firefox.settings.services.mozilla.com/v1/
54.230.111.7200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.7:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 13 Oct 2022 10:49:33 GMT
Expires: Thu, 13 Oct 2022 11:23:15 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: OZBLnmGJt04YQeiQGI2-PcgDn_aychEzEUmVdsGkiFZ33EUbKYBKdQ==
Age: 663
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0602913f3d432ffbfaa654440972ee1
e5aaf31749e65875fd840091f9a3bba641de413d
5495ad212166703dcd1d17d7aa6ff4d1c40e73dfad703d24f00f60f35bc7d56c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5495AD212166703DCD1D17D7AA6FF4D1C40E73DFAD703D24F00F60F35BC7D56C"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4685
Expires: Thu, 13 Oct 2022 12:18:41 GMT
Date: Thu, 13 Oct 2022 11:00:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c5afb6d2acaf66af4c3fd458a0b70e17
ae58844d8753fe1b62240067b7c0efba86a858d0
42b37d16055f0f3ec52cbb45b4af4900baac4352e87c662811cdb377eb2d3c3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "42B37D16055F0F3EC52CBB45B4AF4900BAAC4352E87C662811CDB377EB2D3C3E"
Last-Modified: Wed, 12 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10367
Expires: Thu, 13 Oct 2022 13:53:23 GMT
Date: Thu, 13 Oct 2022 11:00:36 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: MwhgbWGYuVeH48Now1d57CTa4mCQPRki/63VURZR6nbJR5LtCzgB5sBldw9lOuxfy2MSNTols54=
x-amz-request-id: 01BKXRWR4G5CNAV5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 13 Oct 2022 10:01:41 GMT
age: 3535
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 13 Oct 2022 11:00:36 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.7200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.7:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 13 Oct 2022 10:07:43 GMT
Expires: Thu, 13 Oct 2022 10:23:22 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: opjQkGzjswEaOWUsZqSiz0Xp0nfrcLlaoBNBtory9UMowS60dl0kFA==
Age: 3173
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3583e23195fad53de085f55b7ae476b8
1e1ee824f8b5706b0a32b269af82769bb44f5d0f
0c3d6dbcec45e2d28fe0b43d2ae2eaf8cbb05d435b981edc1da311ce356fe30d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4826
Cache-Control: max-age=167199
Content-Type: application/ocsp-response
Date: Thu, 13 Oct 2022 11:00:37 GMT
Etag: "6347c71a-1d7"
Expires: Sat, 15 Oct 2022 09:27:16 GMT
Last-Modified: Thu, 13 Oct 2022 08:06:50 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.89.255.30101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.255.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WWxkvPA53plpx9NKbChTjg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pix1QXhkEUKz5CGapcOxTywYY8Q=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11549
Expires: Thu, 13 Oct 2022 14:13:07 GMT
Date: Thu, 13 Oct 2022 11:00:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11549
Expires: Thu, 13 Oct 2022 14:13:07 GMT
Date: Thu, 13 Oct 2022 11:00:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11549
Expires: Thu, 13 Oct 2022 14:13:07 GMT
Date: Thu, 13 Oct 2022 11:00:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11549
Expires: Thu, 13 Oct 2022 14:13:07 GMT
Date: Thu, 13 Oct 2022 11:00:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F601dddd7-f022-4702-bac3-f92bfef5f042.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F601dddd7-f022-4702-bac3-f92bfef5f042.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0048874f97f0965b4591d89576136f07
e32bb263c8bda87ed9d0c4068b290156cc973ba9
32f6d4932f5db94915be93c0bce2a514b0ed35425a6b2175104435e7982f12d7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F601dddd7-f022-4702-bac3-f92bfef5f042.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7863
x-amzn-requestid: 6b196b90-eb43-4ff4-b161-30039a85e9ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zn3M0GRLIAMFgYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633fd251-639503584434e15e6fd94fd0;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 07:16:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uMYH8wplMjolFfGFI2h6Pe8z-eJzM1T6LZLUR9jjx2ryaLGVAsE_Pg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 10:48:55 GMT
age: 703
etag: "e32bb263c8bda87ed9d0c4068b290156cc973ba9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a6de788-8d97-4f94-bc1e-5e186ab0f084.webp
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a6de788-8d97-4f94-bc1e-5e186ab0f084.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5935f664339bfd6b3a680e0293a85206
6939666e52ea22d84546b37908a05205a7e86114
6afabffe02d71e1cdad6868d9c372627c6248511d4320f6dd1ad984e2212d162
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a6de788-8d97-4f94-bc1e-5e186ab0f084.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10735
x-amzn-requestid: 5c584c89-219f-49a8-8a3a-ce572550d7a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3BPMEqmIAMFf1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6345e261-557d611664d69d6a678a40da;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nMtQeCV6lx8Y_JbrATc2akklt26o-CXjXwx-aNtmhuBhlNGlkfvVQw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 22:17:23 GMT
age: 45795
etag: "6939666e52ea22d84546b37908a05205a7e86114"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F361e133b-0ee8-42b7-a7c7-5ab614129c60.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F361e133b-0ee8-42b7-a7c7-5ab614129c60.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a4c15725695f4839bda11b91e489ef21
52ddb865aad8ff9c35e1b6bffbc0f6d204f372f0
631337ea4e7521ddaabfb2b518c0912b8b9632ecd87ff50a6ccac50d2bacd77e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F361e133b-0ee8-42b7-a7c7-5ab614129c60.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12416
x-amzn-requestid: 3be8f219-76c2-4dfb-8075-443b8e24ba58
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZxMaDEPKoAMFdKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63438dd9-2bf219f64cf1404271f8e801;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 03:13:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CZePt4Co0GjCRiri6MlRflxJTY_9I1yfZRAQLv2VhXHW8DZHV2de2w==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 03:42:03 GMT
age: 26315
etag: "52ddb865aad8ff9c35e1b6bffbc0f6d204f372f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdf7d45d-9354-4489-bb43-b1c8f02d5b59.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdf7d45d-9354-4489-bb43-b1c8f02d5b59.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8fde601296565045f45192474e46e565
e91193965b1efd8d19ca03c96693061125cec801
4375d71b0e4a472b375499151308d17b87f6fba8b79bea2ef680ce9848fc234f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdf7d45d-9354-4489-bb43-b1c8f02d5b59.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9277
x-amzn-requestid: edf33f17-3a1e-4e36-ad6a-d26d749e1a72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zn2WcE8rIAMF9mA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633fd0f5-09efbbc75e96d48039992aa0;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 07:10:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: amuk8sWYoFxEFjqOeiGQ61DUBf-1482U4uBWymveJ8FKGlj6ZF0Hiw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 21:52:27 GMT
age: 47291
etag: "e91193965b1efd8d19ca03c96693061125cec801"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f4ddcd0-37eb-41bb-b930-ef4cec44401e.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f4ddcd0-37eb-41bb-b930-ef4cec44401e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5a9abfaf8360f2b6527800ad1944f44
66ae1ad987d78fc76dd7cdc4f30a8e903ff47d49
02d4d5b7ffb815544ee8cc67b38d885173214918f4522dcfe452b9f1ef252843
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f4ddcd0-37eb-41bb-b930-ef4cec44401e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7434
x-amzn-requestid: d2ca5388-80cd-4082-a01c-54d701494d20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z6TqfERSIAMF8-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347330f-340bae193e3547840bd0d45d;Sampled=0
x-amzn-remapped-date: Wed, 12 Oct 2022 21:35:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 02jwYGldxH-OiwHR5fFT9V5PrbU2xMx8dPMeGRA3byKZZ7wPAuMVLg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 21:52:17 GMT
etag: "66ae1ad987d78fc76dd7cdc4f30a8e903ff47d49"
content-type: image/jpeg
age: 47301
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fc8e71c-ad38-40c0-aa1c-62d0543b412e.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fc8e71c-ad38-40c0-aa1c-62d0543b412e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7c910df57ddbb4c965a2368ecd0b7c0
3c43ed5bf8ebd3e103a6b8f4736ccb414353937e
bfe79d8edb1e729797ca5a044b425a50e17402a8e02f7aa46d196c4717940995
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fc8e71c-ad38-40c0-aa1c-62d0543b412e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3621
x-amzn-requestid: 331206f5-c205-42f7-b4ec-33cda2fb63b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZxutmHYYoAMFW9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6343c4bd-40c2f12833e077be52ca770c;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 07:07:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: m0UA1qs-Ea9UjOtLqAwh7WEhU3OJAwvBKEuyn7iUUweXAHdFDYpjMQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 07:40:57 GMT
age: 11981
etag: "3c43ed5bf8ebd3e103a6b8f4736ccb414353937e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
67.217.34.34301 Moved Permanently 0 B URL HTTP/1.1 corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
IP 67.217.34.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /docs_5zp/buy-sell%20agreement_2623_04242020.zip HTTP/1.1
Host: corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 13 Oct 2022 11:00:36 GMT
Server: Apache
X-Powered-By: PHP/7.4.27
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
67.217.34.34404 Not Found 64 kB URL HTTP/1.1 www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
IP 67.217.34.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (25531), with CRLF, LF line terminators
Hash 7977dbb2862e5d6230fb129f9d917743
504eadab33fef34db7854b2989f614312ba9e038
f78c9d27a80502caa9596e88bb686c7dc647ecbecb44805ccb73b31a3549aa8a
Analyzer Verdict Alert fortinet Malware
GET /docs_5zp/buy-sell%20agreement_2623_04242020.zip HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Date: Thu, 13 Oct 2022 11:00:38 GMT
Server: Apache
X-Powered-By: PHP/7.4.27
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.corazondelcielo.mx/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.corazondelcielo.mx/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.9.0
67.217.34.34200 OK 4.9 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.9.0
IP 67.217.34.34:0
File type ASCII text, with very long lines (4933), with no line terminators
Hash e372df47bd19e1563b557d7bdb817188
4efdf4050a78bdbd88aa255955b7423105895dd0
4b7693154069c53a16468d09d89c9eba5da6c0dfc69cf4d7eb675e32ba663361
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.9.0 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:41 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:40:19 GMT
Accept-Ranges: bytes
Content-Length: 4933
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.corazondelcielo.mx/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
67.217.34.34200 OK 2.7 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
IP 67.217.34.34:0
Hash e6fae855021a88a0067fcc58121c594f
6299ac3987b5e81725781799dad361d19ac3b99d
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:41 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:37:01 GMT
Accept-Ranges: bytes
Content-Length: 2731
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.corazondelcielo.mx/wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.8
67.217.34.34200 OK 22 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.8
IP 67.217.34.34:0
Hash f9045ce83e2afad7776ae7558e053144
0669a21caf97aeea41d9ae79985d94bd118f15f7
e0f987f16687328f1504bff870acba9b30333eff550220a7307f9fe7e73fb5d2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.8 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:41 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:38:00 GMT
Accept-Ranges: bytes
Content-Length: 21850
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.corazondelcielo.mx/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
67.217.34.34200 OK 19 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 67.217.34.34:0
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:41 GMT
Server: Apache
Last-Modified: Tue, 24 May 2022 23:12:06 GMT
Accept-Ranges: bytes
Content-Length: 18617
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.corazondelcielo.mx/wp-content/plugins/essential-grid/public/assets/font/fontello/css/fontello.css?ver=3.0.13
67.217.34.34200 OK 13 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/plugins/essential-grid/public/assets/font/fontello/css/fontello.css?ver=3.0.13
IP 67.217.34.34:0
Hash 4045fbc98e0caae7e213f52330c52c21
253b81dc846081e189174789220a296d96849681
168642741cf6acd34501d09c8cc1c7e6be332ca9222f3223419bd1664b381839
GET /wp-content/plugins/essential-grid/public/assets/font/fontello/css/fontello.css?ver=3.0.13 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:41 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:37:54 GMT
Accept-Ranges: bytes
Content-Length: 12663
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.corazondelcielo.mx/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
67.217.34.34200 OK 89 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 67.217.34.34:0
File type ASCII text, with very long lines (43771)
Hash b7915926fe42d76e9c802353ab01dae4
3a8192a4312f25f53de25b100d62829c0f14d67c
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:41 GMT
Server: Apache
Last-Modified: Tue, 12 Jul 2022 23:10:01 GMT
Accept-Ranges: bytes
Content-Length: 88932
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.corazondelcielo.mx/wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=3.0.13
67.217.34.34200 OK 52 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=3.0.13
IP 67.217.34.34:0
Hash aed9362b5b02b767975f3fd65215cb82
81d29babdc613511b34de7d465b1b9585ec6ff9c
db81b265d743be0b1f5d27262aea8ee0ff2024e36ff966470d308126018af343
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=3.0.13 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:41 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:37:54 GMT
Accept-Ranges: bytes
Content-Length: 51830
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.corazondelcielo.mx/wp-content/themes/mf/includes/fontawesome/font-awesome.css?ver=5.13.0
67.217.34.34200 OK 72 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/themes/mf/includes/fontawesome/font-awesome.css?ver=5.13.0
IP 67.217.34.34:0
Hash 912427f88851e9b178a457345e855025
e05e746016d650ef8403113997d98e8939db759e
b97b243c596958477be40acbaab6503c55ca27ef258a54cd94124183693550dd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/mf/includes/fontawesome/font-awesome.css?ver=5.13.0 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:41 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:36:16 GMT
Accept-Ranges: bytes
Content-Length: 72454
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.corazondelcielo.mx/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.9.0
67.217.34.34200 OK 210 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.9.0
IP 67.217.34.34:0
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Size 210 kB (209831 bytes)
Hash 9ed8fcb16418ff477a6c93fe33f86563
47be642692139a2ce63cf655cba31767cb7e8074
3f7c8f55c3c421a6f14efb39bf07abb73d1d244f194e133a2453913330e38819
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.9.0 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:41 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:40:19 GMT
Accept-Ranges: bytes
Content-Length: 209831
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.corazondelcielo.mx/wp-content/themes/mf/assets/css/woocommerce.css?ver=1.0.0
67.217.34.34200 OK 104 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/themes/mf/assets/css/woocommerce.css?ver=1.0.0
IP 67.217.34.34:0
File type assembler source, ASCII text
Size 104 kB (103607 bytes)
Hash 0e8bd9d7a2852c3f14121ff9ce931f1a
ebf8855a3d1d380d91a83852ab054dd453d70c2b
66d25c4eca11ca2bfd9e000f8fd9f49a08edca4ea2aa4162cc0a98bedc985537
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/mf/assets/css/woocommerce.css?ver=1.0.0 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:41 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:36:05 GMT
Accept-Ranges: bytes
Content-Length: 103607
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.corazondelcielo.mx/wp-content/themes/mf/assets/css/menu.css?ver=1.0.0
67.217.34.34200 OK 76 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/themes/mf/assets/css/menu.css?ver=1.0.0
IP 67.217.34.34:0
File type ASCII text, with very long lines (25862)
Hash b36c38425581d090380d5f7fea4780d1
fd9e3cea66eb7f280ae1b3891cda902875f811f3
59484cbdbd27d013ecea8de382e77997f88a30c6ae2b6fd9cd339ccaf804126a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/mf/assets/css/menu.css?ver=1.0.0 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:41 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:36:05 GMT
Accept-Ranges: bytes
Content-Length: 76149
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.corazondelcielo.mx/wp-content/themes/mf/assets/css/color/?ver=1.0.0
67.217.34.34200 OK 2.7 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/themes/mf/assets/css/color/?ver=1.0.0
IP 67.217.34.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7b1f80c3bc12303cc8e5553ccf2a1361
d7ef1d08f7f03ed25ceb5ae147d73e9a5f238252
c6329940c4d0df7ff337d32745dc16548cd2eee595a794d028586fa83b1745af
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/mf/assets/css/color/?ver=1.0.0 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:41 GMT
Server: Apache
Content-Length: 2709
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html;charset=ISO-8859-1
www.corazondelcielo.mx/wp-content/themes/mf/assets/css/animate.css?ver=1.0.0
67.217.34.34200 OK 61 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/themes/mf/assets/css/animate.css?ver=1.0.0
IP 67.217.34.34:0
File type ASCII text, with very long lines (60504)
Hash cad315de9c5ae78552c7b6e664a017a4
a870d6ae64e9dccc9274884affa592b4c6402bd7
dc2a0c33ad221b33c1b68b449a984d43f9897c44c1453c3e40b3beff838a3d7c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/mf/assets/css/animate.css?ver=1.0.0 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:41 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:36:05 GMT
Accept-Ranges: bytes
Content-Length: 60665
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.corazondelcielo.mx/wp-content/uploads/masterslider/custom.css?ver=1.2
67.217.34.34200 OK 266 B URL HTTP/1.1 www.corazondelcielo.mx/wp-content/uploads/masterslider/custom.css?ver=1.2
IP 67.217.34.34:0
Hash 48a9f5734939f50e785f554f2ceb6cb8
5d42633b640833ebf15fd09f6b15b2d74536aa94
1b4e2c3b84fe75916b109ac323d0eb39e3881a892f7b7a21970a0cb9e694b3d7
GET /wp-content/uploads/masterslider/custom.css?ver=1.2 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:41 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:41:14 GMT
Accept-Ranges: bytes
Content-Length: 266
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.corazondelcielo.mx/wp-content/themes/mf/assets/css/helper-elements.css?ver=1.0.0
67.217.34.34200 OK 50 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/themes/mf/assets/css/helper-elements.css?ver=1.0.0
IP 67.217.34.34:0
File type ASCII text, with very long lines (50026)
Hash 7b1d3a88acb5db90b296ac50fc34a629
d20893d66270191bc2bfebd031e4f3745de92158
f4e2dde913ab84e0d56565210ae4ead3960d6cf30c153448db7496c9b959434f
GET /wp-content/themes/mf/assets/css/helper-elements.css?ver=1.0.0 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:41 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:36:05 GMT
Accept-Ranges: bytes
Content-Length: 50027
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.corazondelcielo.mx/wp-content/themes/mf/assets/bootstrap/css/bootstrap.min.css?ver=1.0.0
67.217.34.34200 OK 155 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/themes/mf/assets/bootstrap/css/bootstrap.min.css?ver=1.0.0
IP 67.217.34.34:0
File type Unicode text, UTF-8 text, with very long lines (65300)
Size 155 kB (154875 bytes)
Hash bb84936d7c7700b31719a49340a42bd8
51c552a6ad57d57bd134949c3d5312881f51a893
0d4f6240127cf5d1cfda2caeb0283efb4c9c879e43031f102fa3fc09853ae1b2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/mf/assets/bootstrap/css/bootstrap.min.css?ver=1.0.0 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:41 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:35:58 GMT
Accept-Ranges: bytes
Content-Length: 154875
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.corazondelcielo.mx/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=3.19.11
67.217.34.34200 OK 28 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=3.19.11
IP 67.217.34.34:0
File type ASCII text, with very long lines (27639), with no line terminators
Hash 36ea4805809e6b690c2f5126a0808297
4531470deab3efd0b8499f29a323a1b45f0efced
4354449ab7a164ef5486d12020f3bc403b8ff104a8da73e9f9332106b86b061c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=3.19.11 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:41 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:40:52 GMT
Accept-Ranges: bytes
Content-Length: 27639
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.corazondelcielo.mx/wp-content/themes/mf/assets/css/style.css?ver=1.0
67.217.34.34200 OK 254 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/themes/mf/assets/css/style.css?ver=1.0
IP 67.217.34.34:0
Size 254 kB (253502 bytes)
Hash db877fbc2e00a11ede0fbd2c7943f433
b6773d7a074cbe862628043986c5ac6a12388b4c
d3d6ed295e6a02f6318893cdea0cfb711428c4528fefa7e17ca022154742047c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/mf/assets/css/style.css?ver=1.0 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:41 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:36:05 GMT
Accept-Ranges: bytes
Content-Length: 253502
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.corazondelcielo.mx/wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.5.9
67.217.34.34200 OK 79 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.5.9
IP 67.217.34.34:0
Hash 9292e77c27d94ca7b540ddbba7473cc1
c9b68016a9235cbc4de7c3992e76b9b831c82e6e
57fb3238956987c9ff0a46b741fcc46477996cd8a3f487980d4989fcf5afaf9d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.5.9 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:41 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:38:29 GMT
Accept-Ranges: bytes
Content-Length: 79168
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.corazondelcielo.mx/wp-content/plugins/the-grid/frontend/assets/css/the-grid.min.css?ver=2.7.9.1
67.217.34.34200 OK 44 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/plugins/the-grid/frontend/assets/css/the-grid.min.css?ver=2.7.9.1
IP 67.217.34.34:0
File type ASCII text, with very long lines (43866), with no line terminators
Hash fe648fbf9e1fc4b723691f1ae693d7cf
779511d5276151effc37773eb8cd8aec3bd87106
9dab9e4666c7c0eadfdccf980e551cbe52ea71918ad2760feabd34f4dac3c003
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/the-grid/frontend/assets/css/the-grid.min.css?ver=2.7.9.1 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:41 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:39:06 GMT
Accept-Ranges: bytes
Content-Length: 43866
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.corazondelcielo.mx/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
67.217.34.34200 OK 90 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 67.217.34.34:0
File type ASCII text, with very long lines (65447)
Hash 02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:41 GMT
Server: Apache
Last-Modified: Tue, 20 Jul 2021 23:09:39 GMT
Accept-Ranges: bytes
Content-Length: 89521
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.corazondelcielo.mx/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
67.217.34.34200 OK 11 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 67.217.34.34:0
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Last-Modified: Wed, 18 Nov 2020 09:06:06 GMT
Accept-Ranges: bytes
Content-Length: 11224
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.corazondelcielo.mx/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.8
67.217.34.34200 OK 123 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.8
IP 67.217.34.34:0
File type ASCII text, with very long lines (65315)
Size 123 kB (122981 bytes)
Hash c1d1665e9a9976e59c098b5cdc5e0869
a1c3fb5d0304bead8e0fb746c464d8d814c948bb
f67eb60570b3cafc392cb473d3f7f2dc3ea0f0299f34d6efbdb2506433745516
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.8 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:38:00 GMT
Accept-Ranges: bytes
Content-Length: 122981
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.corazondelcielo.mx/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.8
67.217.34.34200 OK 22 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.8
IP 67.217.34.34:0
File type Unicode text, UTF-8 text, with very long lines (21440)
Hash db19740a613d114cd7f9153f0389301f
2486aa2e357426dbbe38e6f54ee71f0c920c04b4
ef138d7fbd35f65650c0cc7812600026e6ddd9daf470e3e3d7699ccdce1b1642
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.8 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:38:00 GMT
Accept-Ranges: bytes
Content-Length: 21779
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.corazondelcielo.mx/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1
67.217.34.34200 OK 9.5 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1
IP 67.217.34.34:0
File type ASCII text, with very long lines (9139)
Hash 87c54edf7dad7dfdfde015f6eee45ff1
96ec1a06ea3093c47e1e2fc4444ada7f4456135d
ef22199864042b8ceeee3729f3254c140df7217364045737ca3aadf8434fb3da
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:39:43 GMT
Accept-Ranges: bytes
Content-Length: 9533
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.corazondelcielo.mx/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1
67.217.34.34200 OK 3.0 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1
IP 67.217.34.34:0
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 8bc2109ef48cabf7a26b73d7c3536c5f
0e0dfee3a3975eafc3dd55f190d1deb3c6c55d3b
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:39:43 GMT
Accept-Ranges: bytes
Content-Length: 3037
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.corazondelcielo.mx/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.7.0
67.217.34.34200 OK 992 B URL HTTP/1.1 www.corazondelcielo.mx/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.7.0
IP 67.217.34.34:0
Hash 787fe4f547a6cb7f4ce4934641085910
c2dee88d5bdfef214ce9c56f71a1df51cda0f328
654aaebdea944313257827be97eb196a8218a2cdfc9ba399db23e2cd4c02bd79
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.7.0 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:37:38 GMT
Accept-Ranges: bytes
Content-Length: 992
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.corazondelcielo.mx/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.8
67.217.34.34200 OK 123 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.8
IP 67.217.34.34:0
File type ASCII text, with very long lines (65322)
Size 123 kB (123164 bytes)
Hash e4a0b70d3537492f9b8989a042ad99a3
48e76dd50081b2edb27d106f10a1e5cf4430b6d7
e0adb7430cf5745bf1d05eec5a8f8fc6985e6561b3437fcb43f84f55219c02b7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.8 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:38:00 GMT
Accept-Ranges: bytes
Content-Length: 123164
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.corazondelcielo.mx/?wordfence_syncAttackData=1665658841.0818
67.217.34.34301 Moved Permanently 282 B URL HTTP/1.1 www.corazondelcielo.mx/?wordfence_syncAttackData=1665658841.0818
IP 67.217.34.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ff9e8ce5eae5570e907c1732562cd841
979f8dc74bc942accc39130d93661009bdcaf10b
6b9a0ea5c93890f2fd0b0139544184d0d650c4adf99df2420e7dcb1fc06f4819
GET /?wordfence_syncAttackData=1665658841.0818 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 301 Moved Permanently
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Location: http://mezcalcorazondelcielo.com/?wordfence_syncAttackData=1665658841.0818
Content-Length: 282
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.corazondelcielo.mx/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.11
67.217.34.34200 OK 58 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.11
IP 67.217.34.34:0
File type Unicode text, UTF-8 text, with very long lines (12602)
Hash 5ddc26ce92ec803097461a35c8aa32e6
2f90cf3e0e8d5d41ed0c1573d434750e85b08078
c682502bdd9d75ab27160338a8acdbc9d1fe1587ab08e5d8bc04d785c3e65745
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.11 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:38:54 GMT
Accept-Ranges: bytes
Content-Length: 57751
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.corazondelcielo.mx/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
67.217.34.34200 OK 6.5 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 67.217.34.34:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 61449413a42d2daaa79dbe7298b40e21
d86c474164c603084397bdc50fb0e469d28b5772
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Last-Modified: Tue, 24 May 2022 23:11:48 GMT
Accept-Ranges: bytes
Content-Length: 6475
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.corazondelcielo.mx/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
67.217.34.34200 OK 19 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 67.217.34.34:0
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 57459b58fd7665a5e20b2345463df9c9
71c3b177ad1412d5e0b56d99f18bc345148df88b
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Last-Modified: Tue, 24 May 2022 23:11:48 GMT
Accept-Ranges: bytes
Content-Length: 19142
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.corazondelcielo.mx/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
67.217.34.34200 OK 9.7 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
IP 67.217.34.34:0
File type HTML document, ASCII text, with very long lines (9720), with no line terminators
Hash cfb428c02811f0cbe515d5f3dca61de6
e95f8696fbe29a706e66ccf582b36d9bd650ab9f
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:37:01 GMT
Accept-Ranges: bytes
Content-Length: 9720
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.corazondelcielo.mx/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.11
67.217.34.34200 OK 124 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.11
IP 67.217.34.34:0
File type ASCII text, with very long lines (42889)
Size 124 kB (124134 bytes)
Hash e4bc260935352e71791596e3c8b0c205
336eff1507c4d4f88bbc8f9630f405e827357cde
a5f70e90e97e6ac1952a1a116dba485b468fa98dca2977853768a946227c7bc0
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.11 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:38:59 GMT
Accept-Ranges: bytes
Content-Length: 124134
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.corazondelcielo.mx/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1
67.217.34.34200 OK 1.8 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1
IP 67.217.34.34:0
File type ASCII text, with very long lines (1668)
Hash d0a6d8547c66b0d7b0172466558d1208
ff93916519c7b9483251f609e4d29f38c30a66e3
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:39:43 GMT
Accept-Ranges: bytes
Content-Length: 1834
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.corazondelcielo.mx/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.3.1
67.217.34.34200 OK 2.1 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.3.1
IP 67.217.34.34:0
File type ASCII text, with very long lines (2139), with no line terminators
Hash b72c1cbb1530a011a27bd9800f26765a
27b825c5d8255f33b8427a059d4545ebd65e1746
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.3.1 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:39:43 GMT
Accept-Ranges: bytes
Content-Length: 2139
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.corazondelcielo.mx/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1
67.217.34.34200 OK 2.9 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1
IP 67.217.34.34:0
File type ASCII text, with very long lines (2938), with no line terminators
Hash 0fd625c3991a4015814cffdc88e2fc82
d7c2f53e058210ff3ea773297641008bab71a5f3
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:39:43 GMT
Accept-Ranges: bytes
Content-Length: 2938
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.corazondelcielo.mx/wp-content/themes/mf/assets/js/controller.js?ver=20130118
67.217.34.34200 OK 18 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/themes/mf/assets/js/controller.js?ver=20130118
IP 67.217.34.34:0
File type ASCII text, with very long lines (1433)
Hash e69898c1ed4ed251223efdd05166ad62
063a25deb04b3196a61702ec146e379a56f11b6f
b31396eee197d0b5cb6ace1d8b6260c6b256977bee13ab527e8ca321eefabcec
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/mf/assets/js/controller.js?ver=20130118 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:36:12 GMT
Accept-Ranges: bytes
Content-Length: 18518
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.corazondelcielo.mx/wp-content/themes/mf/assets/js/plugins.js?ver=20130118
67.217.34.34200 OK 67 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/themes/mf/assets/js/plugins.js?ver=20130118
IP 67.217.34.34:0
File type ASCII text, with very long lines (32018)
Hash 97b7e80b0018925faba6257541e33e66
6c6f1b0dd2cfb2854e1445fee36e552f2e1e1cfe
82f28c64f14ebb7f1a9bef233f2beead9724683517c68fafe9cfa4e7e9884c9d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/mf/assets/js/plugins.js?ver=20130118 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:36:12 GMT
Accept-Ranges: bytes
Content-Length: 66842
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.corazondelcielo.mx/wp-content/themes/mf/assets/js/mf-app.js?ver=20130118
67.217.34.34200 OK 734 B URL HTTP/1.1 www.corazondelcielo.mx/wp-content/themes/mf/assets/js/mf-app.js?ver=20130118
IP 67.217.34.34:0
Hash ff5c25ad711c1bc8b6adc62fdaad2fd9
7f95fa0d336979cc37aa36a079a3589f67167f46
71bfe318d918a38d2aabd6b48089eb1fc0bb2c5235e78002a121b5ced4740362
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/mf/assets/js/mf-app.js?ver=20130118 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:36:12 GMT
Accept-Ranges: bytes
Content-Length: 734
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
www.corazondelcielo.mx/wp-content/themes/mf/assets/js/jquery.main.js?ver=20120206
67.217.34.34200 OK 126 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/themes/mf/assets/js/jquery.main.js?ver=20120206
IP 67.217.34.34:0
File type HTML document, ASCII text, with very long lines (32011), with CRLF, CR line terminators
Size 126 kB (126066 bytes)
Hash 8cd611527f62665314ef2cc84764dd70
c7919a6ea0aa01d777a78500a9ee230846689ef3
a6f7b431c69501dda052212ecb6f045c130dabfa115264ed0704aad99a397ac4
GET /wp-content/themes/mf/assets/js/jquery.main.js?ver=20120206 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:36:12 GMT
Accept-Ranges: bytes
Content-Length: 126066
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.corazondelcielo.mx/wp-content/themes/mf/assets/bootstrap/js/bootstrap.min.js?ver=20130117
67.217.34.34200 OK 62 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/themes/mf/assets/bootstrap/js/bootstrap.min.js?ver=20130117
IP 67.217.34.34:0
File type ASCII text, with very long lines (61608)
Hash fc0ae1e61d12d522d67e845f4bdebdf4
961ba292ac8c68c7383956c7cbcd929caf64bd24
1bbdb19132cece5103c0a2919e09320edc6687ab3879fc3bb1d28f0f0fa5d45f
GET /wp-content/themes/mf/assets/bootstrap/js/bootstrap.min.js?ver=20130117 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:36:03 GMT
Accept-Ranges: bytes
Content-Length: 61893
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.corazondelcielo.mx/wp-content/plugins/mpc-massive/assets/js/mpc-vendor.min.js?ver=2.4.8
67.217.34.34200 OK 82 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/plugins/mpc-massive/assets/js/mpc-vendor.min.js?ver=2.4.8
IP 67.217.34.34:0
File type ASCII text, with very long lines (32043), with CRLF line terminators
Hash 4570739d9c410266d2d4b40b26a9dea7
c8118db4f9377a578bb5c41ee96bd7888293ebdf
42773f355dfe93f680c2a510ba1bfa9359882e46e3c88ef30dfc836f428b01d7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/mpc-massive/assets/js/mpc-vendor.min.js?ver=2.4.8 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:38:21 GMT
Accept-Ranges: bytes
Content-Length: 81995
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.corazondelcielo.mx/wp-content/plugins/mpc-massive/assets/js/mpc-scripts.min.js?ver=2.4.8
67.217.34.34200 OK 98 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/plugins/mpc-massive/assets/js/mpc-scripts.min.js?ver=2.4.8
IP 67.217.34.34:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 5764a41f10f591f40ecbd26aebbfaaf3
85c6e3ed59ac8bc598d217d82e99de02abe4966b
26287ac44197623c9fb85ca8969c83f563c342ca31e736ef9911f7b87c1cf6ad
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/mpc-massive/assets/js/mpc-scripts.min.js?ver=2.4.8 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:38:21 GMT
Accept-Ranges: bytes
Content-Length: 98014
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
www.corazondelcielo.mx/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1
67.217.34.34200 OK 17 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1
IP 67.217.34.34:0
File type ASCII text, with very long lines (15439)
Hash aa5fef7b171510a2a430328d4a0f3b03
cf6377f9bd83d9ce5f18c3de8ac7e57c047168d4
5f030eda75a32de3b4f63e28a38e83642b8a723c84ae73bf3726b85cd411bfee
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Last-Modified: Tue, 24 May 2022 23:12:03 GMT
Accept-Ranges: bytes
Content-Length: 17331
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.corazondelcielo.mx/wp-content/plugins/the-grid/frontend/assets/js/the-grid.min.js?ver=2.7.9.1
67.217.34.34200 OK 97 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/plugins/the-grid/frontend/assets/js/the-grid.min.js?ver=2.7.9.1
IP 67.217.34.34:0
File type Unicode text, UTF-8 text, with very long lines (65388), with CRLF line terminators
Hash 60333cfe565ac35688748c000e517a72
b2f49a89a8c456a35b9e343bca20e76135580545
1de524e119c43b24eb4d3129b853b49e4f346281949b5c0681921daf07a07d99
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/the-grid/frontend/assets/js/the-grid.min.js?ver=2.7.9.1 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:39:06 GMT
Accept-Ranges: bytes
Content-Length: 97400
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.corazondelcielo.mx/wp-content/themes/mf/includes/fontawesome/fa-solid-900.woff2
67.217.34.34200 OK 79 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/themes/mf/includes/fontawesome/fa-solid-900.woff2
IP 67.217.34.34:0
File type Web Open Font Format (Version 2), TrueType, length 79444, version 331.524\012- data
Hash b15db15f746f29ffa02638cb455b8ec0
75a88815c47a249eadb5f0edc1675957f860cca7
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/mf/includes/fontawesome/fa-solid-900.woff2 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/wp-content/themes/mf/includes/fontawesome/font-awesome.css?ver=5.13.0
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:36:16 GMT
Accept-Ranges: bytes
Content-Length: 79444
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: font/woff2
www.corazondelcielo.mx/wp-content/themes/mf/assets/img/close.png
67.217.34.34200 OK 197 B URL HTTP/1.1 www.corazondelcielo.mx/wp-content/themes/mf/assets/img/close.png
IP 67.217.34.34:0
File type PNG image data, 15 x 15, 4-bit colormap, non-interlaced\012- data
Hash 4f2cf9e5e91afc29e7cc0baa9a104532
e58aa4ec816b2a9df81c34d58a8a10d27f930865
fb4a9238f72b8278135f80ab474b184da4b6abf9a4070d114bc99d23fc7f3639
GET /wp-content/themes/mf/assets/img/close.png HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/wp-content/themes/mf/assets/css/menu.css?ver=1.0.0
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:36:12 GMT
Accept-Ranges: bytes
Content-Length: 197
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
www.corazondelcielo.mx/wp-content/themes/mf/assets/img/mf-dark.png
67.217.34.34200 OK 998 B URL HTTP/1.1 www.corazondelcielo.mx/wp-content/themes/mf/assets/img/mf-dark.png
IP 67.217.34.34:0
File type PNG image data, 200 x 46, 8-bit colormap, non-interlaced\012- data
Hash 647d71e56ef43c0a46aff000990e4060
a0b0014fa87159071238b10989513b020acfe141
bcbc796c33acba2b8b3ab821777f75ffd23613533d83c1d3d558bd5c21d48ad1
GET /wp-content/themes/mf/assets/img/mf-dark.png HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:36:12 GMT
Accept-Ranges: bytes
Content-Length: 998
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
www.corazondelcielo.mx/wp-content/themes/mf/assets/img/default-image.jpg
67.217.34.34200 OK 96 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/themes/mf/assets/img/default-image.jpg
IP 67.217.34.34:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2250x483, components 3\012- data
Hash ca358016e92c19c1a58a837f01b96b8e
b07c6a82b847ae9885e5fb6a57556a72d9f374a2
01b00596b41633379c54a75392a7ff946db37561651661d4f34f3f0f2a069f4d
GET /wp-content/themes/mf/assets/img/default-image.jpg HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:36:12 GMT
Accept-Ranges: bytes
Content-Length: 95552
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/jpeg
www.corazondelcielo.mx/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.11
67.217.34.34200 OK 383 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.11
IP 67.217.34.34:0
File type ASCII text, with very long lines (64288)
Size 383 kB (382936 bytes)
Hash 71ce48ddf4cac7d8bce4c0f574c4b9ed
f9ef3531d6e74249531971735f6d7ec8a30c7fcd
81ff08960b407fde4ee478cf9e8804ca6daf5491d65932f255e24babed80d14b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.11 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:38:59 GMT
Accept-Ranges: bytes
Content-Length: 382936
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.corazondelcielo.mx/?wc-ajax=get_refreshed_fragments
67.217.34.34301 Moved Permanently 273 B URL HTTP/1.1 www.corazondelcielo.mx/?wc-ajax=get_refreshed_fragments
IP 67.217.34.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 408bc233f3926112a34616191d47f4dc
36f502d4ce86bb8c8a78e19130cc777178164c04
6e7f8ebd3d04e0be1f44633cbb79036b68af3ecefb73aa00819d974b7412dc4d
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: http://www.corazondelcielo.mx
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 301 Moved Permanently
Date: Thu, 13 Oct 2022 11:00:43 GMT
Server: Apache
Location: http://mezcalcorazondelcielo.com/?wc-ajax=get_refreshed_fragments
Content-Length: 273
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.corazondelcielo.mx/wp-content/plugins/the-grid/frontend/assets/fonts/the_grid.ttf
67.217.34.34200 OK 34 kB URL HTTP/1.1 www.corazondelcielo.mx/wp-content/plugins/the-grid/frontend/assets/fonts/the_grid.ttf
IP 67.217.34.34:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, the_grid \012- data
Hash ebd94e7766ab1038ebc2885064da3471
f23e91fc975dc8377365f5b653300db3c52eff85
a90132d0c3ec0a1cd36bf50e490740d1562bd1c836573116c5dca932b25c9a52
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/the-grid/frontend/assets/fonts/the_grid.ttf HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/wp-content/plugins/the-grid/frontend/assets/css/the-grid.min.css?ver=2.7.9.1
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:43 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:39:06 GMT
Accept-Ranges: bytes
Content-Length: 33556
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: font/ttf
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52bea519-c09f-4e75-bd61-39e42d07313a.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52bea519-c09f-4e75-bd61-39e42d07313a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f9ed9e6cb4b9a3e0a23d2d0bbb2e8097
58e3e5e00a84e054efcb4c845ba677d0424160c9
bb3e57e303782369ff08ae3a3d5fe7810ed5d3bf076c547581525fce3ea1b9e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52bea519-c09f-4e75-bd61-39e42d07313a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4903
x-amzn-requestid: 92ac3c98-2a85-4006-9fac-15e352319ebc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zt6REGJ0oAMFQog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63423da0-2dd5b46763a69e6d60d531d5;Sampled=0
x-amzn-remapped-date: Sun, 09 Oct 2022 03:18:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iVbTMRds9O3AkqrS6PBXbqrqP3nTQNN_xsDKfgUlvs0pOfCIxatSIw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 21:52:21 GMT
age: 47304
etag: "58e3e5e00a84e054efcb4c845ba677d0424160c9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.corazondelcielo.mx/wp-content/plugins/mpc-massive/assets/css/mpc-styles.css?ver=2.4.8
67.217.34.34200 OK 0 B URL HTTP/1.1 www.corazondelcielo.mx/wp-content/plugins/mpc-massive/assets/css/mpc-styles.css?ver=2.4.8
IP 67.217.34.34:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/mpc-massive/assets/css/mpc-styles.css?ver=2.4.8 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:41 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:38:13 GMT
Accept-Ranges: bytes
Content-Length: 254094
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
s.w.org/favicon.ico
192.0.77.48200 OK 0 B IP 192.0.77.48:0
GET /favicon.ico HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 13 Oct 2022 11:00:43 GMT
content-type: image/x-icon
vary: Accept-Encoding
last-modified: Fri, 12 Jan 2018 02:54:13 GMT
x-frame-options: SAMEORIGIN
content-encoding: gzip
x-nc: HIT arn 1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.corazondelcielo.mx/wp-content/themes/mf/assets/js/jquery-ui.js?ver=20130118
67.217.34.34200 OK 0 B URL HTTP/1.1 www.corazondelcielo.mx/wp-content/themes/mf/assets/js/jquery-ui.js?ver=20130118
IP 67.217.34.34:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/mf/assets/js/jquery-ui.js?ver=20130118 HTTP/1.1
Host: www.corazondelcielo.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corazondelcielo.mx/docs_5zp/buy-sell%20agreement_2623_04242020.zip
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 11:00:42 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2022 17:36:12 GMT
Accept-Ranges: bytes
Content-Length: 520714
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript