.4 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.6.2
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5059)
Hash 47c37915c1b29114f283e1a087f0feef
8d9805692756734aba69afbe20db4348b0757eda
90586e86e276047db31886958e750779c4fc381c8153ca24aa02f3f057b0cb3f
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.6.2 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:11 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:20:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2408
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: application/javascript
kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.5.5
192.185.129.96200 OK 2.3 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.5.5
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4866)
Hash 3e308f7aafd9f45e3fc643cdff9b2d16
23091ad9fe2b3c8db15f13bdfaefd3992c70c761
b2e999d5373ca64fba0bef600b7fea7464ba22d826dd5a57f30689d37eb5b515
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.5.5 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:11 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:19:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2286
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript
kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.5.5
192.185.129.96200 OK 5.6 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.5.5
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (14196)
Hash 940f287c085b1f14a3610319363a3eab
e6330e55618eaf08ca12fc67197c6918d479d997
fefb50865b7f09a39bf25c9fcb8ab1776298f2dfeebd073ef686b2ca0a18ec06
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.5.5 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:11 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:19:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5629
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: application/javascript
kbec.3rdeyehosting.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
192.185.129.96200 OK 1.7 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4875)
Hash 6a452794a68bc140a53b30519b94edf6
68046f5611ba3cf5da1c46087609aff18f59fdc1
259990a9e6191a72a51ac9d038d0c52bb56d880a2b0d460b1fca3f3fee7961ed
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:11 GMT
Server: Apache
Last-Modified: Tue, 24 May 2022 23:10:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1712
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: application/javascript
kbec.3rdeyehosting.com/wp-content/plugins/metform/public/assets/js/app.js?ver=2.1.2
192.185.129.96200 OK 132 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/metform/public/assets/js/app.js?ver=2.1.2
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (50844)
Size 132 kB (131989 bytes)
Hash b7bdc5c76e52cc75041d549d4f166a79
96d18e46d5273a143d7beac26eb328d6f9fcca35
58da5d5ae69e0837f058b641dd4b6dfaed7d2808dd619230369ea261f7732490
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/metform/public/assets/js/app.js?ver=2.1.2 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:11 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:40:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sLondon+Eye,+London,+United+Kingdom!5e0!6i10
216.58.211.4200 OK 1.7 kB URL HTTP/2 www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sLondon+Eye,+London,+United+Kingdom!5e0!6i10
IP 216.58.211.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3581)
Hash 90bf68ae1db58d768ad594b5ed9ceadd
50f9c3c7c0a47fbd7e7b4cbb64dd8ca8e01bc640
8f472b87a3b7f3643e07ea42eb767a2e07cd3e63e7d8950e56ed1fe243267697
GET /maps/embed?origin=mfe&pb=!1m4!2m1!1sLondon+Eye,+London,+United+Kingdom!5e0!6i10 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kbec.3rdeyehosting.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Mon, 05 Dec 2022 19:47:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-cKKWPvJlJwHSJw5GEdcmlw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1735
x-xss-protection: 0
server-timing: gfet4t7; dur=386
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kbec.3rdeyehosting.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
192.185.129.96200 OK 4.2 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 3b62593186f7f91a9470ab6968ec5feb
bd7728c79c04f4f2f7a787097b0868e06ceba5ad
2a9920dc63cbd8228103c7d6bf2a044f06963041253c385c3cebb147297aa782
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:11 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 01:44:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4233
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: application/javascript
kbec.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.6.2
192.185.129.96200 OK 7.2 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.6.2
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (20468)
Hash 34df95971987bde4672049d6e376fdc1
07506b20371c1c4168acba6c276c39d7f010e13d
c2a73ff31411ec812a8a2224e7ca2b1180857e9dbeb3d583824836d0511995a5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.6.2 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:11 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:20:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7230
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: application/javascript
kbec.3rdeyehosting.com/wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1
192.185.129.96200 OK 48 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65290)
Hash 2652996bf56cfa0e251cab037c48c2b5
b1ff848c6ce30ad29d2a35141c611d52d8e86501
160ed40751bff365eb5ef65f80e9dec0184ff8dfcb6c58c047e5fdc1e11f6d1e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:11 GMT
Server: Apache
Last-Modified: Tue, 24 May 2022 23:10:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
kbec.3rdeyehosting.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
192.185.129.96200 OK 8.3 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 838560e989767f2ef5951b9eeee20352
6bf8419cb4d68d9beced9e4b79b22b347ae16a46
72e6d275c5229613a59aef94523fc6a96330553976aee003d8544d5806fa0c3d
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:11 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 01:44:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8344
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: application/javascript
kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.5.5
192.185.129.96200 OK 14 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.5.5
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (36850)
Hash 63e3199c4df0039ae4047f807efdaa84
0d8aa97317fa0f345e33480f1f444cade353cb0a
7ce19c5abbe199fd80452e9e7f44b75cdd4378e2dc2e7b77f5aaafa5b94ec3af
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.5.5 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:11 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:19:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14423
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript
maps.gstatic.com/maps-api-v3/embed/js/51/2/init_embed.js
142.250.74.99200 OK 69 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/51/2/init_embed.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (2669)
Hash ed2723b79bc5eab77a130d1494114fc3
868e33258f37face8b5d0fe4420632505c1d25be
4707d296c9f44bffe17c3b0a98ea5ce6f0e83cf700ba691ede674daf6f6b4443
GET /maps-api-v3/embed/js/51/2/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 69315
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 21:46:35 GMT
expires: Thu, 30 Nov 2023 21:46:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 22:32:00 GMT
content-type: text/javascript
age: 424837
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kbec.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.6.2
192.185.129.96200 OK 7.1 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.6.2
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (24753)
Hash c1da9cb4b530ed8c45ed7ac19b9f16bc
1c768aac0a1c727b39483e9f85254d45697c66a6
1709777cbf74d0720fb77266276c6a748f73d19f08f5bf4c66041a6a7ebaad68
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.6.2 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:12 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:20:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7061
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: application/javascript
kbec.3rdeyehosting.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.js?ver=2.5.4
192.185.129.96200 OK 442 B URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.js?ver=2.5.4
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (810), with no line terminators
Hash b96c7d958b2c4a3ff7e92608615daeb0
6e95b60a83d06479921cefd745c4dd058842604e
5176a7109dc14142199bbc99ce78c5c6536812d06562b1d300b283bd26849d2f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.js?ver=2.5.4 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:12 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:40:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 442
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: application/javascript
kbec.3rdeyehosting.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=2.5.4
192.185.129.96200 OK 5.5 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=2.5.4
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (17062), with no line terminators
Hash c1708f9f912df2b5e6741ce1b1aa76ea
61770e89dc682ab51e3ed5087cf0b26671834b24
2728d8449fd50b10d3832820ef3f474a7fa016ce3bd808604300bab29312a2a5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=2.5.4 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:12 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:40:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5502
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: application/javascript
kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
192.185.129.96200 OK 78 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=5.0.9
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:12 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:19:25 GMT
Accept-Ranges: bytes
Content-Length: 78196
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: font/woff2
kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
192.185.129.96200 OK 13 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Hash f0f8230116992e521526097a28f54066
0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=5.0.9
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:12 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:19:25 GMT
Accept-Ranges: bytes
Content-Length: 13276
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: font/woff2
kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.14.0
192.185.129.96200 OK 92 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.14.0
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 92216, version 1.0\012- data
Hash 70ffaa0b941707c09d1cbf69280d1424
fc3d9db08411484861c93dfe7c257bff8fe13b74
41e3c2c7e1af8d05bd4195d6241a16334583d6280f4ab41209aa3880bea50994
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.14.0 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.14.0
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:12 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:19:25 GMT
Accept-Ranges: bytes
Content-Length: 92216
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: font/woff2
kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=2.5.4
192.185.129.96200 OK 47 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=2.5.4
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65280)
Hash 6d3f8ba511b26a2b5e2555673e996be4
d5a3c1ed68beeeafc4da01d71a6b7ce0f19f985e
955d1e858ec91ca4b3f5c845421692afc83dcbca3dd52577f746e18278f45315
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=2.5.4 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:12 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:19:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
kbec.3rdeyehosting.com/wp-content/uploads/2022/03/happy-architects-using-digital-tablet-at-construction-site-1.jpg
192.185.129.96200 OK 233 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/uploads/2022/03/happy-architects-using-digital-tablet-at-construction-site-1.jpg
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x1335, components 3\012- data
Size 233 kB (232943 bytes)
Hash c5f594a06ebb7e3b934b31f43e758f35
d391d9715718eac7191b6f9b451b2b8f272b3c04
4251e74eefff7676dae0bdc9551d598e089b14c62cc8166b66197be21a26912b
GET /wp-content/uploads/2022/03/happy-architects-using-digital-tablet-at-construction-site-1.jpg HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/wp-content/uploads/elementor/css/post-14.css?ver=1646719085
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:12 GMT
Server: Apache
Last-Modified: Tue, 08 Mar 2022 05:54:53 GMT
Accept-Ranges: bytes
Content-Length: 232943
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: image/jpeg
kbec.3rdeyehosting.com/wp-content/uploads/2022/03/cropped-Challan-Book-1-1-1024x150.png
192.185.129.96200 OK 55 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/uploads/2022/03/cropped-Challan-Book-1-1-1024x150.png
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1024 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash e6f227b65a8edf712d53073475ed1147
698ba19c69ae3578cdab71684b7cc0e9538a9f34
8eb00e27c60be6a9b3fa61ed269cad2f193502746529f65a26bb2bd31aee4203
GET /wp-content/uploads/2022/03/cropped-Challan-Book-1-1-1024x150.png HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:12 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:57:11 GMT
Accept-Ranges: bytes
Content-Length: 54872
Keep-Alive: timeout=5, max=63
Connection: Keep-Alive
Content-Type: image/png
kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
192.185.129.96200 OK 77 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Hash f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=5.0.9
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:12 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:19:25 GMT
Accept-Ranges: bytes
Content-Length: 76764
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: font/woff2
kbec.3rdeyehosting.com/wp-content/uploads/elementor/thumbs/construction-worker-planning-constractor-developer-concept-1-pljub33xdvg1wcqgg8zzvy7jcpwdp8pntr0gyz08ag.jpg
192.185.129.96200 OK 115 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/uploads/elementor/thumbs/construction-worker-planning-constractor-developer-concept-1-pljub33xdvg1wcqgg8zzvy7jcpwdp8pntr0gyz08ag.jpg
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1000x1100, components 3\012- data
Size 115 kB (115426 bytes)
Hash da97c2ecb6b69ba1257d3491f45e7530
80cfce0ec136c6ae4274f049df0480d1332dbefb
9ac9aa694ec6d5ebeb12004965437d185918b1b514b53f264c396ddb0a8e94ea
GET /wp-content/uploads/elementor/thumbs/construction-worker-planning-constractor-developer-concept-1-pljub33xdvg1wcqgg8zzvy7jcpwdp8pntr0gyz08ag.jpg HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:12 GMT
Server: Apache
Last-Modified: Tue, 08 Mar 2022 05:56:59 GMT
Accept-Ranges: bytes
Content-Length: 115426
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: image/jpeg
kbec.3rdeyehosting.com/wp-content/uploads/elementor/thumbs/road-construction-business-1-pljubk10sw1839cvj6xo9yisp70a36nosvisilgqj0.jpg
192.185.129.96200 OK 95 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/uploads/elementor/thumbs/road-construction-business-1-pljubk10sw1839cvj6xo9yisp70a36nosvisilgqj0.jpg
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1000x750, components 3\012- data
Hash 4993a7b10707484c4052ec90a7b1012e
ea050c782fedc4db707273b8a537b8ba9666a83e
d2b35ce937584824a09386d816280b10406b9a735afe31c2bc52e98d2464186e
GET /wp-content/uploads/elementor/thumbs/road-construction-business-1-pljubk10sw1839cvj6xo9yisp70a36nosvisilgqj0.jpg HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:12 GMT
Server: Apache
Last-Modified: Tue, 08 Mar 2022 05:56:59 GMT
Accept-Ranges: bytes
Content-Length: 94694
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: image/jpeg
kbec.3rdeyehosting.com/wp-content/uploads/elementor/thumbs/hotel-room-1-1-pljua3e2661613hc2k6kebszfm7q44upxmzln3ms7g.jpg
192.185.129.96200 OK 125 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/uploads/elementor/thumbs/hotel-room-1-1-pljua3e2661613hc2k6kebszfm7q44upxmzln3ms7g.jpg
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1000x750, components 3\012- data
Size 125 kB (124753 bytes)
Hash 195608f32982b70527a3a9837bbe0ad0
ed47670f791232a4fc7ec01d338d13f140ac423a
b0188f5dce9e8a059ed9a8bdeebf3ba30e5135ef8291ae1f75398ff1aa619963
GET /wp-content/uploads/elementor/thumbs/hotel-room-1-1-pljua3e2661613hc2k6kebszfm7q44upxmzln3ms7g.jpg HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:12 GMT
Server: Apache
Last-Modified: Tue, 08 Mar 2022 05:56:59 GMT
Accept-Ranges: bytes
Content-Length: 124753
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: image/jpeg
kbec.3rdeyehosting.com/wp-content/uploads/elementor/thumbs/construction-1-pljubshkiee858dazzagq5yz09z376j8br4qwhfmkw.jpg
192.185.129.96200 OK 105 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/uploads/elementor/thumbs/construction-1-pljubshkiee858dazzagq5yz09z376j8br4qwhfmkw.jpg
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1000x1000, components 3\012- data
Size 105 kB (105310 bytes)
Hash 0c6f76af802df66a1b4bf37a5e6b76f4
4f20f9310fa728ce1eead39082e5ddbe104913c4
263ecf375f305c7bcd4f499856e648ad97a67a0f5fc86b3acbcdc3f7ff943dd3
GET /wp-content/uploads/elementor/thumbs/construction-1-pljubshkiee858dazzagq5yz09z376j8br4qwhfmkw.jpg HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:12 GMT
Server: Apache
Last-Modified: Tue, 08 Mar 2022 05:57:00 GMT
Accept-Ranges: bytes
Content-Length: 105310
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: image/jpeg
kbec.3rdeyehosting.com/wp-content/uploads/elementor/thumbs/happy-architects-using-digital-tablet-at-construction-site-1-plju9ocn4tgkvc36idojafllxg9uoz70jkjtyo92z0.jpg
192.185.129.96200 OK 144 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/uploads/elementor/thumbs/happy-architects-using-digital-tablet-at-construction-site-1-plju9ocn4tgkvc36idojafllxg9uoz70jkjtyo92z0.jpg
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1000x750, components 3\012- data
Size 144 kB (143593 bytes)
Hash 39acc9cf28df6d57d7c1ef7daf2bed8d
c13cc483cc92c2bff367d5c1edfea419a1d59990
7bae8b5ce43c1781609a1c28e75dda250c171fad06f077efd920ede6a4d397cc
GET /wp-content/uploads/elementor/thumbs/happy-architects-using-digital-tablet-at-construction-site-1-plju9ocn4tgkvc36idojafllxg9uoz70jkjtyo92z0.jpg HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:12 GMT
Server: Apache
Last-Modified: Tue, 08 Mar 2022 05:56:59 GMT
Accept-Ranges: bytes
Content-Length: 143593
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: image/jpeg
kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/js/text-editor.289ae80d76f0c5abea44.bundle.min.js
192.185.129.96200 OK 667 B URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/js/text-editor.289ae80d76f0c5abea44.bundle.min.js
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1316)
Hash a9c38a804262b52eb6bd9bc9072ec0ca
929714fe0bf6502ff801ff1b2f1f251c36912fba
7cb2fd6d64124cd53ab42004f9384b5f2a2d518fac631c172769fbc4449380b6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/text-editor.289ae80d76f0c5abea44.bundle.min.js HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:12 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:19:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 667
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: application/javascript
kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/js/counter.02cef29c589e742d4c8c.bundle.min.js
192.185.129.96200 OK 486 B URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/js/counter.02cef29c589e742d4c8c.bundle.min.js
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (872)
Hash 50854d8c7990fb4714df102bf82b950c
aab5c764f3252996d4562228db04ee4e40d21f4a
e2975cfb5d41223dbc5b5ce169c7bc0812cb9adfc68e982c0444c139b06caef3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/counter.02cef29c589e742d4c8c.bundle.min.js HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:12 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:19:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 486
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: application/javascript
kbec.3rdeyehosting.com/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/fonts/elementskit.woff?y24e1e
192.185.129.96200 OK 443 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/fonts/elementskit.woff?y24e1e
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 442864, version 1.0\012- data
Size 443 kB (442864 bytes)
Hash fd4a1534fca171a46ef07ffca631465e
14c7b48fd5e85e3e375f721299da885330e95152
7659fa917839f5a43c0141f18cad5181d379bdb86a5923e15f5167a307107e2f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/fonts/elementskit.woff?y24e1e HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.5.4
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:12 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:40:06 GMT
Accept-Ranges: bytes
Content-Length: 442864
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: font/woff
kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/js/image-carousel.bd7aab19c9d934b7c505.bundle.min.js
192.185.129.96200 OK 1.2 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/js/image-carousel.bd7aab19c9d934b7c505.bundle.min.js
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2676)
Hash 16243cbc84be9e4cf413000a612fd6af
b90e0350b20601f6a7c4819c7777ba8684139bf7
4a6034b7376e3c0acc8f23f3e5f6f6697e41b59c1b280717f324b5775c130f30
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/image-carousel.bd7aab19c9d934b7c505.bundle.min.js HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:12 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:19:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1238
Keep-Alive: timeout=5, max=63
Connection: Keep-Alive
Content-Type: application/javascript
kbec.3rdeyehosting.com/wp-content/uploads/2022/03/logoipsum-logo-16-2.png
192.185.129.96200 OK 1.5 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/uploads/2022/03/logoipsum-logo-16-2.png
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 109 x 43, 8-bit colormap, non-interlaced\012- data
Hash 4356a4bf314e63c7916f5255de39ec7c
35ca9b2052baec52ab1785943e2aeaa47ad4867c
8971e11ae2b56c937f594ebcc8170cbd7c904960e66650d9329f3d830eed5b38
GET /wp-content/uploads/2022/03/logoipsum-logo-16-2.png HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:12 GMT
Server: Apache
Last-Modified: Tue, 08 Mar 2022 05:56:20 GMT
Accept-Ranges: bytes
Content-Length: 1458
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: image/png
kbec.3rdeyehosting.com/wp-content/uploads/elementor/thumbs/apartment-interior-in-white-and-blue-1-pljuaflyn0hw80zl37gpsqpz5mjhw778bbgwvp4nyk.jpg
192.185.129.96200 OK 92 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/uploads/elementor/thumbs/apartment-interior-in-white-and-blue-1-pljuaflyn0hw80zl37gpsqpz5mjhw778bbgwvp4nyk.jpg
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1000x750, components 3\012- data
Hash 5556857c02d72d9ccdcb27e94e49d8b6
65a612b1c98d9cca69bc3b1490ad0ad9f9564648
d95a825c59fa7529d0cc296ab8c152f7519483596f102f4e8d445371cc1f4f43
GET /wp-content/uploads/elementor/thumbs/apartment-interior-in-white-and-blue-1-pljuaflyn0hw80zl37gpsqpz5mjhw778bbgwvp4nyk.jpg HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:12 GMT
Server: Apache
Last-Modified: Tue, 08 Mar 2022 05:56:59 GMT
Accept-Ranges: bytes
Content-Length: 92538
Keep-Alive: timeout=5, max=62
Connection: Keep-Alive
Content-Type: image/jpeg
kbec.3rdeyehosting.com/wp-content/uploads/2022/03/logoipsum-logo-15-1.png
192.185.129.96200 OK 1.1 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/uploads/2022/03/logoipsum-logo-15-1.png
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 49 x 48, 8-bit colormap, non-interlaced\012- data
Hash 09f51b877c1b7d27a8bcde02d5cfea46
afa09da4bd9d1a67322089a634e3c7b16b1d112f
885b9a1e2d1732bfbae1419719cb3b2c3009f64977dacd08496d6a4ffba09413
GET /wp-content/uploads/2022/03/logoipsum-logo-15-1.png HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:12 GMT
Server: Apache
Last-Modified: Tue, 08 Mar 2022 05:56:21 GMT
Accept-Ranges: bytes
Content-Length: 1105
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: image/png
kbec.3rdeyehosting.com/wp-json/metform/v1/forms/views/206
192.185.129.96200 OK 0 B URL HTTP/1.1 kbec.3rdeyehosting.com/wp-json/metform/v1/forms/views/206
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
POST /wp-json/metform/v1/forms/views/206 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://kbec.3rdeyehosting.com/
X-WP-Nonce: be9e8fb814
Origin: http://kbec.3rdeyehosting.com
Connection: keep-alive
Content-Length: 0
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:12 GMT
Server: Apache
X-Robots-Tag: noindex
Link: <http://kbec.3rdeyehosting.com/wp-json/>; rel="https://api.w.org/"
X-Content-Type-Options: nosniff
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
X-WP-Nonce: be9e8fb814
Allow: GET, POST, PUT, PATCH, DELETE
Access-Control-Allow-Origin: http://kbec.3rdeyehosting.com
Access-Control-Allow-Methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
Access-Control-Allow-Credentials: true
Vary: Origin
Content-Length: 0
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: application/json; charset=UTF-8
kbec.3rdeyehosting.com/wp-content/uploads/2022/03/logoipsum-logo-13-1.png
192.185.129.96200 OK 1.1 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/uploads/2022/03/logoipsum-logo-13-1.png
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 49 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 735a23212f6f2a1db0a7ad91e15a8455
d46bb7382b7fd1a13cd50a79b9543b27adda6831
f2c772a00bc047c150e55d645ec23e47848e49c8803b053e48e99a1c60226e4b
GET /wp-content/uploads/2022/03/logoipsum-logo-13-1.png HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:13 GMT
Server: Apache
Last-Modified: Tue, 08 Mar 2022 05:56:23 GMT
Accept-Ranges: bytes
Content-Length: 1100
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: image/png
kbec.3rdeyehosting.com/wp-content/uploads/2022/03/logoipsum-logo-14-1.png
192.185.129.96200 OK 1.7 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/uploads/2022/03/logoipsum-logo-14-1.png
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 73 x 49, 8-bit/color RGBA, non-interlaced\012- data
Hash 9b46d4e6d76bf61d1132a8386dfaafdf
db89f8d3ac5d53b90066cbf850a832b4801bb60f
9390a62e0658d8b8a27698487cb92ba213d1d10f272d2d9ebadf9fdb27ecab31
GET /wp-content/uploads/2022/03/logoipsum-logo-14-1.png HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:13 GMT
Server: Apache
Last-Modified: Tue, 08 Mar 2022 05:56:25 GMT
Accept-Ranges: bytes
Content-Length: 1706
Keep-Alive: timeout=5, max=62
Connection: Keep-Alive
Content-Type: image/png
kbec.3rdeyehosting.com/wp-content/plugins/elementskit-lite/widgets/init/assets/img/cross-out.svg
192.185.129.96200 OK 257 B URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementskit-lite/widgets/init/assets/img/cross-out.svg
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 854158d348e3f129769c4d57a0791f15
90ea5c1c846038ece9d13ea5f94781dbd43caa37
7b136998787dd550a20e08b10cce45536da4cc78298ae3049da101a47add15b4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/img/cross-out.svg HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.5.4
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:13 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:40:06 GMT
Accept-Ranges: bytes
Content-Length: 257
Keep-Alive: timeout=5, max=61
Connection: Keep-Alive
Content-Type: image/svg+xml
kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
192.185.129.96200 OK 47 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65280)
Hash 6d3f8ba511b26a2b5e2555673e996be4
d5a3c1ed68beeeafc4da01d71a6b7ce0f19f985e
955d1e858ec91ca4b3f5c845421692afc83dcbca3dd52577f746e18278f45315
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:13 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:19:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=63
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
kbec.3rdeyehosting.com/wp-content/uploads/2022/03/construction-worker-planning-constractor-developer-concept-1-1536x1536.jpg
192.185.129.96200 OK 200 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/uploads/2022/03/construction-worker-planning-constractor-developer-concept-1-1536x1536.jpg
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1536x1536, components 3\012- data
Size 200 kB (200111 bytes)
Hash e5d1f8804ebd0d4fc9758651f2f5e74a
3939afc80ab835cfaca9e7211b981a4dbfa9406f
e6e3ace49a1aedbe3781c5ea311b0cb1662ba085834479a3967f7c2581b5f011
GET /wp-content/uploads/2022/03/construction-worker-planning-constractor-developer-concept-1-1536x1536.jpg HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:13 GMT
Server: Apache
Last-Modified: Tue, 08 Mar 2022 05:56:02 GMT
Accept-Ranges: bytes
Content-Length: 200111
Keep-Alive: timeout=5, max=63
Connection: Keep-Alive
Content-Type: image/jpeg
kbec.3rdeyehosting.com/wp-content/uploads/2022/03/apartment-interior-in-white-and-blue-1-1536x1024.jpg
192.185.129.96200 OK 156 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/uploads/2022/03/apartment-interior-in-white-and-blue-1-1536x1024.jpg
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1536x1024, components 3\012- data
Size 156 kB (156401 bytes)
Hash 4f826a20a0369f08f30eccf8c90f11a6
acde8bdce9cb13af61182210203bd8022989715a
1f84f304e14a247e590b0ffcf4e69e298e13ca239132de657f98d684e8b03638
GET /wp-content/uploads/2022/03/apartment-interior-in-white-and-blue-1-1536x1024.jpg HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:13 GMT
Server: Apache
Last-Modified: Tue, 08 Mar 2022 05:55:26 GMT
Accept-Ranges: bytes
Content-Length: 156401
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: image/jpeg
kbec.3rdeyehosting.com/wp-content/uploads/2022/03/3d-rendering-modern-house-with-terrace-at-night-1-1536x895.jpg
192.185.129.96200 OK 232 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/uploads/2022/03/3d-rendering-modern-house-with-terrace-at-night-1-1536x895.jpg
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1536x895, components 3\012- data
Size 232 kB (232335 bytes)
Hash e46ce7b04fba26e8e4a4e1e38e7c63ed
ea2534155f7ac850c1f2b0e9fa8515292d91fc46
9f1b18b606ca5ef95685711d2743fbc033fe2b62263058b512f6547e6a53f6e1
GET /wp-content/uploads/2022/03/3d-rendering-modern-house-with-terrace-at-night-1-1536x895.jpg HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:13 GMT
Server: Apache
Last-Modified: Tue, 08 Mar 2022 05:55:34 GMT
Accept-Ranges: bytes
Content-Length: 232335
Keep-Alive: timeout=5, max=61
Connection: Keep-Alive
Content-Type: image/jpeg
kbec.3rdeyehosting.com/wp-content/uploads/2022/03/hotel-room-1-1-1536x1178.jpg
192.185.129.96200 OK 239 kB URL HTTP/1.1 kbec.3rdeyehosting.com/wp-content/uploads/2022/03/hotel-room-1-1-1536x1178.jpg
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1536x1178, components 3\012- data
Size 239 kB (239137 bytes)
Hash bb2e2af61f15443b6367a07945fb1e18
4d73375ef7ebd1ef84957a4227012c8a02653b5e
f292507071bb5642d9b112d1d6a76c05f4321c1e9e4bc1dd27af54e1d816bf93
GET /wp-content/uploads/2022/03/hotel-room-1-1-1536x1178.jpg HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:13 GMT
Server: Apache
Last-Modified: Tue, 08 Mar 2022 05:55:18 GMT
Accept-Ranges: bytes
Content-Length: 239137
Keep-Alive: timeout=5, max=63
Connection: Keep-Alive
Content-Type: image/jpeg
kbec.3rdeyehosting.com/favicon.ico
192.185.129.96200 OK 4.2 kB URL HTTP/1.1 kbec.3rdeyehosting.com/favicon.ico
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 54ab0ec58399e32919a125c442dc70bd
748fed30d2eacdf12ed7fbf6463d5ff7522853e9
48fdc26bc6c204d75ee43fbfa0a0b1449cffb6b315f4a1201ace2d0b4a63ed4a
GET /favicon.ico HTTP/1.1
Host: kbec.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kbec.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:47:13 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4184
Keep-Alive: timeout=5, max=63
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 432800
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:56 GMT
expires: Thu, 30 Nov 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 432798
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f71032604eecccf0a81f323a5f96a400
f8866d4f3185bcf7871581d75339998b34d6cf6d
d053eedc717d7fd86e621ba948680be16538396d1ba9854b6816626d149b1c57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6886
x-amzn-requestid: d721caf6-2252-4ede-9533-3d3fcd6cce0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpsw-FfRoAMFtOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d5b39-7644a195142f6c420ec7eac6;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 02:45:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RwhNdxS-EBTraqzS_TnCNXj3JXgz5NkO8oLyQaHOhHdtnvBbg4vsRQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 02:45:13 GMT
etag: "f8866d4f3185bcf7871581d75339998b34d6cf6d"
content-type: image/jpeg
age: 61324
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe8e3477-9245-4318-82d9-b30607246872.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe8e3477-9245-4318-82d9-b30607246872.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 89e5fc40e9e626a035abde2964ba0959
e800712e4f8d9589670d8ee3a744ac0aedf7b6e3
64a41309871b71682370e2b2f3735ac70039802fff4e1e46013f5aa1f15b4084
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe8e3477-9245-4318-82d9-b30607246872.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6901
x-amzn-requestid: 5dd4545b-c48a-4fa2-8aa5-c7d0a5efeafe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsByFqCoAMF4CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc071-6b96e54876cde366748564d6;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sOtbi4sBuEPzvS_l6X_w5S5BeHb1DROkFmpNDTlvo57kUVeYN6ra3A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:54:53 GMT
age: 78745
etag: "e800712e4f8d9589670d8ee3a744ac0aedf7b6e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2