firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 19:15:19 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: E3onhjtaGp6cB0RR-CjQIcFV5zfJZU9_WWdw5kwmAOlitvB4RgWkSQ==
Age: 2981
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9225
Expires: Mon, 26 Sep 2022 22:38:45 GMT
Date: Mon, 26 Sep 2022 20:05:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1017811d25642601e984edc1676d118d
c177c4f7a897584bf91347fa4990c83d6bfd0321
f35bb3a8c877dd8d3c5920f3c917722f12b157aff398e2ec30fab51fa6caa2ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F35BB3A8C877DD8D3C5920F3C917722F12B157AFF398E2EC30FAB51FA6CAA2EF"
Last-Modified: Mon, 26 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2969
Expires: Mon, 26 Sep 2022 20:54:30 GMT
Date: Mon, 26 Sep 2022 20:05:01 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: feOdiinp1smO199W3C8KLsPbpt4pMsJuaI2Qa55Z24IohoJh7rg1KSpdI0iJJXJJhngqKYsmEro=
x-amz-request-id: DPBBY83W2F9RRATY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 26 Sep 2022 19:55:08 GMT
age: 593
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 20:05:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 26 Sep 2022 19:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Mon, 26 Sep 2022 19:26:17 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2lzU3j-jEbg8C-bn-mmzPskwIO8wZ9UOf1PEDtjPNrtSdYobL4Zt-w==
Age: 3255
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6106
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 20:05:01 GMT
Last-Modified: Mon, 26 Sep 2022 18:23:15 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
free-4paid.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2106
185.216.143.12200 OK 453 B URL HTTP/1.1 free-4paid.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2106
IP 185.216.143.12:0
File type ASCII text, with very long lines (1156), with no line terminators
Hash 4dbf19c742b11a08b3f4dda16e917972
6aef20bb31200ea339ca58d90fbf6faba66138a3
763131a65a3ba49213adab37accec8861edd0b79bbbc50162b714ca23aa4a814
GET /wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2106 HTTP/1.1
Host: free-4paid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-4paid.com/stellar-data-recovery-professional-crack-with-activation-key-updated/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 03 Oct 2022 20:05:01 GMT
content-type: text/css
last-modified: Wed, 23 Jun 2021 18:06:31 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 453
date: Mon, 26 Sep 2022 20:05:01 GMT
server: LiteSpeed
free-4paid.com/wp-content/themes/blogshare/responsive.css?ver=20220520
185.216.143.12200 OK 1.8 kB URL HTTP/1.1 free-4paid.com/wp-content/themes/blogshare/responsive.css?ver=20220520
IP 185.216.143.12:0
File type ASCII text, with very long lines (453)
Hash 0026e460aba7b88ec3ec0cbeca4bf897
dff0ad903312fa104e49fc71168b64e40cf2448d
cb9b8dec3aa7aa8861a05daa7b99c6b13c91d3ac47e4503ea308672aa7b215a4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/blogshare/responsive.css?ver=20220520 HTTP/1.1
Host: free-4paid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-4paid.com/stellar-data-recovery-professional-crack-with-activation-key-updated/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 03 Oct 2022 20:05:01 GMT
content-type: text/css
last-modified: Mon, 11 Jul 2022 06:19:15 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1808
date: Mon, 26 Sep 2022 20:05:01 GMT
server: LiteSpeed
free-4paid.com/wp-content/themes/blogshare/assets/css/font-awesome.css?ver=20220520
185.216.143.12200 OK 13 kB URL HTTP/1.1 free-4paid.com/wp-content/themes/blogshare/assets/css/font-awesome.css?ver=20220520
IP 185.216.143.12:0
Hash 9f2c1d32da059fdb9fab4b3bb399abdc
7b4264216a641b1142390e0460819b690ed3969f
e6ea8b738756f194a6a670acd0d0ff18dddc909bff5c1781a153c183bc5fc119
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/blogshare/assets/css/font-awesome.css?ver=20220520 HTTP/1.1
Host: free-4paid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-4paid.com/stellar-data-recovery-professional-crack-with-activation-key-updated/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 03 Oct 2022 20:05:01 GMT
content-type: text/css
last-modified: Mon, 11 Jul 2022 06:19:13 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 13334
date: Mon, 26 Sep 2022 20:05:01 GMT
server: LiteSpeed
free-4paid.com/wp-content/themes/blogshare/genericons/genericons.css?ver=6.0.2
185.216.143.12200 OK 154 B URL HTTP/1.1 free-4paid.com/wp-content/themes/blogshare/genericons/genericons.css?ver=6.0.2
IP 185.216.143.12:0
Hash c14dd6e84e694a66c7e27f11220ed49a
d226417ef66b21fca901b5dd49ad570d6992a250
7e3559d6ffac7fc54d6edaa79b6e7330fab33fbdffc174a27c58b25e5b3952d2
GET /wp-content/themes/blogshare/genericons/genericons.css?ver=6.0.2 HTTP/1.1
Host: free-4paid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-4paid.com/stellar-data-recovery-professional-crack-with-activation-key-updated/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 03 Oct 2022 20:05:01 GMT
content-type: text/css
last-modified: Mon, 11 Jul 2022 06:19:15 GMT
accept-ranges: bytes
content-length: 154
date: Mon, 26 Sep 2022 20:05:01 GMT
server: LiteSpeed
free-4paid.com/wp-content/themes/blogshare/style.css?ver=20220520
185.216.143.12200 OK 14 kB URL HTTP/1.1 free-4paid.com/wp-content/themes/blogshare/style.css?ver=20220520
IP 185.216.143.12:0
File type ASCII text, with very long lines (328)
Hash 88627442588a46aad577c22b923dccc8
05e5092db0e54d4492f9a596af530b48757e92ce
bac7e2674e1f8d3048b85d3e84fb0f7369fcc1649d29bcd91bd5e596767dbdf8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/blogshare/style.css?ver=20220520 HTTP/1.1
Host: free-4paid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-4paid.com/stellar-data-recovery-professional-crack-with-activation-key-updated/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 03 Oct 2022 20:05:01 GMT
content-type: text/css
last-modified: Mon, 11 Jul 2022 06:19:18 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 14178
date: Mon, 26 Sep 2022 20:05:01 GMT
server: LiteSpeed
free-4paid.com/wp-content/plugins/SlimTranslate/system/assets/plugins/flag-icon/css/flag-icon.min.css?ver=6.0.2
185.216.143.12200 OK 2.8 kB URL HTTP/1.1 free-4paid.com/wp-content/plugins/SlimTranslate/system/assets/plugins/flag-icon/css/flag-icon.min.css?ver=6.0.2
IP 185.216.143.12:0
File type ASCII text, with very long lines (33481), with no line terminators
Hash b114788ff9f39857bf36faa5a8fff7bc
4469c4841ff68732f5ff22452e09ccb5d3d18b54
9224f944454370bab87a3808d3c7eedcdd4fc03ae2e069069aa5dadab89de66c
GET /wp-content/plugins/SlimTranslate/system/assets/plugins/flag-icon/css/flag-icon.min.css?ver=6.0.2 HTTP/1.1
Host: free-4paid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-4paid.com/stellar-data-recovery-professional-crack-with-activation-key-updated/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 03 Oct 2022 20:05:01 GMT
content-type: text/css
last-modified: Sun, 18 Apr 2021 20:55:36 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2776
date: Mon, 26 Sep 2022 20:05:01 GMT
server: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 20:05:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
free-4paid.com/wp-content/plugins/SlimTranslate/system/assets/css/style-frontend.css?ver=6.0.2
185.216.143.12200 OK 1.1 kB URL HTTP/1.1 free-4paid.com/wp-content/plugins/SlimTranslate/system/assets/css/style-frontend.css?ver=6.0.2
IP 185.216.143.12:0
File type ASCII text, with CRLF line terminators
Hash 868d8b146fd739e5fcc369300ef4d192
40b02feef3a18a6f79be1de2f70afab62a79b98f
1c0e3c833d3f131d87a80657e56048002853e3fa4bd13207bf75ad5885d81f44
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/SlimTranslate/system/assets/css/style-frontend.css?ver=6.0.2 HTTP/1.1
Host: free-4paid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-4paid.com/stellar-data-recovery-professional-crack-with-activation-key-updated/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 03 Oct 2022 20:05:01 GMT
content-type: text/css
last-modified: Sun, 18 Apr 2021 20:55:36 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1076
date: Mon, 26 Sep 2022 20:05:01 GMT
server: LiteSpeed
c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
192.0.77.37200 OK 19 kB URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP 192.0.77.37:0
File type ASCII text, with very long lines (11256), with no line terminators
Hash f27bb9a60fbcd2e4fea97f6ac0cb8450
f8512c2e47fc2a12352402d2fb446b006e7e9038
fce6c21345774df9985335546450fe57c6a4bf4a2110e0a402d09b443446b72d
GET /c/6.0.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://free-4paid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 20:05:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Tue, 26 Sep 2023 20:05:01 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 20:05:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
34.223.168.227101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.223.168.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HbQmvO2NkkIF6JB1gaTiRg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5sJCvE2UX9Q7ORf6oM6+fAwfNSM=
free-4paid.com/?slim-translate-css=true&ver=6.0.2
185.216.143.12200 OK 53 B URL HTTP/1.1 free-4paid.com/?slim-translate-css=true&ver=6.0.2
IP 185.216.143.12:0
File type ASCII text, with no line terminators
Hash 4c00b0165e47ed6fcc69d6bfd401bf7e
a198669de5269909a6fff545a70f18ba0ab9f2e5
4c592569e8400a5ad3194ff51aa8843244bcd9f799e350ea18b87c49d62c68c6
GET /?slim-translate-css=true&ver=6.0.2 HTTP/1.1
Host: free-4paid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-4paid.com/stellar-data-recovery-professional-crack-with-activation-key-updated/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/css; charset: UTF-8;charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=604800
expires: Mon, 03 Oct 2022 20:05:02 GMT
content-length: 53
content-encoding: gzip
date: Mon, 26 Sep 2022 20:05:02 GMT
server: LiteSpeed
free-4paid.com/wp-content/themes/blogshare/assets/img/arrow-right.png
185.216.143.12200 OK 396 B URL HTTP/1.1 free-4paid.com/wp-content/themes/blogshare/assets/img/arrow-right.png
IP 185.216.143.12:0
File type PNG image data, 16 x 16, 4-bit colormap, non-interlaced\012- data
Hash ec7b521653bf38e71c71f40f9b7d9cc4
12314633204eaf0edea47346b3fa86046af1a966
17911c30c68a58a54074106330311fd8d38c1db40d656373a00a8dd512090b1c
GET /wp-content/themes/blogshare/assets/img/arrow-right.png HTTP/1.1
Host: free-4paid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-4paid.com/wp-content/themes/blogshare/style.css?ver=20220520
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 03 Oct 2022 20:05:02 GMT
content-type: image/png
last-modified: Mon, 11 Jul 2022 06:19:13 GMT
accept-ranges: bytes
content-length: 396
date: Mon, 26 Sep 2022 20:05:02 GMT
server: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 20:05:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 20:05:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c0.wp.com/c/6.0.2/wp-includes/css/dist/block-library/style.min.css
192.0.77.37200 OK 27 kB URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/css/dist/block-library/style.min.css
IP 192.0.77.37:0
File type ASCII text, with very long lines (43771)
Hash d01886fa7bcdd101dbc437f14c2a471f
9dbf1930fd35a6eabbd24bc1455615a3a5b7b015
a6fd373240242b0c03c291e3fdceb4dca705d9135e8cc6477c14ae5f0eae6363
GET /c/6.0.2/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://free-4paid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 20:05:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
content-encoding: br
expires: Tue, 26 Sep 2023 20:05:01 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://free-4paid.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 433854
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
free-4paid.com/wp-content/themes/blogshare/assets/webfonts/fa-solid-900.woff2
185.216.143.12200 OK 78 kB URL HTTP/1.1 free-4paid.com/wp-content/themes/blogshare/assets/webfonts/fa-solid-900.woff2
IP 185.216.143.12:0
File type Web Open Font Format (Version 2), TrueType, length 78268, version 331.-31196\012- data
Hash d824df7eb2e268626a2dd9a6a741ac4e
0ccb2c814a7e4ca12c4778821633809cb0361eaa
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/blogshare/assets/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: free-4paid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://free-4paid.com/wp-content/themes/blogshare/assets/css/font-awesome.css?ver=20220520
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 03 Oct 2022 20:05:02 GMT
content-type: font/woff2
last-modified: Mon, 11 Jul 2022 06:19:15 GMT
accept-ranges: bytes
content-length: 78268
date: Mon, 26 Sep 2022 20:05:02 GMT
server: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 20:05:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
free-4paid.com/stellar-data-recovery-professional-crack-with-activation-key-updated/
185.216.143.12200 OK 35 kB URL HTTP/1.1 free-4paid.com/stellar-data-recovery-professional-crack-with-activation-key-updated/
IP 185.216.143.12:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11301), with CRLF, LF line terminators
Hash 4b16205c7fded5488a649ade476b08a0
3d98ab3c561e09780392b0ca0c281e22f6c4899c
ab624d395b7b4fdfbe7761ac0f5b519c86808e27d4b0ed8c35726d5864383ed9
Analyzer Verdict Alert fortinet Malware
GET /stellar-data-recovery-professional-crack-with-activation-key-updated/ HTTP/1.1
Host: free-4paid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html; charset=UTF-8
link: <https://free-4paid.com/wp-json/>; rel="https://api.w.org/", <https://free-4paid.com/wp-json/wp/v2/posts/30327>; rel="alternate"; type="application/json", <https://free-4paid.com/?p=30327>; rel=shortlink
vary: Accept-Encoding
transfer-encoding: chunked
content-encoding: gzip
date: Mon, 26 Sep 2022 20:05:01 GMT
server: LiteSpeed
free-4paid.com/wp-content/themes/blogshare/assets/js/superfish.js?ver=6.0.2
185.216.143.12200 OK 2.4 kB URL HTTP/1.1 free-4paid.com/wp-content/themes/blogshare/assets/js/superfish.js?ver=6.0.2
IP 185.216.143.12:0
Hash 15da8fb3046d5e5cde700bc58b3d95c6
bc06fffece9e949d492510d5101d47aa540ca151
c96e6171288b3c1b0f21769de1477fdadf69774347be8d336096f8e852fa7d73
GET /wp-content/themes/blogshare/assets/js/superfish.js?ver=6.0.2 HTTP/1.1
Host: free-4paid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-4paid.com/stellar-data-recovery-professional-crack-with-activation-key-updated/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 03 Oct 2022 20:05:02 GMT
content-type: application/javascript
last-modified: Mon, 11 Jul 2022 06:19:13 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2411
date: Mon, 26 Sep 2022 20:05:02 GMT
server: LiteSpeed
free-4paid.com/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2106
185.216.143.12200 OK 2.3 kB URL HTTP/1.1 free-4paid.com/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2106
IP 185.216.143.12:0
File type ASCII text, with very long lines (6091), with no line terminators
Hash 05649ceeb0ec89442918b1bc26285c40
016f6d1609fe1363fc69f785b57b652eacc13cf3
1b5d39c182aa6909205712a81a34c47ee3701fb9a6ee71e616bced0dfb62a66d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/table-of-contents-plus/front.min.js?ver=2106 HTTP/1.1
Host: free-4paid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-4paid.com/stellar-data-recovery-professional-crack-with-activation-key-updated/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 03 Oct 2022 20:05:02 GMT
content-type: application/javascript
last-modified: Wed, 23 Jun 2021 18:06:31 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2342
date: Mon, 26 Sep 2022 20:05:02 GMT
server: LiteSpeed
free-4paid.com/wp-content/themes/blogshare/assets/js/jquery.tabslet.js?ver=20220401
185.216.143.12200 OK 1.7 kB URL HTTP/1.1 free-4paid.com/wp-content/themes/blogshare/assets/js/jquery.tabslet.js?ver=20220401
IP 185.216.143.12:0
File type HTML document, ASCII text
Hash 17c6f99a5957a9a7ac4e8aa04b965dac
4dd9c76775f86479e42deece5a6254dbb1ead7e9
1a4e44dff5c2270639912b0910c08bd99637c4285a3130acf2a8f88ad9b0faf0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/blogshare/assets/js/jquery.tabslet.js?ver=20220401 HTTP/1.1
Host: free-4paid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-4paid.com/stellar-data-recovery-professional-crack-with-activation-key-updated/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 03 Oct 2022 20:05:02 GMT
content-type: application/javascript
last-modified: Mon, 11 Jul 2022 06:19:13 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1682
date: Mon, 26 Sep 2022 20:05:02 GMT
server: LiteSpeed
free-4paid.com/wp-content/themes/blogshare/assets/js/html5.js?ver=6.0.2
185.216.143.12200 OK 3.1 kB URL HTTP/1.1 free-4paid.com/wp-content/themes/blogshare/assets/js/html5.js?ver=6.0.2
IP 185.216.143.12:0
File type HTML document, ASCII text
Hash e50856e64dd1157e1d7f024eea1b5a58
704b22c44e5aeacc56146bf43efb3537dc4b70ad
a75ab25c682dcbe78cc1eb8e8815f32c637fd39c4ddbfbd117d313c1edec7b80
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/blogshare/assets/js/html5.js?ver=6.0.2 HTTP/1.1
Host: free-4paid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-4paid.com/stellar-data-recovery-professional-crack-with-activation-key-updated/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 03 Oct 2022 20:05:02 GMT
content-type: application/javascript
last-modified: Mon, 11 Jul 2022 06:19:13 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3099
date: Mon, 26 Sep 2022 20:05:02 GMT
server: LiteSpeed
free-4paid.com/wp-content/themes/blogshare/assets/js/theia-sticky-sidebar.js?ver=6.0.2
185.216.143.12200 OK 3.7 kB URL HTTP/1.1 free-4paid.com/wp-content/themes/blogshare/assets/js/theia-sticky-sidebar.js?ver=6.0.2
IP 185.216.143.12:0
File type HTML document, ASCII text
Hash c6474ff8302848a208f40a7ddbc9696f
c533b856d5dce84c30b261a69bbe2a37ac113c83
4a49eebf7a66888eeba13d3582f5570999e17a8056e763d7196e471d76285efe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/blogshare/assets/js/theia-sticky-sidebar.js?ver=6.0.2 HTTP/1.1
Host: free-4paid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-4paid.com/stellar-data-recovery-professional-crack-with-activation-key-updated/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 03 Oct 2022 20:05:03 GMT
content-type: application/javascript
last-modified: Mon, 11 Jul 2022 06:19:13 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3654
date: Mon, 26 Sep 2022 20:05:03 GMT
server: LiteSpeed
free-4paid.com/wp-content/themes/blogshare/assets/js/index.js?ver=20220520
185.216.143.12200 OK 7.0 kB URL HTTP/1.1 free-4paid.com/wp-content/themes/blogshare/assets/js/index.js?ver=20220520
IP 185.216.143.12:0
Hash 1a11a0b1359d2c6de93e1a3a51b6d108
8bc391cd4869a404a793d0622b7c6d06a2a464fd
15864691339eb66ae2cd3fa043ef6d9890981e49b8cf13d11ab11b7e75235c51
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/blogshare/assets/js/index.js?ver=20220520 HTTP/1.1
Host: free-4paid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-4paid.com/stellar-data-recovery-professional-crack-with-activation-key-updated/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 03 Oct 2022 20:05:03 GMT
content-type: application/javascript
last-modified: Mon, 11 Jul 2022 06:19:13 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 7044
date: Mon, 26 Sep 2022 20:05:03 GMT
server: LiteSpeed
free-4paid.com/wp-content/themes/blogshare/assets/js/owl.carousel.js?ver=6.0.2
185.216.143.12200 OK 20 kB URL HTTP/1.1 free-4paid.com/wp-content/themes/blogshare/assets/js/owl.carousel.js?ver=6.0.2
IP 185.216.143.12:0
File type ASCII text, with very long lines (365)
Hash 368bdd14ec79fd723d35f7513e95f57d
e7b18557499ec82c88b6d3a7a67eb9a6dacc9e20
8dc1894bfe3dbe0a4a79a5b8e0f1f4d07604182e71ec39565ebb1692942b7f2c
GET /wp-content/themes/blogshare/assets/js/owl.carousel.js?ver=6.0.2 HTTP/1.1
Host: free-4paid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-4paid.com/stellar-data-recovery-professional-crack-with-activation-key-updated/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 03 Oct 2022 20:05:02 GMT
content-type: application/javascript
last-modified: Mon, 11 Jul 2022 06:19:13 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 20302
date: Mon, 26 Sep 2022 20:05:02 GMT
server: LiteSpeed
free-4paid.com/wp-content/themes/blogshare/assets/js/jquery.custom.js?ver=20220520
185.216.143.12200 OK 775 B URL HTTP/1.1 free-4paid.com/wp-content/themes/blogshare/assets/js/jquery.custom.js?ver=20220520
IP 185.216.143.12:0
Hash 6ea381a80f25ffe2931c6d9478a0bd1e
6b6840e93a3fe4bb9b7f42afe3ff184972b1c0a6
7cd16bd38f51c7e3ece377296c2e77f00f8fa3576959a02cd36ed6a043cbfed5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/blogshare/assets/js/jquery.custom.js?ver=20220520 HTTP/1.1
Host: free-4paid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-4paid.com/stellar-data-recovery-professional-crack-with-activation-key-updated/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 03 Oct 2022 20:05:03 GMT
content-type: application/javascript
last-modified: Mon, 11 Jul 2022 06:19:13 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 775
date: Mon, 26 Sep 2022 20:05:03 GMT
server: LiteSpeed
free-4paid.com/wp-content/plugins/SlimTranslate/system/assets/js/script-frontend.js?ver=2.0.2
185.216.143.12200 OK 249 B URL HTTP/1.1 free-4paid.com/wp-content/plugins/SlimTranslate/system/assets/js/script-frontend.js?ver=2.0.2
IP 185.216.143.12:0
File type ASCII text, with CRLF line terminators
Hash 7bba282f4285df3abbdad1c400cce850
97475a47f8921d45ad8a64237ca3ed6833cb766f
bc22ed46aa88ad595738acb1514a195449f9fd0da17bc275562375896bf52e0e
GET /wp-content/plugins/SlimTranslate/system/assets/js/script-frontend.js?ver=2.0.2 HTTP/1.1
Host: free-4paid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-4paid.com/stellar-data-recovery-professional-crack-with-activation-key-updated/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 03 Oct 2022 20:05:03 GMT
content-type: application/javascript
last-modified: Sun, 18 Apr 2021 20:55:36 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 249
date: Mon, 26 Sep 2022 20:05:03 GMT
server: LiteSpeed
free-4paid.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=83ec8aa758f883d6da14
185.216.143.12200 OK 3.0 kB URL HTTP/1.1 free-4paid.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=83ec8aa758f883d6da14
IP 185.216.143.12:0
File type ASCII text, with very long lines (8983), with no line terminators
Hash 96e626c1095beeace35420bb8813d86d
b674abebe29b156c3625dc5c2b0ca79ce0f822d5
f0662f46ffec26c199e4a39df2b116d9e512086d039665aad85e00ce356a16b7
GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=83ec8aa758f883d6da14 HTTP/1.1
Host: free-4paid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-4paid.com/stellar-data-recovery-professional-crack-with-activation-key-updated/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 03 Oct 2022 20:05:03 GMT
content-type: application/javascript
last-modified: Fri, 23 Sep 2022 05:36:26 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3048
date: Mon, 26 Sep 2022 20:05:03 GMT
server: LiteSpeed
free-4paid.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=54eb31dc971b63b49278
185.216.143.12200 OK 1.0 kB URL HTTP/1.1 free-4paid.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=54eb31dc971b63b49278
IP 185.216.143.12:0
File type ASCII text, with very long lines (2361), with no line terminators
Hash 907004239a007a2e711b000bc5d05984
804836ccada7ae26735bfab93907b41af78cc9a3
01cd88a56665dea8f4e00e1017f485c8dcf008b9f704a69036bb4a755893065b
GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=54eb31dc971b63b49278 HTTP/1.1
Host: free-4paid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-4paid.com/stellar-data-recovery-professional-crack-with-activation-key-updated/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 03 Oct 2022 20:05:03 GMT
content-type: application/javascript
last-modified: Fri, 23 Sep 2022 05:36:26 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1022
date: Mon, 26 Sep 2022 20:05:03 GMT
server: LiteSpeed
free-4paid.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
185.216.143.12200 OK 5.0 kB URL HTTP/1.1 free-4paid.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 185.216.143.12:0
File type ASCII text, with very long lines (15660)
Hash 848f9aadf194f3d024a2a90dbd11e3b5
aecd4b03b5a7829c6ca015d926798dc95e4fa912
36ff79b2f6827e46be1df95ff739e536718c0ee4fc09462678b32d7abd60fc6c
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: free-4paid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-4paid.com/stellar-data-recovery-professional-crack-with-activation-key-updated/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 03 Oct 2022 20:05:03 GMT
content-type: application/javascript
last-modified: Sat, 17 Sep 2022 19:27:22 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 5021
date: Mon, 26 Sep 2022 20:05:03 GMT
server: LiteSpeed
c0.wp.com/p/jetpack/11.3.2/_inc/build/photon/photon.min.js
192.0.77.37200 OK 3.0 kB URL HTTP/2 c0.wp.com/p/jetpack/11.3.2/_inc/build/photon/photon.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (685), with no line terminators
Hash 960afe40113e079d90086cda9479ec6c
10ce01fb3d0c7ca760a7861f30db4305ef3fb717
d01617acbb15712f0392bc76bc7ad221860d021aab9eca0226fe382f850b1117
GET /p/jetpack/11.3.2/_inc/build/photon/photon.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://free-4paid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 20:05:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
content-encoding: br
expires: Tue, 26 Sep 2023 20:05:02 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
free-4paid.com/wp-content/plugins/SlimTranslate/system/assets/plugins/flag-icon/flags/4x3/us.svg
185.216.143.12200 OK 1.0 kB URL HTTP/1.1 free-4paid.com/wp-content/plugins/SlimTranslate/system/assets/plugins/flag-icon/flags/4x3/us.svg
IP 185.216.143.12:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (708)
Hash eb5fe1e2106417f6512688143d5d5093
25dd323a183043f9a44ac701dc673f9862019236
70d031960d466e51ba3104e726c595de2f4497873001e0e6f3dc783a4f34f674
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/SlimTranslate/system/assets/plugins/flag-icon/flags/4x3/us.svg HTTP/1.1
Host: free-4paid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-4paid.com/wp-content/plugins/SlimTranslate/system/assets/plugins/flag-icon/css/flag-icon.min.css?ver=6.0.2
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 03 Oct 2022 20:05:03 GMT
content-type: image/svg+xml
last-modified: Sun, 18 Apr 2021 20:55:36 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1000
date: Mon, 26 Sep 2022 20:05:03 GMT
server: LiteSpeed
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3240
Expires: Mon, 26 Sep 2022 20:59:03 GMT
Date: Mon, 26 Sep 2022 20:05:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3240
Expires: Mon, 26 Sep 2022 20:59:03 GMT
Date: Mon, 26 Sep 2022 20:05:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3240
Expires: Mon, 26 Sep 2022 20:59:03 GMT
Date: Mon, 26 Sep 2022 20:05:03 GMT
Connection: keep-alive
fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
142.250.74.10200 OK 6.6 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
IP 142.250.74.10:0
Hash 38a0632a61d3fe96038a0c9fa0531563
9a7fd35eec44d26f8bb4fda11208029ad03a860b
51299b40458f0b17c6601ffb5429521899045c36d38f2c9212e54ebe3573966c
GET /css2?family=Roboto:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://free-4paid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 20:05:01 GMT
date: Mon, 26 Sep 2022 20:05:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
free.xjs.lol/js/pub.min.js
108.178.23.114200 OK 1.5 kB URL HTTP/1.1 free.xjs.lol/js/pub.min.js
IP 108.178.23.114:0
File type ASCII text, with very long lines (2752)
Hash 31c303586c1b78e33984bd252b8e2644
8083e2aad4cbf8242a4e6fb53657d49552b85f82
d2c713c2734353dc0ef2896d057021e9b04f35bb7c851d920d390941769c66be
Analyzer Verdict Alert fortinet Phishing
GET /js/pub.min.js HTTP/1.1
Host: free.xjs.lol
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-4paid.com/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 20:05:03 GMT
Content-Type: application/javascript
Content-Length: 1482
Last-Modified: Fri, 09 Sep 2022 11:46:08 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "631b2780-5ca"
Content-Encoding: gzip
Expires: Tue, 27 Sep 2022 20:05:03 GMT
Cache-Control: max-age=86400
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d02ede0c964f3346fd53ae2950bf2a62
e49306a3713cb724be024a4ddb5e90645718a718
c0e653d89656016c55aca9b198b9191620f1ae9a3c45742a90744bd74c4f9505
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: 07dc23e0-000f-4f6c-8d2b-0e65d88be270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvvEenoAMFr0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-520803124760abc216152d7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mToVKJcSAtJB1AOuQ-Y9o_EZzyhUuZJivVa3DLql5FwzK4NC82kh5Q==
via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:06:17 GMT
age: 79126
etag: "e49306a3713cb724be024a4ddb5e90645718a718"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2fe8c4f0c70fb6c1f4259eabedc7015e
85e378d0fff856832a8dd01743516b9476fed8c6
508a1c7d350fcf82d1ece0b99f8557b2f300c7c1148f28c3ae9fece20530e4b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5157
x-amzn-requestid: b5748f49-693f-4bc3-a850-cb68e770de24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG9GUHIAMF7pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-5d2aaa212cf1be2506593746;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4h9lb_7egxb2hBbxjcS_cpZ5lDq6Lx-c_WUZyRHdUA0YTwr6kgDuiQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:10:16 GMT
age: 78887
etag: "85e378d0fff856832a8dd01743516b9476fed8c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a90590f26bae9ad9e95ffdfbfb7dd21d
cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3
33fe3394213e01d11c3e005cb5a678ba74511704d4132fc2bd9f7ad4e1b7dbfc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10318
x-amzn-requestid: 6a205445-8a9e-4f25-b144-ba6e6934d383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSlhFNAIAMFmBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330caef-61ecbf9154cd56131b940ac0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qP5-TglQAoTGc78-rIK27mKRTS_WthN0OpiiMqSF-y2rmWxVOyfNVw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:57:14 GMT
age: 79669
etag: "cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: W6ZD1652Yn1xqZG7ehDcirlYoG8Hcsrdj11Fzfgj7zb-OiU8xHj1gw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:37:19 GMT
age: 80864
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 968b9c138702fb5994d1d9eab1a697fa
9660bb2d38079182efbd11d7a687bfc7f9d30751
5ba74820ad451747c8ed25529f06b037bebf4c0616a1f2165c9197c1171db7a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11728
x-amzn-requestid: bf60e58f-c4f4-45c7-923b-0d1539f720f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUCGGw7oAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd40-32043c1b1411544f5d00edc0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:50:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZRG0Axnhc5RY5rDbnnbauco9dpPeFdkP01UxkpNYI5pgSbfGKWcikw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:16:26 GMT
age: 78517
etag: "9660bb2d38079182efbd11d7a687bfc7f9d30751"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
i0.wp.com/free-4paid.com/wp-content/uploads/2020/12/free-4paid-com-logo2.png?fit=32%2C15&ssl=1
192.0.77.2200 OK 490 B URL HTTP/2 i0.wp.com/free-4paid.com/wp-content/uploads/2020/12/free-4paid-com-logo2.png?fit=32%2C15&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash e4d1f4fd0cb39df80a1c97e47c6d53fa
d9ddf9ae48b6d7613d52818eb99b89e154b4fe55
43f3cb12b5bc12f08d50e7a4d417911a508a3e6d0e9c83828c340b0dd6ee0e85
GET /free-4paid.com/wp-content/uploads/2020/12/free-4paid-com-logo2.png?fit=32%2C15&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://free-4paid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 20:05:04 GMT
content-type: image/webp
content-length: 490
last-modified: Fri, 08 Jul 2022 11:05:57 GMT
expires: Sun, 07 Jul 2024 23:05:57 GMT
cache-control: public, max-age=63115200
link: <https://free-4paid.com/wp-content/uploads/2020/12/free-4paid-com-logo2.png>; rel="canonical"
x-content-type-options: nosniff
etag: "8e9bc2b6425291f8"
vary: Accept
x-nc: HIT arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/free-4paid.com/wp-content/uploads/2020/12/free-4paid-com-logo2.png?fit=192%2C90&ssl=1
192.0.77.2200 OK 5.5 kB URL HTTP/2 i0.wp.com/free-4paid.com/wp-content/uploads/2020/12/free-4paid-com-logo2.png?fit=192%2C90&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9ac7d3e83eeeb8381a596c28f1b9157f
1a0b4b625a9b96c03be4b55428948c306e29c39d
94109e395bbc2245ac6b0f53580dfa6ce73f841570521e4d0e29f1b22bc1e1d3
GET /free-4paid.com/wp-content/uploads/2020/12/free-4paid-com-logo2.png?fit=192%2C90&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://free-4paid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 20:05:04 GMT
content-type: image/webp
content-length: 5468
last-modified: Fri, 08 Jul 2022 10:54:01 GMT
expires: Sun, 07 Jul 2024 22:54:01 GMT
cache-control: public, max-age=63115200
link: <https://free-4paid.com/wp-content/uploads/2020/12/free-4paid-com-logo2.png>; rel="canonical"
x-content-type-options: nosniff
etag: "9d7b1c0e1d48dcff"
vary: Accept
x-nc: HIT arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
free-4paid.com/stellar-data-recovery-professional-crack-with-activation-key-updated/wp-includes/js/font.js
185.216.143.12404 Not Found 12 kB URL HTTP/1.1 free-4paid.com/stellar-data-recovery-professional-crack-with-activation-key-updated/wp-includes/js/font.js
IP 185.216.143.12:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 2c7a51ada4cb471cf23256c19094f366
722cf6aca51b061778a5642bd5848ca4828be31a
532b8811def1fde4886f40e282932c11751ba670b4811b38f0241e475dddc6bf
Analyzer Verdict Alert fortinet Malware
GET /stellar-data-recovery-professional-crack-with-activation-key-updated/wp-includes/js/font.js HTTP/1.1
Host: free-4paid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-4paid.com/stellar-data-recovery-professional-crack-with-activation-key-updated/
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://free-4paid.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
transfer-encoding: chunked
content-encoding: gzip
date: Mon, 26 Sep 2022 20:05:04 GMT
server: LiteSpeed
pixel.wp.com/g.gif?v=ext&j=1%3A11.3.2&blog=186441766&post=30327&tz=0&srv=free-4paid.com&host=free-4paid.com&ref=&fcp=1551&rand=0.9195725894447109
192.0.76.3200 OK 50 B URL HTTP/1.1 pixel.wp.com/g.gif?v=ext&j=1%3A11.3.2&blog=186441766&post=30327&tz=0&srv=free-4paid.com&host=free-4paid.com&ref=&fcp=1551&rand=0.9195725894447109
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A11.3.2&blog=186441766&post=30327&tz=0&srv=free-4paid.com&host=free-4paid.com&ref=&fcp=1551&rand=0.9195725894447109 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-4paid.com/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 20:05:04 GMT
Content-Type: image/gif
Content-Length: 50
Connection: keep-alive
Cache-Control: no-cache
Access-Control-Allow-Origin: *
free-4paid.com/stellar-data-recovery-professional-crack-with-activation-key-updated/?relatedposts=1
185.216.143.12200 OK 852 B URL HTTP/1.1 free-4paid.com/stellar-data-recovery-professional-crack-with-activation-key-updated/?relatedposts=1
IP 185.216.143.12:0
File type JSON data\012- , ASCII text, with very long lines (2864), with no line terminators
Hash 2cdbcdf666a337b5e48f8409f7e66468
79602d336ca7c78e61e625727c87cd485beac15d
bdecd01926491142a558eb62b3f62cfbbbf511bd434c4eca470583b466608cef
Analyzer Verdict Alert fortinet Malware
GET /stellar-data-recovery-professional-crack-with-activation-key-updated/?relatedposts=1 HTTP/1.1
Host: free-4paid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
x-requested-with: XMLHttpRequest
Connection: keep-alive
Referer: http://free-4paid.com/stellar-data-recovery-professional-crack-with-activation-key-updated/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 852
content-encoding: gzip
date: Mon, 26 Sep 2022 20:05:05 GMT
server: LiteSpeed
c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery.min.js
IP 192.0.77.37:0
GET /c/6.0.2/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://free-4paid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 20:05:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
content-encoding: br
expires: Tue, 26 Sep 2023 20:05:01 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery-migrate.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery-migrate.min.js
IP 192.0.77.37:0
GET /c/6.0.2/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://free-4paid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 20:05:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Tue, 26 Sep 2023 20:05:01 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.3.2/css/jetpack.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.3.2/css/jetpack.css
IP 192.0.77.37:0
GET /p/jetpack/11.3.2/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://free-4paid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 20:05:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 22 Sep 2022 16:22:40 GMT
content-encoding: br
expires: Tue, 26 Sep 2023 20:05:01 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.3.2/_inc/build/related-posts/related-posts.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.3.2/_inc/build/related-posts/related-posts.min.js
IP 192.0.77.37:0
GET /p/jetpack/11.3.2/_inc/build/related-posts/related-posts.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://free-4paid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 20:05:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
content-encoding: br
expires: Tue, 26 Sep 2023 20:05:01 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.3.2/_inc/build/sharedaddy/sharing.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.3.2/_inc/build/sharedaddy/sharing.min.js
IP 192.0.77.37:0
GET /p/jetpack/11.3.2/_inc/build/sharedaddy/sharing.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://free-4paid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 20:05:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 31 May 2022 10:02:49 GMT
content-encoding: br
expires: Tue, 26 Sep 2023 20:05:02 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.3.2/_inc/build/likes/queuehandler.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.3.2/_inc/build/likes/queuehandler.min.js
IP 192.0.77.37:0
GET /p/jetpack/11.3.2/_inc/build/likes/queuehandler.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://free-4paid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 20:05:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 22 Sep 2022 16:22:40 GMT
content-encoding: br
expires: Tue, 26 Sep 2023 20:05:02 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
stats.wp.com/e-202239.js
192.0.76.3200 OK 0 B IP 192.0.76.3:0
GET /e-202239.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://free-4paid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 20:05:03 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Sun, 17 Sep 2023 22:04:35 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
s0.wp.com/_static/??/wp-content/js/postmessage.js,/wp-content/js/tannin/compat.min.js,/wp-content/js/wpcom-proxy-request.js,/wp-content/js/likes-rest-nojquery.js?m=20220105
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/_static/??/wp-content/js/postmessage.js,/wp-content/js/tannin/compat.min.js,/wp-content/js/wpcom-proxy-request.js,/wp-content/js/likes-rest-nojquery.js?m=20220105
IP 192.0.77.32:0
GET /_static/??/wp-content/js/postmessage.js,/wp-content/js/tannin/compat.min.js,/wp-content/js/wpcom-proxy-request.js,/wp-content/js/likes-rest-nojquery.js?m=20220105 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets.wp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 20:05:03 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 05 Jan 2022 12:39:57 GMT
etag: W/"61d5919d-142fa"
content-encoding: br
expires: Thu, 05 Jan 2023 13:04:48 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
X-Firefox-Spdy: h2
public-api.wordpress.com/wp-admin/rest-proxy/
192.0.78.23200 OK 0 B URL HTTP/2 public-api.wordpress.com/wp-admin/rest-proxy/
IP 192.0.78.23:0
GET /wp-admin/rest-proxy/ HTTP/1.1
Host: public-api.wordpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets.wp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 20:05:03 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
set-cookie: wp_api=%20; expires=Sun, 26-Sep-2021 20:05:03 GMT; Max-Age=0; path=/wp-admin/rest-proxy/; domain=public-api.wordpress.com; secure; SameSite=None
wp_api_sec=%20; expires=Sun, 26-Sep-2021 20:05:03 GMT; Max-Age=0; path=/; domain=public-api.wordpress.com; secure; HttpOnly; SameSite=None
content-encoding: br
x-ac: 2.arn _dca BYPASS
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/wp-mediaelement.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP 192.0.77.37:0
GET /c/6.0.2/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://free-4paid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 20:05:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Tue, 26 Sep 2023 20:05:01 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.3.2/_inc/social-logos/social-logos.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.3.2/_inc/social-logos/social-logos.min.css
IP 192.0.77.37:0
GET /p/jetpack/11.3.2/_inc/social-logos/social-logos.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://free-4paid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 20:05:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 30 Jun 2020 14:24:10 GMT
content-encoding: br
expires: Tue, 26 Sep 2023 20:05:01 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2