igalst.co.il/
5.100.249.241301 Moved Permanently 707 B IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Wed, 25 Jan 2023 10:08:04 GMT
server: LiteSpeed
location: https://igalst.co.il/
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 04512fea22644dc0d22c3f3a665f6645
0e213646abfc6d9560ba562362fd9e9115be8354
124d9534f75506b8e8c7535ee7295ac4e6cf5a8249a0edac6940839e56043181
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "124D9534F75506B8E8C7535EE7295AC4E6CF5A8249A0EDAC6940839E56043181"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18508
Expires: Wed, 25 Jan 2023 15:16:33 GMT
Date: Wed, 25 Jan 2023 10:08:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5944
Expires: Wed, 25 Jan 2023 11:47:09 GMT
Date: Wed, 25 Jan 2023 10:08:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 25 Jan 2023 09:35:11 GMT
content-type: application/json
age: 1974
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6cd4f1da1215c7473500807c185f2449
b14db0c67cf1f5faf85648ed8f94baf2dd03808b
9750518efd869da5ff74ba65a196445bd4340c909157cc1a420f62c1d07224a0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9750518EFD869DA5FF74BA65A196445BD4340C909157CC1A420F62C1D07224A0"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8510
Expires: Wed, 25 Jan 2023 12:29:55 GMT
Date: Wed, 25 Jan 2023 10:08:05 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ELSrd1bSiufGvd8yx/9NIiYDJn1d7uBWT2R3QDifTuwxuQBJ7VQ47a0m4I5B+N1QgTFUYqsVd28=
x-amz-request-id: QQZ6FYZTE4SZXZSA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 25 Jan 2023 09:48:31 GMT
age: 1174
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 10:08:05 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.comodoca.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash d37d1ec8b4f6ddd76680774b76337f0c
3618c45e5c44429148ca20505ed02af66783b1bd
13ed48b70cc064025ceab657a243b089794dd76838cf4a6a171e49478fc694ba
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 10:08:05 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 19:09:33 GMT
Expires: Tue, 31 Jan 2023 19:09:32 GMT
Etag: "3618c45e5c44429148ca20505ed02af66783b1bd"
Cache-Control: max-age=550286,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78f034a19a6ab50c-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 25 Jan 2023 09:48:59 GMT
age: 1146
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c398b6b39d11d25b8ae9bc5cd94a1c98
640aa8c399ced71d0c2a9f5a90fbaf091b01d642
a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12148
Expires: Wed, 25 Jan 2023 13:30:33 GMT
Date: Wed, 25 Jan 2023 10:08:05 GMT
Connection: keep-alive
code.jquery.com/jquery-3.2.1.min.js
69.16.175.42200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-3.2.1.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (32058)
Hash 148f8d3ffd9cc02048c5f4d1cc83c407
9f2b89cfd151be6a29b4d43ad64d164fb8471046
4dc681da48ba2b417e613e8e027ff5322963c3a3697a8ba97973cfefb48def5e
GET /jquery-3.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://igalst.co.il
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 10:08:05 GMT
content-encoding: gzip
content-length: 30125
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15283"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CJWbxJ4GEocBCiRkY2E0ZjI5ZS1mNzI1LTQzMmQtODhkYy0yZDZhNGM1YWU5NzQQ+OiCoKvU+wIaBgiF/8OeBiIMOTEuOTAuNDIuMTU0KLmGAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkMDQ1Zjk3NDItZGZlMi00YjQxLWE5NDItNWQ5NmEyYTc1YTU0GK3rASIYCAISFGNkczIyMi5zazEuaHdjZG4ubmV0.K+ei1yJGZkQmxr58ef9qcsi/uR9hYKA3IpWFIQJkCGk=
x-hw: 1674641285.dop228.sk1.t,1674641285.cds256.sk1.hn,1674641285.cds222.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 1005c9e99dc8d4390861d6730c7a403b
0e3858ae26a1c01e0160e3b60e400bea202ebd05
4ff7ceb81a3dad4fefd3a15ece4ce13898624c01bf5a0cb4fdd90958978ed6b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 10:08:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash cc2b9a26cf016c0cf9e73531f6004051
408990c14ea8af4c979a277da755c89771672356
36e955bd017c3febc7623ad388bb260757294ca612b94ae5417de6cc04073a82
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 10:08:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
igalst.co.il/wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=5.7.2
5.100.249.241200 OK 152 B URL HTTP/2 igalst.co.il/wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=5.7.2
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
Hash 3ae045c00f92fc31d3585fe7f975412d
bb57516578144aad75ed4b9a06cbd4df41b6f519
076956289c202e94f3657469ef81a4d47dc69d2441d088de292918d6b07d30c9
GET /wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=5.7.2 HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: text/css
last-modified: Thu, 29 Dec 2022 03:09:14 GMT
accept-ranges: bytes
content-length: 152
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6Le9baMUAAAAAKx7N1C4ME6zdQRD9O9zXtj36Y6a&ver=3.0
216.58.211.4400 Bad Request 119 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Le9baMUAAAAAKx7N1C4ME6zdQRD9O9zXtj36Y6a&ver=3.0
IP 216.58.211.4:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 96612d2b1b529ecfcf09798c3eb100bf
4f32d5d3ccf4d44ae71309dfa8d6f9d396614a27
7c58bfa17d0c600b7455e6bfb3d8371fbf93da20a7a53ed1efad37d692f1cba0
GET /recaptcha/api.js?render=6Le9baMUAAAAAKx7N1C4ME6zdQRD9O9zXtj36Y6a&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Wed, 25 Jan 2023 10:08:06 GMT
expires: Wed, 25 Jan 2023 10:08:06 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 119
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A400italic%2C600italic%2C700italic%2C400%2C300%2C600%2C700&ver=6.1.1
142.250.74.74200 OK 1.4 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A400italic%2C600italic%2C700italic%2C400%2C300%2C600%2C700&ver=6.1.1
IP 142.250.74.74:0
Hash 39293a226131f5a9c65263525f558f5d
80a98fc0d77e9619590ba7efb98077fe67528103
d1eed3979447466a5451f5c1c173f872206deace179ad13a2224550f8f5e1d46
GET /css?family=Open+Sans%3A400italic%2C600italic%2C700italic%2C400%2C300%2C600%2C700&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 25 Jan 2023 10:08:05 GMT
date: Wed, 25 Jan 2023 10:08:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
igalst.co.il/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2
5.100.249.241200 OK 1.4 kB URL HTTP/2 igalst.co.il/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
Hash ef9c21af5ff4b3df263e5485cf9a3295
6978ea6f29211fde092794529d2c8bab3ea0c687
5ff37e4937e9aeebe79a12bfea71122134fa84caaf1092a8c5cceab4a56d7443
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2 HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: text/css
last-modified: Thu, 29 Dec 2022 03:09:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
igalst.co.il/wp-content/uploads/2017/08/4%D7%9C%D7%95%D7%92%D7%95.png
5.100.249.241301 Moved Permanently 707 B URL HTTP/1.1 igalst.co.il/wp-content/uploads/2017/08/4%D7%9C%D7%95%D7%92%D7%95.png
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/uploads/2017/08/4%D7%9C%D7%95%D7%92%D7%95.png HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
location: https://igalst.co.il/wp-content/uploads/2017/08/4לוגו.png
igalst.co.il/wp-content/uploads/2017/07/IMG_2668.jpg
5.100.249.241301 Moved Permanently 707 B URL HTTP/1.1 igalst.co.il/wp-content/uploads/2017/07/IMG_2668.jpg
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/uploads/2017/07/IMG_2668.jpg HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
location: https://igalst.co.il/wp-content/uploads/2017/07/IMG_2668.jpg
igalst.co.il/wp-content/uploads/2017/08/IMG_2678-1.jpg
5.100.249.241301 Moved Permanently 707 B URL HTTP/1.1 igalst.co.il/wp-content/uploads/2017/08/IMG_2678-1.jpg
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/uploads/2017/08/IMG_2678-1.jpg HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
location: https://igalst.co.il/wp-content/uploads/2017/08/IMG_2678-1.jpg
igalst.co.il/wp-content/uploads/2017/07/IMG_2867.jpg
5.100.249.241301 Moved Permanently 707 B URL HTTP/1.1 igalst.co.il/wp-content/uploads/2017/07/IMG_2867.jpg
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/uploads/2017/07/IMG_2867.jpg HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
location: https://igalst.co.il/wp-content/uploads/2017/07/IMG_2867.jpg
igalst.co.il/wp-content/uploads/2017/08/IMG_2581.jpg
5.100.249.241301 Moved Permanently 707 B URL HTTP/1.1 igalst.co.il/wp-content/uploads/2017/08/IMG_2581.jpg
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/uploads/2017/08/IMG_2581.jpg HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
location: https://igalst.co.il/wp-content/uploads/2017/08/IMG_2581.jpg
igalst.co.il/wp-content/uploads/2018/12/IMG_7295.jpg
5.100.249.241301 Moved Permanently 707 B URL HTTP/1.1 igalst.co.il/wp-content/uploads/2018/12/IMG_7295.jpg
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/uploads/2018/12/IMG_7295.jpg HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
location: https://igalst.co.il/wp-content/uploads/2018/12/IMG_7295.jpg
push.services.mozilla.com/
44.227.109.32101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.227.109.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9D5gpVM4Cy86rZLe/0x52A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fjL+No9EKf9ZNP9bSPOCC4mSbaA=
igalst.co.il/wp-content/uploads/2017/07/IMG_2527-1-363x272.jpg
5.100.249.241200 OK 21 kB URL HTTP/2 igalst.co.il/wp-content/uploads/2017/07/IMG_2527-1-363x272.jpg
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 82", baseline, precision 8, 363x272, components 3\012- data
Hash 35e01f9a7e95a99758f44d3cc7949ccc
2ce9641b45356f4afc9c530cea1fb3720fff6354
a7b9576aaa6b10d213ef36a4c01643d8022f4acf47ea8b777e0d9c20df8ba401
GET /wp-content/uploads/2017/07/IMG_2527-1-363x272.jpg HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: image/jpeg
last-modified: Thu, 10 Aug 2017 17:00:27 GMT
accept-ranges: bytes
content-length: 20570
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
igalst.co.il/wp-content/uploads/2019/01/%D7%97%D7%95%D7%9C%D7%99%D7%99%D7%98%D7%94-%D7%9C%D7%99%D7%9B%D7%98%D7%9E%D7%9F-1.jpg
5.100.249.241301 Moved Permanently 707 B URL HTTP/1.1 igalst.co.il/wp-content/uploads/2019/01/%D7%97%D7%95%D7%9C%D7%99%D7%99%D7%98%D7%94-%D7%9C%D7%99%D7%9B%D7%98%D7%9E%D7%9F-1.jpg
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/uploads/2019/01/%D7%97%D7%95%D7%9C%D7%99%D7%99%D7%98%D7%94-%D7%9C%D7%99%D7%9B%D7%98%D7%9E%D7%9F-1.jpg HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
location: https://igalst.co.il/wp-content/uploads/2019/01/חולייטה-ליכטמן-1.jpg
igalst.co.il/wp-content/uploads/2017/08/IMG_2913.jpg
5.100.249.241301 Moved Permanently 707 B URL HTTP/1.1 igalst.co.il/wp-content/uploads/2017/08/IMG_2913.jpg
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/uploads/2017/08/IMG_2913.jpg HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
location: https://igalst.co.il/wp-content/uploads/2017/08/IMG_2913.jpg
igalst.co.il/wp-content/uploads/2017/07/%D7%9E%D7%91%D7%98_%D7%9E%D7%A4%D7%99%D7%A0%D7%AA_%D7%94%D7%A8%D7%97%D7%95%D7%91%D7%95%D7%AA_%D7%99%D7%95%D7%A1%D7%A4%D7%96%D7%95%D7%9F_%D7%95%D7%9B%D7%A8%D7%9E%D7%9C-3-363x272.jpg
5.100.249.241200 OK 22 kB URL HTTP/2 igalst.co.il/wp-content/uploads/2017/07/%D7%9E%D7%91%D7%98_%D7%9E%D7%A4%D7%99%D7%A0%D7%AA_%D7%94%D7%A8%D7%97%D7%95%D7%91%D7%95%D7%AA_%D7%99%D7%95%D7%A1%D7%A4%D7%96%D7%95%D7%9F_%D7%95%D7%9B%D7%A8%D7%9E%D7%9C-3-363x272.jpg
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 82", baseline, precision 8, 363x272, components 3\012- data
Hash 8e08c00745c71d974478a5950718da77
80d29e1d8fac397bb55c79678ab3c67688ad3f26
bef8466c10e329a50b40180d67975e64a696b780af095b5410ba744aa49a6f25
GET /wp-content/uploads/2017/07/%D7%9E%D7%91%D7%98_%D7%9E%D7%A4%D7%99%D7%A0%D7%AA_%D7%94%D7%A8%D7%97%D7%95%D7%91%D7%95%D7%AA_%D7%99%D7%95%D7%A1%D7%A4%D7%96%D7%95%D7%9F_%D7%95%D7%9B%D7%A8%D7%9E%D7%9C-3-363x272.jpg HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: image/jpeg
last-modified: Thu, 10 Aug 2017 17:30:47 GMT
accept-ranges: bytes
content-length: 21616
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
igalst.co.il/wp-content/uploads/2017/07/IMG_3208-363x272.jpg
5.100.249.241200 OK 36 kB URL HTTP/2 igalst.co.il/wp-content/uploads/2017/07/IMG_3208-363x272.jpg
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 82", baseline, precision 8, 363x272, components 3\012- data
Hash 02592d6acb399c91ac4ac191482d498b
f37b78c6cced5a58c7d3d05f196f7ec630951bf4
4b4c4214e56e295785f8c5a454b508cd8126d2a1684f081f056f9bd004a8800e
GET /wp-content/uploads/2017/07/IMG_3208-363x272.jpg HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: image/jpeg
last-modified: Thu, 10 Aug 2017 17:06:00 GMT
accept-ranges: bytes
content-length: 36506
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
igalst.co.il/wp-content/uploads/2017/07/IMG_2187-1-363x272.jpg
5.100.249.241200 OK 24 kB URL HTTP/2 igalst.co.il/wp-content/uploads/2017/07/IMG_2187-1-363x272.jpg
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 82", baseline, precision 8, 363x272, components 3\012- data
Hash 1515ea7d33c3f5d405bf3e4bc5837685
8f10061a76d9220e7a483cb5824c27a60f73372e
d1f5dd64117aeba442fa41ef6e7e20c3c441fae176eedd951bc2da48b61f9354
GET /wp-content/uploads/2017/07/IMG_2187-1-363x272.jpg HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: image/jpeg
last-modified: Thu, 10 Aug 2017 16:50:36 GMT
accept-ranges: bytes
content-length: 24062
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
igalst.co.il/wp-content/uploads/2017/07/IMG_2468-363x272.jpg
5.100.249.241200 OK 20 kB URL HTTP/2 igalst.co.il/wp-content/uploads/2017/07/IMG_2468-363x272.jpg
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 82", baseline, precision 8, 363x272, components 3\012- data
Hash ec874438e7f4a04b791f82d9d51f54b5
b4e0ed16974fd0bc831782a1783364511e22b48d
595d564c394a10b44f1e47ca9e285689f1ecf22e07eabf8e2f32694b665514f4
GET /wp-content/uploads/2017/07/IMG_2468-363x272.jpg HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: image/jpeg
last-modified: Thu, 10 Aug 2017 16:57:31 GMT
accept-ranges: bytes
content-length: 19592
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
igalst.co.il/wp-content/plugins/wp-accessibility-helper/assets/images/accessibility-48.jpg
5.100.249.241200 OK 1.6 kB URL HTTP/2 igalst.co.il/wp-content/plugins/wp-accessibility-helper/assets/images/accessibility-48.jpg
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Hash d05abf390d4b570b525b3c800fdad3ee
218a5227ebdc0a75488782f54c85c0b21dfa74c9
cbfbe8067fa989262a4cc96558f10686f87c40da2d1cd6f96b01770ac3d7d424
GET /wp-content/plugins/wp-accessibility-helper/assets/images/accessibility-48.jpg HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: image/jpeg
last-modified: Tue, 26 Jul 2022 01:57:47 GMT
accept-ranges: bytes
content-length: 1581
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
igalst.co.il/wp-content/uploads/2017/08/4%D7%9C%D7%95%D7%92%D7%95.png
5.100.249.241200 OK 30 kB URL HTTP/2 igalst.co.il/wp-content/uploads/2017/08/4%D7%9C%D7%95%D7%92%D7%95.png
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
File type PNG image data, 2453 x 1594, 8-bit/color RGBA, non-interlaced\012- data
Hash b9c18afc345f182044fcc93a73c6e8a3
3d980702a19b931b11796f5bbe859a1272ee8020
bcb0615d8db1e533537d7f1dd9c660025676674613dd3d5fe342e7b83ec93f1b
GET /wp-content/uploads/2017/08/4%D7%9C%D7%95%D7%92%D7%95.png HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: image/png
last-modified: Thu, 10 Aug 2017 17:33:17 GMT
accept-ranges: bytes
content-length: 29642
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 47d71bf163265666c21e2410fb568043
54a4b0f241af261f878967ce058f5885be476cc4
8b7ce4c8269941cf55ca12415b1abfd7d4ae7bf5823657f3afe5e8dd34bed80b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 10:08:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
igalst.co.il/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
5.100.249.241200 OK 3.0 kB URL HTTP/2 igalst.co.il/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
File type ASCII text, with very long lines (6475), with no line terminators
Hash c5e790422181325c1c0166d24a64376e
b2d7d8420659476395cc05b80b0a80f84866c2bd
00991347847aaeb935ba3d1cc62d78f4ed3e6e9ecb5dfbc4f3e677c474c9dca8
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
igalst.co.il/wp-content/uploads/2018/12/IMG_7295.jpg
5.100.249.241200 OK 86 kB URL HTTP/2 igalst.co.il/wp-content/uploads/2018/12/IMG_7295.jpg
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [\012- TIFF image data, big-endian, direntries=3, orientation=upper-left], baseline, precision 8, 640x480, components 3\012- data
Hash 155d2d689c11e4c860723a539f29d0e5
fe7eeede3334e7377fe755617e65ae3e2e9105ff
ac36922cbb1970c51d3c2c67fb78772eca6252dd4aa417358ed97cf5f331c548
GET /wp-content/uploads/2018/12/IMG_7295.jpg HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: image/jpeg
last-modified: Mon, 17 Dec 2018 08:59:05 GMT
accept-ranges: bytes
content-length: 86155
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
igalst.co.il/wp-content/uploads/2017/07/IMG_3140-1349x670.jpg
5.100.249.241200 OK 186 kB URL HTTP/2 igalst.co.il/wp-content/uploads/2017/07/IMG_3140-1349x670.jpg
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 82", baseline, precision 8, 1349x670, components 3\012- data
Size 186 kB (185539 bytes)
Hash 5d01d4e7cae3c014c00fa80cebfbcfa6
64bc4ef86e065af654317433c150167987676b11
3006731269863638bde717e280db4c392cb364c044ca546e35b15c9b7f490054
GET /wp-content/uploads/2017/07/IMG_3140-1349x670.jpg HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: image/jpeg
last-modified: Thu, 10 Aug 2017 17:03:11 GMT
accept-ranges: bytes
content-length: 185539
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
igalst.co.il/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2
5.100.249.241200 OK 160 kB URL HTTP/2 igalst.co.il/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
File type ASCII text, with very long lines (10565), with no line terminators
Size 160 kB (160121 bytes)
Hash cd99a11cc0daf79cb95ea26572847d39
310bcc327a29a6271b930c10a4e24e20f08bf145
4d52c42a01627ee811d403c261117acc35be04483406733533bd4169e48bdb98
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2 HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: application/javascript
last-modified: Thu, 29 Dec 2022 03:09:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.youtube.com/s/player/4248d311/www-player.css
142.250.74.46200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/4248d311/www-player.css
IP 142.250.74.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8a6331ed48be29c59230b0c7360068de
22a20436f427d6b8e26eb30ed9aab51a43d389bf
72f0818ab04697fc29d331b2add584f3cd5e269446c7297300701a4666c9d95e
GET /s/player/4248d311/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/52yMRzDm_P4?ecver=2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49911
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 16:03:19 GMT
expires: Fri, 19 Jan 2024 16:03:19 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/css
age: 497087
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js
142.250.74.46200 OK 109 kB URL HTTP/2 www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (679)
Size 109 kB (109432 bytes)
Hash 711fcfe6f1ab52d89ab3474d437c1e48
b2f3e69e9d40b193de5e76ae13c6ad9ce0a8e537
361236d1317543e128074c35d22d65a2ba70f6ce9906b07a543e6b3c96239019
GET /s/player/4248d311/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/52yMRzDm_P4?ecver=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 109432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 16:03:20 GMT
expires: Fri, 19 Jan 2024 16:03:20 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/javascript
age: 497086
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
igalst.co.il/wp-content/themes/one-paze/css/faw/fonts/fontawesome-webfont.woff2?v=4.7.0
5.100.249.241200 OK 77 kB URL HTTP/2 igalst.co.il/wp-content/themes/one-paze/css/faw/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/one-paze/css/faw/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://igalst.co.il/wp-content/themes/one-paze/css/faw/css/font-awesome.css?ver=6.1.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: font/woff2
last-modified: Sat, 03 Aug 2019 00:35:36 GMT
accept-ranges: bytes
content-length: 77160
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js
142.250.74.46200 OK 611 kB URL HTTP/2 www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (517)
Size 611 kB (611243 bytes)
Hash 4bafbf546e35e79d802b8e836cf03e3b
cff2ccd4542a73b82c18cdac6b3e4af01198566e
da6660452c1ebd120eb25d4c1a742e2fe20cf5ccfbd3523acb5e1d5693170d70
GET /s/player/4248d311/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/52yMRzDm_P4?ecver=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 611243
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 13:03:55 GMT
expires: Fri, 19 Jan 2024 13:03:55 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/javascript
age: 507851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
igalst.co.il/wp-content/plugins/wp-accessibility-helper/assets/js/wp-accessibility-helper.min.js?ver=1.0.0
5.100.249.241200 OK 143 kB URL HTTP/2 igalst.co.il/wp-content/plugins/wp-accessibility-helper/assets/js/wp-accessibility-helper.min.js?ver=1.0.0
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
File type ASCII text, with very long lines (8848), with no line terminators
Size 143 kB (142868 bytes)
Hash e7bf25587a5004aa833970ea3a102213
61d310e3c851e1593a2c96504da5454c1eb61b72
27ee49baf3738010a94bb72e56eae842f8f7867839f1bab5f1f55aee4b15e5a3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-accessibility-helper/assets/js/wp-accessibility-helper.min.js?ver=1.0.0 HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: application/javascript
last-modified: Tue, 26 Jul 2022 01:57:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 10:08:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 10:08:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 16:40:43 GMT
expires: Fri, 19 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 494843
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 21:48:03 GMT
expires: Fri, 19 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 476403
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 10:08:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
igalst.co.il/wp-content/uploads/2019/01/%D7%97%D7%95%D7%9C%D7%99%D7%99%D7%98%D7%94-%D7%9C%D7%99%D7%9B%D7%98%D7%9E%D7%9F-1.jpg
5.100.249.241200 OK 972 kB URL HTTP/2 igalst.co.il/wp-content/uploads/2019/01/%D7%97%D7%95%D7%9C%D7%99%D7%99%D7%98%D7%94-%D7%9C%D7%99%D7%9B%D7%98%D7%9E%D7%9F-1.jpg
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2019:01:24 12:19:23], progressive, precision 8, 640x480, components 4\012- data
Size 972 kB (972339 bytes)
Hash 4d090c48b476b5bc5ccba28e6ecf158d
1c9786f6b6b6e37118523e10c85a6def1155457d
f7addae749867e3723611587d5d90afa2cf1338347f84d1926c73c684feea9bf
GET /wp-content/uploads/2019/01/%D7%97%D7%95%D7%9C%D7%99%D7%99%D7%98%D7%94-%D7%9C%D7%99%D7%9B%D7%98%D7%9E%D7%9F-1.jpg HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: image/jpeg
last-modified: Thu, 24 Jan 2019 10:19:36 GMT
accept-ranges: bytes
content-length: 972339
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
igalst.co.il/wp-content/uploads/2017/08/IMG_2913.jpg
5.100.249.241200 OK 1.9 MB URL HTTP/2 igalst.co.il/wp-content/uploads/2017/08/IMG_2913.jpg
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=8, manufacturer=Canon, model=Canon EOS 5D Mark II, xresolution=138, yresolution=146, resolutionunit=2, software=Adobe Photoshop Lightroom 6.1 (Macintosh), datetime=2017:07:11 10:29:21], baseline, precision 8, 5386x3591, components 3\012- data
Size 1.9 MB (1909034 bytes)
Hash f298bb9cd2a6946f2af4934c87ff800b
2a7bcde83a6a22ade07425a3eec26a4a923eac1e
60d2685ba67d1a7af80a97eea2708b8cfe3d665f9aa651adb5d02396a6077fea
GET /wp-content/uploads/2017/08/IMG_2913.jpg HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: image/jpeg
last-modified: Thu, 10 Aug 2017 17:37:09 GMT
accept-ranges: bytes
content-length: 1909034
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
igalst.co.il/wp-json/contact-form-7/v1/contact-forms/420/feedback/schema
5.100.249.241200 OK 255 B URL HTTP/2 igalst.co.il/wp-json/contact-form-7/v1/contact-forms/420/feedback/schema
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
File type JSON data\012- , ASCII text, with very long lines (675), with no line terminators
Hash e6e37ff0e25ebafc4aa3b9e4f11258b5
2fc3b1c8f1f7bd23d80d7021a4da6e1ef6fcee9b
5be9586152efcc7ddee1f2d78aad702f97fa1ea3edafbe34b8750b655a829d79
Analyzer Verdict Alert fortinet Malware
GET /wp-json/contact-form-7/v1/contact-forms/420/feedback/schema HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://igalst.co.il/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.0.33
content-type: application/json; charset=UTF-8
x-robots-tag: noindex
link: <https://igalst.co.il/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
vary: Origin,Accept-Encoding, Accept-Encoding
etag: "2881-1674641286;gz"
x-litespeed-cache: miss
content-length: 255
content-encoding: gzip
date: Wed, 25 Jan 2023 10:08:06 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 34c6c87358e04f2487a4fcb466d2ad17
2e99bb20b81b80930471f736676e4dd3a093a9cd
db58d2601ad2308da96f8998b9b5e39c3c48b910c0f141230a757b9985b536fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 10:08:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e42c4bc3eb1dde3e47013119de155096
ee735e961b5844018da0625bfd2476ab70500926
689f2b20a0cac8f0b3ad9fcc34ffb152ab8e935a0fb322d8e9fcb21f1a0ae151
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 10:08:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 10:06:35 GMT
expires: Wed, 25 Jan 2023 10:21:35 GMT
cache-control: public, max-age=900
age: 92
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.130302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Wed, 25 Jan 2023 10:08:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
igalst.co.il/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.7.2
5.100.249.241200 OK 482 B URL HTTP/2 igalst.co.il/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.7.2
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
File type ASCII text, with very long lines (999), with no line terminators
Hash 5c8ab80ec97a6f6441359fe9b58ba57d
50130e92f18fc673d7ffebd8c98d4ffccf7735b3
35f69ae9aad96ba95bf171f0f34106b386a4309b16d6e518906b33eac760eaf7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.7.2 HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: application/javascript
last-modified: Thu, 29 Dec 2022 03:09:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
igalst.co.il/wp-content/themes/one-paze/js/bxslider/jquery.bxslider.js?ver=6.1.1
5.100.249.241200 OK 15 kB URL HTTP/2 igalst.co.il/wp-content/themes/one-paze/js/bxslider/jquery.bxslider.js?ver=6.1.1
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
Hash cda9f09184a084415199d57ddb1acdef
7030872f7ba5bbee5f80430f464adbeeb106d9b6
48ab18d4870cb2f5c87e1a6d0c3e80e44ae2f6748fa8daa2724bdc7cfe2e10de
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/one-paze/js/bxslider/jquery.bxslider.js?ver=6.1.1 HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: application/javascript
last-modified: Sat, 03 Aug 2019 00:35:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 34c6c87358e04f2487a4fcb466d2ad17
2e99bb20b81b80930471f736676e4dd3a093a9cd
db58d2601ad2308da96f8998b9b5e39c3c48b910c0f141230a757b9985b536fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 10:08:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 36524bf91bb1775c9e02dd3b1654e866
806f20ca2e8cff823895ded4eca78bfb789331dd
2d2ea55d037ab3349c26acfa8851055dcdb4f3e84d217f89c52bdafb36a94b08
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 25 Jan 2023 10:08:07 GMT
server: ESF
cache-control: private
content-length: 31254
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2582
Expires: Wed, 25 Jan 2023 10:51:09 GMT
Date: Wed, 25 Jan 2023 10:08:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2582
Expires: Wed, 25 Jan 2023 10:51:09 GMT
Date: Wed, 25 Jan 2023 10:08:07 GMT
Connection: keep-alive
igalst.co.il/wp-content/themes/one-paze/js/jquery.localScroll.js?ver=6.1.1
5.100.249.241200 OK 2.1 kB URL HTTP/2 igalst.co.il/wp-content/themes/one-paze/js/jquery.localScroll.js?ver=6.1.1
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
Hash 5b4e7ed441608ad34c33f417d64678df
821dcd72dbca297431c097b320ac2ff29b0630d7
5e268cf2e0515b1f0f8143462604a8d4c93896c940e72a2a43c361e4e48cd895
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/one-paze/js/jquery.localScroll.js?ver=6.1.1 HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: application/javascript
last-modified: Sat, 03 Aug 2019 00:35:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5974ff5e-ff49-4276-8943-5768c589b551.png
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5974ff5e-ff49-4276-8943-5768c589b551.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b458c619b07de23b3620f392b0f56f6
e45a3cfee589406e1ea0f1ebd6e8d321487474e1
9927c7a8e606180964b6e052e1eb2bacb007d05a46c1f04e28c48a74096d3c03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5974ff5e-ff49-4276-8943-5768c589b551.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8736
x-amzn-requestid: 65bdef1c-0389-4d16-b5fd-931d4753d75d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBYVuF_4oAMF0Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca0757-1569aec44c54b7c87663feae;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 03:15:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3fzmJ8iZrVvBDurLOdAJXB6uuvk6KHvIBuKzMKAMSjKUzWICg1cCjQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 04:41:44 GMT
age: 19583
etag: "e45a3cfee589406e1ea0f1ebd6e8d321487474e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59be5df3-0d3c-4611-9b91-9ce5041a7a57.jpeg
34.120.237.76200 OK 3.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59be5df3-0d3c-4611-9b91-9ce5041a7a57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dbbcba4403c1ea4e45ff47894d66e984
8555e8d6a38b78829a7dd2f10eb99bdbb254d89a
c9acd732889f9a58b085ceee3ceb8040fedb1e85ddb9f5b933960472c2f8d147
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59be5df3-0d3c-4611-9b91-9ce5041a7a57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3109
x-amzn-requestid: 89df621b-47d8-4127-8e4f-8e57f3244419
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKV9hFNKIAMFtlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cd9d23-0b4c0b5d2bf8c22b2ada0e9c;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 20:31:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: B62xY4rlFNdJGd5ethwkCIwQTsegDVJy6s7OptIr1g_E8GvwttW2sQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 09:39:09 GMT
age: 1738
etag: "8555e8d6a38b78829a7dd2f10eb99bdbb254d89a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c5YOTqrEv9RLv_lKsrC377yost8auxYRPLubBFGjIWtnbueiGMJYGw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 05:14:35 GMT
age: 17612
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d0e7609-9fe9-4d8e-8e5d-d900bbac3bcf.webp
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d0e7609-9fe9-4d8e-8e5d-d900bbac3bcf.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 946d8485d39fbe598dc6af86e735061d
4934319819697b4c89466949cd4ef93bb8b9c8b2
7bd130762bfaa189b24e3620e4a54b8e0cc7046ea2d917c37d11a8f248803840
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d0e7609-9fe9-4d8e-8e5d-d900bbac3bcf.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9343
x-amzn-requestid: 5786e270-1aae-45e2-b406-ad9ce4e90c20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHH8hEcBIAMFyjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5383-3b3fb6220035b4e34db73fee;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:05:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mVeNR5XqJqAXlMYpaB2oVd1YZDsXvbyDOOz3gkj1kn4roCQLb36RtQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 08:21:17 GMT
age: 6410
etag: "4934319819697b4c89466949cd4ef93bb8b9c8b2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc3762f9-ecc0-4ad9-9272-0a3e8e55d247.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc3762f9-ecc0-4ad9-9272-0a3e8e55d247.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c7d50173f78bef1429160a353679dd91
695d7913e35a7e086d76c38d7c6f43462b0896df
4c761d1f9fd523750102aea0cce3f8c3cd92918d4c59853415745278292afa4b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc3762f9-ecc0-4ad9-9272-0a3e8e55d247.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6231
x-amzn-requestid: 85406169-05a4-4ba9-8a20-5ed2badec48a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEXPmGB_oAMF7Zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb38ca-607a23df395511207f5958cd;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 00:58:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wgvWx8V8czjRN96TVCFkx21hxrAuvT7v7D8zcYjD7CJViXFkhp2FoA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 05:24:28 GMT
age: 17019
etag: "695d7913e35a7e086d76c38d7c6f43462b0896df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7da858f1-3099-4d35-9bf6-fae2a155404c.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7da858f1-3099-4d35-9bf6-fae2a155404c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05ff19472d4870833d7c6b495099a86c
6ad7424d14301c62a93ea71843238d2ff0699a02
1f2c62b3be1147d1ed12d1e28caa86c97684d5c5da87ebe3a709ce01cd878abb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7da858f1-3099-4d35-9bf6-fae2a155404c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8676
x-amzn-requestid: 15ae46cb-c80e-4b94-a8d3-8e2a83be64c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLQdAG2BoAMFbOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdfab9-236ebb6b3fab6b25266203ba;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 03:10:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xkpv0iMm4JNzdmNMQerJZXWXjWJ6YFYJ6WbaREC0S-0GX3WHv71mFw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 03:33:57 GMT
age: 23650
etag: "6ad7424d14301c62a93ea71843238d2ff0699a02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
igalst.co.il/wp-content/themes/one-paze/css/sidetogglemenu.css?ver=6.1.1
5.100.249.241200 OK 1.5 MB URL HTTP/2 igalst.co.il/wp-content/themes/one-paze/css/sidetogglemenu.css?ver=6.1.1
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
Size 1.5 MB (1499761 bytes)
Hash 5c8763c7ae4f7716ba1414888dbc8088
15d427df2ea9acd39cce2f5cdb95f7815aa20b45
a39ba91d615a960a586f039051c9fd9fb6ec1ab6982c7465b278e8ce3570ab3f
GET /wp-content/themes/one-paze/css/sidetogglemenu.css?ver=6.1.1 HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: text/css
last-modified: Sat, 03 Aug 2019 00:35:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 126e9ccbe4e6508bc0a881d69e0c9521
1909837ca688bdf3f91df41f5194cf248fb17812
b3143a6cce962235dd70bf5673ba4c1482d825e83ba6c01f4047fbc6ccc67874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 10:08:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 5cb2d748fc4be2bdb36e9cabd9145ddf
0f5d5db356c4836ea65cdc174e7f944a36e82dbe
2a5be1ba456af8562be9728fb7cfeef8019fcc4a0f1a03ea994e093103ebbba8
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 25 Jan 2023 10:08:07 GMT
server: ESF
cache-control: private
content-length: 31067
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
igalst.co.il/wp-json/contact-form-7/v1/contact-forms/420/feedback/schema
5.100.249.241304 Not Modified 0 B URL HTTP/2 igalst.co.il/wp-json/contact-form-7/v1/contact-forms/420/feedback/schema
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /wp-json/contact-form-7/v1/contact-forms/420/feedback/schema HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://igalst.co.il/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-None-Match: "2881-1674641286;gz"
TE: trailers
HTTP/2 304 Not Modified
x-powered-by: PHP/7.0.33
content-type: application/json; charset=UTF-8
x-robots-tag: noindex
link: <https://igalst.co.il/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
vary: Origin, Accept-Encoding
etag: "2881-1674641286;gz"
x-litespeed-cache: hit
date: Wed, 25 Jan 2023 10:08:06 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 93af086c11908f25c43c0bd730ca1fd1
75f2cbb9c6d8aeb54145293cafa5404cc3489389
7169b0c49ea8e410f5ec7fb0fd01d0df35251e52057612bfcdff4b88e81b12f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 10:08:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/52yMRzDm_P4/sddefault.webp
142.250.74.54200 OK 58 kB URL HTTP/2 i.ytimg.com/vi_webp/52yMRzDm_P4/sddefault.webp
IP 142.250.74.54:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4499fe4ea3df34eb3b431afb8c1d6ece
ab89a4e18f735551e7003795d8c7f97977357eb4
8033a6b75d03229a29997fd931766418c9678047c64c792eca2494f286d2f42c
GET /vi_webp/52yMRzDm_P4/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 58038
date: Wed, 25 Jan 2023 10:08:07 GMT
expires: Wed, 25 Jan 2023 12:08:07 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
igalst.co.il/favicon.ico
5.100.249.241404 Not Found 1.2 kB IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /favicon.ico HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Wed, 25 Jan 2023 10:08:06 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 126e9ccbe4e6508bc0a881d69e0c9521
1909837ca688bdf3f91df41f5194cf248fb17812
b3143a6cce962235dd70bf5673ba4c1482d825e83ba6c01f4047fbc6ccc67874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 10:08:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu9fp1LZi3vmmbcDcz6gPF7FwIXgp_L1OWzo3Q=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 628 B URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu9fp1LZi3vmmbcDcz6gPF7FwIXgp_L1OWzo3Q=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 60ec304ef5b9edf449fc6abfaeb9a5a2
b59fe20b1a8c537b5abf266ee5aa3550269145bc
2d52c539a131fd46c1bdefc7a9bcfddac0335afe315bb3587b10722a132dc54e
GET /ytc/AMLnZu9fp1LZi3vmmbcDcz6gPF7FwIXgp_L1OWzo3Q=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Thu, 26 Jan 2023 10:08:07 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 25 Jan 2023 10:08:07 GMT
server: fife
content-length: 628
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 93af086c11908f25c43c0bd730ca1fd1
75f2cbb9c6d8aeb54145293cafa5404cc3489389
7169b0c49ea8e410f5ec7fb0fd01d0df35251e52057612bfcdff4b88e81b12f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 10:08:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 25 Jan 2023 10:08:08 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ee9299de6e1c1275aff8e55d726af569
db1fab271c30505145a4721aa2f625ae64b87a9e
c8ca4c326ff28b84850cd2a9be06084d744a2d48a00442b8f6c798d3df39359d
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1304
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 25 Jan 2023 10:08:08 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6e3624e4694dde296b83fda359be36ec
a38eee881922e7617d968362311a7a00f19ea8ec
e598cdfccdd9dbb1b666ca7d08cdd8c4a3cb438044038495bed38da8684c292d
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1076
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 25 Jan 2023 10:08:08 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
igalst.co.il/wp-json/contact-form-7/v1/contact-forms/420/refill
5.100.249.241200 OK 22 B URL HTTP/2 igalst.co.il/wp-json/contact-form-7/v1/contact-forms/420/refill
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
File type JSON data\012- , ASCII text, with no line terminators
Hash 061faf60a30dde2f20ba8f454c3020de
1940a26a9be338cb36f5b50a1d638ef36b124d51
21947b02ead137acb20e602e9448c7c453b2836d1a755aadd5e1c61ecd2eb034
Analyzer Verdict Alert fortinet Malware
GET /wp-json/contact-form-7/v1/contact-forms/420/refill HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://igalst.co.il/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.0.33
content-type: application/json; charset=UTF-8
x-robots-tag: noindex
link: <https://igalst.co.il/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
vary: Origin,Accept-Encoding, Accept-Encoding
etag: "2882-1674641287;gz"
x-litespeed-cache: miss
content-length: 22
content-encoding: gzip
date: Wed, 25 Jan 2023 10:08:07 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
igalst.co.il/wp-json/contact-form-7/v1/contact-forms/420/refill
5.100.249.241304 Not Modified 0 B URL HTTP/2 igalst.co.il/wp-json/contact-form-7/v1/contact-forms/420/refill
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /wp-json/contact-form-7/v1/contact-forms/420/refill HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://igalst.co.il/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-None-Match: "2882-1674641287;gz"
TE: trailers
HTTP/2 304 Not Modified
x-powered-by: PHP/7.0.33
content-type: application/json; charset=UTF-8
x-robots-tag: noindex
link: <https://igalst.co.il/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
vary: Origin, Accept-Encoding
etag: "2882-1674641287;gz"
x-litespeed-cache: hit
date: Wed, 25 Jan 2023 10:08:07 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33050e82-3c0a-40d6-a722-e4ff96872edc.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33050e82-3c0a-40d6-a722-e4ff96872edc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb6c1403a1d3c878c08ccaf17f8b3d0a
7596b783e0da5fba63c49374933eccffc223d729
1524dbef51237950d4a14a0e2e053fad933dd92ee0831e2de5c45513122f1d58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33050e82-3c0a-40d6-a722-e4ff96872edc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6026
x-amzn-requestid: 4b05d7f7-783f-4a79-9eed-bbbeb53bc677
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRQ-QHmZIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d061f4-721f473c5c8dadd163ca7689;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 22:55:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -GQ5kEZvbltzLlBeml1PxYH3ufTrSMApVjDyR_NkR-6-vXfuJHOb0g==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 23:09:45 GMT
age: 39509
etag: "7596b783e0da5fba63c49374933eccffc223d729"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
igalst.co.il/wp-content/themes/one-paze/js/wow.js?ver=6.1.1
5.100.249.241200 OK 0 B URL HTTP/2 igalst.co.il/wp-content/themes/one-paze/js/wow.js?ver=6.1.1
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/one-paze/js/wow.js?ver=6.1.1 HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: application/javascript
last-modified: Sat, 03 Aug 2019 00:35:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
igalst.co.il/wp-content/themes/one-paze/js/custom.js?ver=6.1.1
5.100.249.241200 OK 0 B URL HTTP/2 igalst.co.il/wp-content/themes/one-paze/js/custom.js?ver=6.1.1
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/one-paze/js/custom.js?ver=6.1.1 HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: application/javascript
last-modified: Sat, 03 Aug 2019 00:35:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
igalst.co.il/wp-content/themes/one-paze/js/jquery.scrollTo.js?ver=6.1.1
5.100.249.241200 OK 0 B URL HTTP/2 igalst.co.il/wp-content/themes/one-paze/js/jquery.scrollTo.js?ver=6.1.1
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/one-paze/js/jquery.scrollTo.js?ver=6.1.1 HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: application/javascript
last-modified: Sat, 03 Aug 2019 00:35:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
igalst.co.il/wp-content/themes/one-paze/js/jquery.mixitup.js?ver=6.1.1
5.100.249.241200 OK 0 B URL HTTP/2 igalst.co.il/wp-content/themes/one-paze/js/jquery.mixitup.js?ver=6.1.1
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/one-paze/js/jquery.mixitup.js?ver=6.1.1 HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: application/javascript
last-modified: Sat, 03 Aug 2019 00:35:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
igalst.co.il/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
5.100.249.241200 OK 0 B URL HTTP/2 igalst.co.il/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
igalst.co.il/wp-content/themes/one-paze/js/jquery.nav.js?ver=6.1.1
5.100.249.241200 OK 0 B URL HTTP/2 igalst.co.il/wp-content/themes/one-paze/js/jquery.nav.js?ver=6.1.1
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
GET /wp-content/themes/one-paze/js/jquery.nav.js?ver=6.1.1 HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: application/javascript
last-modified: Sat, 03 Aug 2019 00:35:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
igalst.co.il/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
5.100.249.241200 OK 0 B URL HTTP/2 igalst.co.il/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2 HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: application/javascript
last-modified: Thu, 29 Dec 2022 03:09:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.youtube.com/embed/52yMRzDm_P4?ecver=2
142.250.74.46200 OK 0 B URL HTTP/2 www.youtube.com/embed/52yMRzDm_P4?ecver=2
IP 142.250.74.46:0
GET /embed/52yMRzDm_P4?ecver=2 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 25 Jan 2023 10:08:06 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=xZ0df6oUA1c; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TWpVeU9UVTFPREF3TVRBNE9ETTJPQT09EIb/w54GGIb/w54G; Domain=.youtube.com; Expires=Mon, 24-Jul-2023 10:08:06 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=tIV8bCgkQhM; Domain=.youtube.com; Expires=Mon, 24-Jul-2023 10:08:06 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+172; expires=Fri, 24-Jan-2025 10:08:06 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
igalst.co.il/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
5.100.249.241200 OK 0 B URL HTTP/2 igalst.co.il/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
igalst.co.il/wp-content/themes/one-paze/css/faw/css/font-awesome.css?ver=6.1.1
5.100.249.241200 OK 0 B URL HTTP/2 igalst.co.il/wp-content/themes/one-paze/css/faw/css/font-awesome.css?ver=6.1.1
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
GET /wp-content/themes/one-paze/css/faw/css/font-awesome.css?ver=6.1.1 HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: text/css
last-modified: Sat, 03 Aug 2019 00:35:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
igalst.co.il/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
5.100.249.241200 OK 0 B URL HTTP/2 igalst.co.il/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
igalst.co.il/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
5.100.249.241200 OK 0 B URL HTTP/2 igalst.co.il/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
igalst.co.il/wp-content/themes/one-paze/js/sidetogglemenu.js?ver=6.1.1
5.100.249.241200 OK 0 B URL HTTP/2 igalst.co.il/wp-content/themes/one-paze/js/sidetogglemenu.js?ver=6.1.1
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/one-paze/js/sidetogglemenu.js?ver=6.1.1 HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: application/javascript
last-modified: Sat, 03 Aug 2019 00:35:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
igalst.co.il/
5.100.249.241200 OK 0 B IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.0.33
content-type: text/html; charset=UTF-8
link: <https://igalst.co.il/wp-json/>; rel="https://api.w.org/", <https://igalst.co.il/wp-json/wp/v2/pages/10>; rel="alternate"; type="application/json", <https://igalst.co.il/>; rel=shortlink
vary: Accept-Encoding
etag: "2867-1674617465;br"
x-litespeed-cache: hit
content-encoding: br
date: Wed, 25 Jan 2023 10:08:04 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
igalst.co.il/wp-content/themes/one-paze/js/jquery.parallax.js?ver=6.1.1
5.100.249.241200 OK 0 B URL HTTP/2 igalst.co.il/wp-content/themes/one-paze/js/jquery.parallax.js?ver=6.1.1
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/one-paze/js/jquery.parallax.js?ver=6.1.1 HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: application/javascript
last-modified: Sat, 03 Aug 2019 00:35:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
igalst.co.il/wp-content/uploads/2017/07/IMG_3336-1349x670.jpg
5.100.249.241200 OK 0 B URL HTTP/2 igalst.co.il/wp-content/uploads/2017/07/IMG_3336-1349x670.jpg
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
GET /wp-content/uploads/2017/07/IMG_3336-1349x670.jpg HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: image/jpeg
last-modified: Thu, 10 Aug 2017 17:06:38 GMT
accept-ranges: bytes
content-length: 202335
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
igalst.co.il/wp-content/themes/one-paze/css/animate.css?ver=6.1.1
5.100.249.241200 OK 0 B URL HTTP/2 igalst.co.il/wp-content/themes/one-paze/css/animate.css?ver=6.1.1
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/one-paze/css/animate.css?ver=6.1.1 HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: text/css
last-modified: Sat, 03 Aug 2019 00:35:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
igalst.co.il/wp-content/themes/one-paze/style.css?ver=6.1.1
5.100.249.241200 OK 0 B URL HTTP/2 igalst.co.il/wp-content/themes/one-paze/style.css?ver=6.1.1
IP 5.100.249.241:0
ASN #44709 O.m.c. Computers & Communications Ltd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/one-paze/style.css?ver=6.1.1 HTTP/1.1
Host: igalst.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igalst.co.il/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 10:08:05 GMT
content-type: text/css
last-modified: Tue, 03 Mar 2020 12:40:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 10:08:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2