Overview

URLodeifuomedia.com/
IP 192.64.118.17 (United States)
ASN#22612 NAMECHEAP-NET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-16 04:32:02 UTC
StatusLoading report..
IDS alerts0
Blocklist alert33
urlquery alerts No alerts detected
Tags None

Domain Summary (12)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-15 06:00:48 UTC 34.117.237.239
ocsp.sectigo.com (1) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 104.18.32.68
img-getpocket.cdn.mozilla.net (7) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
r3.o.lencr.org (6) 344 No data No data 23.36.77.32
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-15 05:59:39 UTC 34.102.187.140
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
odeifuomedia.com (44) 0 2022-09-10 11:22:45 UTC 2022-11-16 03:59:10 UTC 192.64.118.17 Unknown ranking
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.191.251.76
ocsp.pki.goog (7) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.35
fonts.gstatic.com (3) 0 2014-09-09 00:40:21 UTC 2022-11-15 20:06:00 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
fonts.googleapis.com (2) 8877 2013-06-10 20:14:26 UTC 2022-11-16 01:58:43 UTC 142.250.74.10

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-16 2 odeifuomedia.com/ Malware
2022-11-16 2 odeifuomedia.com/wp-content/themes/astra/assets/css/minified/main.min.css?v (...) Malware
2022-11-16 2 odeifuomedia.com/wp-content/plugins/elementor/assets/lib/eicons/css/element (...) Malware
2022-11-16 2 odeifuomedia.com/ Malware
2022-11-16 2 odeifuomedia.com/wp-content/uploads/elementor/css/post-15.css?ver=1668548038 Malware
2022-11-16 2 odeifuomedia.com/wp-content/plugins/elementor-pro/assets/css/frontend-lite. (...) Malware
2022-11-16 2 odeifuomedia.com/wp-content/uploads/elementor/css/post-6.css?ver=1668548039 Malware
2022-11-16 2 odeifuomedia.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/f (...) Malware
2022-11-16 2 odeifuomedia.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/s (...) Malware
2022-11-16 2 odeifuomedia.com/wp-content/uploads/2021/05/logo.svg Malware
2022-11-16 2 odeifuomedia.com/wp-content/themes/astra/assets/js/minified/frontend.min.js (...) Malware
2022-11-16 2 odeifuomedia.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min (...) Malware
2022-11-16 2 odeifuomedia.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 Malware
2022-11-16 2 odeifuomedia.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Malware
2022-11-16 2 odeifuomedia.com/wp-content/plugins/elementor/assets/js/frontend-modules.mi (...) Malware
2022-11-16 2 odeifuomedia.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver= (...) Malware
2022-11-16 2 odeifuomedia.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 Malware
2022-11-16 2 odeifuomedia.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae Malware
2022-11-16 2 odeifuomedia.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js (...) Malware
2022-11-16 2 odeifuomedia.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 Malware
2022-11-16 2 odeifuomedia.com/wp-content/themes/astra/assets/css/minified/galleries.min. (...) Malware
2022-11-16 2 odeifuomedia.com/wp-content/plugins/elementor-pro/assets/js/elements-handle (...) Malware
2022-11-16 2 odeifuomedia.com/wp-includes/js/underscore.min.js?ver=1.13.4 Malware
2022-11-16 2 odeifuomedia.com/wp-includes/js/wp-util.min.js?ver=6.1.1 Malware
2022-11-16 2 odeifuomedia.com/wp-content/plugins/wpforms-lite/assets/js/integrations/ele (...) Malware
2022-11-16 2 odeifuomedia.com/wp-content/plugins/wpforms-lite/assets/lib/jquery.validate (...) Malware
2022-11-16 2 odeifuomedia.com/wp-content/plugins/wpforms-lite/assets/lib/mailcheck.min.j (...) Malware
2022-11-16 2 odeifuomedia.com/wp-content/plugins/wpforms-lite/assets/lib/punycode.min.js (...) Malware
2022-11-16 2 odeifuomedia.com/wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js?v (...) Malware
2022-11-16 2 odeifuomedia.com/wp-content/plugins/elementor/assets/js/lightbox.2d166d71ba (...) Malware
2022-11-16 2 odeifuomedia.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aaf (...) Malware
2022-11-16 2 odeifuomedia.com/wp-content/plugins/elementor/assets/lib/share-link/share-l (...) Malware
2022-11-16 2 odeifuomedia.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfo (...) Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 192.64.118.17
Date UQ / IDS / BL URL IP
2022-11-19 00:33:05 +0000 0 - 0 - 4 odeifuomedia.com/ta/index.php?qbot.zip 192.64.118.17
2022-11-18 22:30:02 +0000 0 - 0 - 5 odeifuomedia.com/tesa/index.php?qbot.zip 192.64.118.17
2022-11-17 00:23:57 +0000 0 - 0 - 4 odeifuomedia.com/ta/index.php?qbot.zip 192.64.118.17
2022-11-16 23:02:19 +0000 0 - 0 - 8 odeifuomedia.com/tesa/index.php?qbot.zip 192.64.118.17
2022-11-16 21:54:08 +0000 0 - 0 - 6 odeifuomedia.com/ta/index.php?qbot.zip 192.64.118.17


Last 5 reports on ASN: NAMECHEAP-NET
Date UQ / IDS / BL URL IP
2023-02-07 21:39:50 +0000 65 - 0 - 0 akaoru.com/support/keybank/70b35a51f575c79ca5 (...) 162.0.229.227
2023-02-07 21:39:40 +0000 51 - 0 - 0 akaoru.com/support/keybank/42ac6ea6a1dea6c5a1 (...) 162.0.229.227
2023-02-07 21:39:37 +0000 53 - 0 - 0 akaoru.com/support/keybank/f3c5b6adcd1f548774 (...) 162.0.229.227
2023-02-07 21:39:36 +0000 51 - 0 - 0 akaoru.com/support/keybank/33750851c178e50c75 (...) 162.0.229.227
2023-02-07 21:39:27 +0000 65 - 0 - 0 akaoru.com/support/keybank/a4873e61fc09cf2c13 (...) 162.0.229.227


Last 5 reports on domain: odeifuomedia.com
Date UQ / IDS / BL URL IP
2022-11-19 00:33:05 +0000 0 - 0 - 4 odeifuomedia.com/ta/index.php?qbot.zip 192.64.118.17
2022-11-18 22:30:02 +0000 0 - 0 - 5 odeifuomedia.com/tesa/index.php?qbot.zip 192.64.118.17
2022-11-17 00:23:57 +0000 0 - 0 - 4 odeifuomedia.com/ta/index.php?qbot.zip 192.64.118.17
2022-11-16 23:02:19 +0000 0 - 0 - 8 odeifuomedia.com/tesa/index.php?qbot.zip 192.64.118.17
2022-11-16 21:54:08 +0000 0 - 0 - 6 odeifuomedia.com/ta/index.php?qbot.zip 192.64.118.17


Last 1 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-19 03:46:46 +0000 0 - 6 - 0 moonshotlab.tech/ 66.45.244.171

JavaScript

Executed Scripts (35)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (77)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15952
Expires: Wed, 16 Nov 2022 08:57:43 GMT
Date: Wed, 16 Nov 2022 04:31:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4621
Cache-Control: max-age=112577
Date: Wed, 16 Nov 2022 04:31:51 GMT
Etag: "63736a6b-1d7"
Expires: Thu, 17 Nov 2022 11:48:08 GMT
Last-Modified: Tue, 15 Nov 2022 10:31:07 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "314BA27975F458E13917B2BE91C9D5989A3E57C9E94B5A84DD52D0E21D27AE7F"
Last-Modified: Mon, 14 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15368
Expires: Wed, 16 Nov 2022 08:47:59 GMT
Date: Wed, 16 Nov 2022 04:31:51 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 16 Nov 2022 03:44:43 GMT
cache-control: public,max-age=3600
age: 2828
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    d130218d0e2841f39c99610fe1a2ab90
Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945
Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 3X+zikLoQ8bENnWq2gAbDnXUxHgZLANc2xGDXZhJChAmWvH5fpF3igYkaewQsbdM+uTxhAFTi9E=
x-amz-request-id: JTYD4MG08PSAB2JP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 16 Nov 2022 04:14:33 GMT
age: 1038
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 16 Nov 2022 04:31:51 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Retry-After, ETag, Alert, Expires, Backoff, Content-Type, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 16 Nov 2022 03:44:49 GMT
cache-control: public,max-age=3600
age: 2822
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3270
Cache-Control: max-age=106174
Date: Wed, 16 Nov 2022 04:31:51 GMT
Etag: "637356af-1d7"
Expires: Thu, 17 Nov 2022 10:01:25 GMT
Last-Modified: Tue, 15 Nov 2022 09:06:55 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         192.64.118.17
HTTP/1.1 301 Moved Permanently
content-type: text/html
                                        
keep-alive: timeout=5, max=100
content-length: 707
date: Wed, 16 Nov 2022 04:31:52 GMT
server: LiteSpeed
location: https://odeifuomedia.com/
x-turbo-charged-by: LiteSpeed


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   707
Md5:    1304294c0823ca486542ba408ed761e3
Sha1:   b2a70fb2d810ca13985882e6981f33998823e83e
Sha256: 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EKJbmrq6kifeI9sO1d/aZA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.191.251.76
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZqzaBleYmu/r7eZMP6SxpKmHE9U=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 16 Nov 2022 04:31:52 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 13 Nov 2022 15:16:06 GMT
Expires: Sun, 20 Nov 2022 15:16:05 GMT
Etag: "1e2a295f8345d4d10d0d999beb4cd38156fd9da8"
Cache-Control: max-age=383652,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76ad7fe16dc3b500-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9165
Expires: Wed, 16 Nov 2022 07:04:37 GMT
Date: Wed, 16 Nov 2022 04:31:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9165
Expires: Wed, 16 Nov 2022 07:04:37 GMT
Date: Wed, 16 Nov 2022 04:31:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9165
Expires: Wed, 16 Nov 2022 07:04:37 GMT
Date: Wed, 16 Nov 2022 04:31:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9165
Expires: Wed, 16 Nov 2022 07:04:37 GMT
Date: Wed, 16 Nov 2022 04:31:52 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667acc-25d7-4d63-8fab-1711f6b4988c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8235
x-amzn-requestid: e8a91ec0-fa93-45b6-8dc8-a405c00242fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqY4_HANoAMFSvw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63740839-3ebbd38b0e3e774923ad019e;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:44:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: _u6Uhc-g_xPTRSYys5rD3GC00roubyJdBRuHruvoMLf-UEAB6_zdQw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:46:20 GMT
age: 24332
etag: "87e277a627c1085cad5c6e38bdd5100aa0a9ecee"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8235
Md5:    98802857df59f8eacd9211811cc59ae6
Sha1:   87e277a627c1085cad5c6e38bdd5100aa0a9ecee
Sha256: 102e73f690a972da6d3ab609ffab5f29884185d85c4230a19ec74d74c7320cf1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F520b9f3d-222d-4840-bd88-673cedf9b5fc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4919
x-amzn-requestid: aae0d2da-e891-40a6-bd83-8942fc3ef0c0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYFFEnxoAMFdCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406ed-6ff1cc593aa1c934659030db;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PhUSR2Y2GRZkB5UTrMma8vnIddc44pLJ2Sppk63xQyMC2imKLn-R4A==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:47:46 GMT
age: 24246
etag: "a3977e8cde4b6ad7ef2e75a477e71b7bbbec21f0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4919
Md5:    a698bf97cc6c0c464ed1a2b2adb1c1d3
Sha1:   a3977e8cde4b6ad7ef2e75a477e71b7bbbec21f0
Sha256: 64d52d8983b2bf30b9b1f260b8d6534664024b8dfda0da273307ee510ed33aad
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4fb99a77-d99a-486f-b11a-d0f855262383.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8236
x-amzn-requestid: 74104064-6d6f-44ef-ad9f-6550971f17f4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYEBET6oAMF_cQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406e6-269579cf1723940b16588c76;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: NoKPqN-FpS9ibMgsRSPIDrlu8I7OG_P_v7JHEcrBQE4ushlrVF5Yuw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 22:08:55 GMT
age: 22977
etag: "5d6f0e9bec236755d70ac6779e86684795e5c798"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8236
Md5:    ed2eb8cd1cffa83445bfc822fff3cd95
Sha1:   5d6f0e9bec236755d70ac6779e86684795e5c798
Sha256: 6b3e294fc0977cd09c1565d5a6396a63b2ad5f7005b9f1e136c33cedae49f436
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bcd9120-f81d-4ec1-9b84-ae23f33b9b8d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8981
x-amzn-requestid: 4945a047-3048-4dfb-aba5-6cde2b52b240
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYEAG7roAMF30Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406e6-6928cd8c1439aac80444cd7b;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ls987SlzVbSWiZwE4ahKBdQ_vJknoy88LkGHnEYfie4M1l584VbB_w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 22:00:01 GMT
age: 23511
etag: "d81bf6504b30d50cf9cb14f8efca8e961f422a57"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8981
Md5:    c774a9a33f0c86087fe36fe18cf02db8
Sha1:   d81bf6504b30d50cf9cb14f8efca8e961f422a57
Sha256: 80f2913428758b1250218865a3e6697881ed3ed626f702c94fd0a5c7f354a2b1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: X3SUo1LP97TxraRav0ftskBhzWkTJInHaS44PW26yloF-dgD-bHBuA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:45:58 GMT
age: 24354
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11715
Md5:    cd5bdc050716bb76afe8090fc81617e7
Sha1:   5109c156b180727767fc03c411190ccc0d3fb5fc
Sha256: 9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc50c38bf-fe3d-4eec-be11-1e782b0f0bbc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6629
x-amzn-requestid: ff03ae40-8d00-41ec-875f-b49b1b86151c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqY6CG9IoAMF8rA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63740840-7fdaa40f3ca9246045270665;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:44:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4i9jW2AQ8PhWl9i01KDda11PoSD1csf_Gs7nwME9o2Oxft0UldI6vQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:47:49 GMT
age: 24243
etag: "bc2bb7815b062941d51fde65574851db55be37dc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6629
Md5:    edd6a84f848a83f4d1990f92b4807def
Sha1:   bc2bb7815b062941d51fde65574851db55be37dc
Sha256: 4d015538adfa6c61a5dfca3cbb224ae91ccbe1d82212e997e22f895a77387bed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 16 Nov 2022 04:31:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 16 Nov 2022 04:31:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 16 Nov 2022 04:31:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.9.4 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Thu, 10 Nov 2022 12:07:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7729
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (38452)
Size:   7729
Md5:    0ca5b6b374a6933dfcef988a74ac74e6
Sha1:   5712c8a8f2fce5821f7e2a5a8a75691428140f83
Sha256: 6aa926551f2064bb9638c078ae5b78d2822dcb9a99bb7df9b377eee95a132be1

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Tue, 15 Nov 2022 21:20:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (47826)
Size:   11616
Md5:    c4d7cc056b49b00e05cc29cc59aa3d5a
Sha1:   48c426bec60099d2a8628df430ed682c72aab42a
Sha256: 8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Mon, 01 Aug 2022 04:11:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3629
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (19233)
Size:   3629
Md5:    af3bdf44d09914e8adb51fec560d8816
Sha1:   84bb225e096bab405868dd504e62133ba75cf1c1
Sha256: 4325dab21d3eb9efb8e285a0926be743f27e46446ccf5f9be65bb4b60c024152

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET / HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
x-powered-by: PHP/7.4.33
link: <https://odeifuomedia.com/index.php?rest_route=/>; rel="https://api.w.org/", <https://odeifuomedia.com/index.php?rest_route=/wp/v2/pages/6>; rel="alternate"; type="application/json", <https://odeifuomedia.com/>; rel=shortlink
etag: "73-1668549297;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
date: Wed, 16 Nov 2022 04:31:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (62188), with CRLF, LF line terminators
Size:   38361
Md5:    4d66ead94b7bd57cc98dd6f30ee9b46d
Sha1:   1630118cfd3b300765c2e0a48cba92cc8bfa2cf4
Sha256: c61bdc02240fc182ca7b206e68fb270ee5cce5d4ca1e6e411b1b051ef06d025f

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/elementor/css/post-15.css?ver=1668548038 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Tue, 15 Nov 2022 21:33:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 330
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1162), with no line terminators
Size:   330
Md5:    01a578e731a2832bb158adf7edd5fd57
Sha1:   7c0d56a46803aac61b4905d7a569f6c79e5ad25e
Sha256: 5aaab156df7c3127cd54f3f72ce15b15db981d93bfd7ef941b75455c39d015b9

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.2 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Tue, 13 Sep 2022 01:09:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1505
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11362)
Size:   1505
Md5:    c4f251672b663c97ff6f30bc8d778179
Sha1:   e218078a120fe36bb62d4d0ef50e0e0f761cce50
Sha256: a507d02d59d0e8a0aea204b3f46ed6c980319e140e10a548cd2014d5af9904cb

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/elementor/css/post-6.css?ver=1668548039 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Tue, 15 Nov 2022 21:33:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2104
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (21693), with no line terminators
Size:   2104
Md5:    7c8b3f85fd494bfff967f4b167b78c09
Sha1:   99867f142ff842a54d8d502f66949996ab4c9284
Sha256: da2bb43d1d11d96d24bbf5b1db85a28f3cdfd0ff22f81a64a6df2e49135e3eae

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12133
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (57726)
Size:   12133
Md5:    f463afd8661ddc733305df1f0cbdaff2
Sha1:   77262f0209e75e340eb7014aba9cd8d69966032f
Sha256: c4b6541be58a0ca61549cd4562850315077880c459c019f01e835cf2d7b764de

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 286
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (483)
Size:   286
Md5:    8828fa3c5bdcfa66615714a2b8c9d807
Sha1:   4f556d0b005ac7754af607418df445f8cf98e8b1
Sha256: 16950dcce60bc3ee2613b60439c99e7ed74d10245f59fe6f68346b7e72dd95e7

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2021/05/logo.svg HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: image/svg+xml
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Tue, 15 Nov 2022 21:33:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4499
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (11049)
Size:   4499
Md5:    9684c80382b1b9e33bba83a7962e6c47
Sha1:   26e3d129b82a570f5f0f805ebaf5062179eb0623
Sha256: 4c9484dc4f66f1be9a0362796f8c00c9ef206e11f557b15814e779cd55b13735

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.4 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Wed, 07 Sep 2022 14:59:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3808
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (16935), with no line terminators
Size:   3808
Md5:    3a5528d3c5255102448258fcf5496360
Sha1:   332bb0c5baaf8110b353094632417e9f313a8b94
Sha256: 024bb2f7ca7725ca60738783b8b6bbc237c937b6725aec3c2a1044961857186a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.2 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Tue, 13 Sep 2022 01:09:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2194
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5141)
Size:   2194
Md5:    caa07ca905fef1976a5a6053956f1205
Sha1:   86ba279cf3cb9c5f506a831c380cb9881fac0bc6
Sha256: ace878313ba51c13c8d6b5debfe37f4cdd2bb8ea0019ac03cddca95c7b34c1c2
                                        
                                            GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2044
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4918)
Size:   2044
Md5:    918938b0ee6977d6506f2e0fa248bd66
Sha1:   292ba27818bec580f76945b53fee4ff6cddcb2c2
Sha256: a1da723cfdb1f8ea57aa7278637d07a83f39ff410dfbba24d8205882a110444e

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Thu, 03 Nov 2022 00:54:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30324
Md5:    3a1740685bd5c0bbd5f2b812e1eb7fb4
Sha1:   488e07695da787fed18361c50292aef35abb5e81
Sha256: 4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   3995
Md5:    7e058b51f939eacfa31cdface14dded5
Sha1:   9d732e5afdeb42edef9e1b9631b7e95e054787cc
Sha256: 4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10425
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (32907)
Size:   10425
Md5:    72fd7d7a61961996172a081cb3eed6cb
Sha1:   7f6d4dc14ef08153606c57d374fd50b685ba383d
Sha256: 757fe1355fa4c3eed3c286520c6af9d344ab9d15a78d8d54a17e7573f866b9be

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Mon, 11 Apr 2022 21:34:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2354
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6475), with no line terminators
Size:   2354
Md5:    4e773d7cec56bacab6d2db420be6f262
Sha1:   c95573d884c1caec0ec9c6f3e2a8c0fbf28d939a
Sha256: 5c8839d0b02f21e8d83d856bbf85a6b87fbedf9ba0b70711b11a1c378d5443e7

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Thu, 03 Nov 2022 00:54:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6335
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Size:   6335
Md5:    fecbc00e8af71d8cfb678cd811c7cb2e
Sha1:   44e5dd77f62cb5c67271442b75cdff10d45f2f8d
Sha256: d6f03fb4728d0c23251451df8d66b5107d3c87458dc624aacfbad437e99d01f1
                                        
                                            GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Mon, 11 Apr 2022 21:34:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1575
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4875)
Size:   1575
Md5:    06a8ac0e71976bc143cfa7861a31169d
Sha1:   def6031fe13259bf17752661832d815e37068bf2
Sha256: e6f42d97e7299522bbb002364128fdf72cd22263ca72c5edc41dcd8f4672cd33

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Thu, 03 Nov 2022 00:54:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3717
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   3717
Md5:    f7acc55c5b34188d3e66c5f2ecf3ba80
Sha1:   802270f7a221e406af63d622d364b119d912c15b
Sha256: 826c4e13764f5bf1bd0a17f2e693d943f8605df1024815f67f43694f4338b713

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.2 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Tue, 13 Sep 2022 01:09:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5442
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (21164)
Size:   5442
Md5:    caa94b71279d7791ccb0e467f86bc193
Sha1:   fda95846a1727a8e4e1591a7d78846578234159d
Sha256: 87acb46da9dd7afe173d9fbb47125ed8bb03559b11184cf34a9722614a3deba0

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/css/widget-icon-list.min.css HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 906
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11736)
Size:   906
Md5:    dfa4e3add9f185eaf959509b12a3f2f2
Sha1:   e9fcec09acb8cb18203b3c9c4133ab808576df38
Sha256: 060ede880f21b0bfe96d2e2b5f36606cef794e7e8814d1baf877c4868eca8a43
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Tue, 12 Apr 2022 15:26:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15660)
Size:   4619
Md5:    0232689bd203f330529b36a437f41a68
Sha1:   9046583f7469ad38297969f10a9513eb895d5316
Sha256: feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/astra/assets/css/minified/galleries.min.css?ver=3.9.4 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Thu, 21 Jul 2022 16:10:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 308
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1025), with no line terminators
Size:   308
Md5:    fa3d65220456c33b01f4edc6e1c47f99
Sha1:   19ae802b4619d0eaa49732f56be7a85af3a11128
Sha256: ae08ab125359be69c367be761bf5e78aa13c0945b3d3ba67a8c4a963398b661b

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/wpforms-lite/assets/css/wpforms-base.min.css?ver=1.7.8 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Thu, 10 Nov 2022 17:24:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3602
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (22829)
Size:   3602
Md5:    23ad768234f093740cd0ec87101e9e6a
Sha1:   9b149ce3a5ddabcc95b90d02359a0cc7105a32d6
Sha256: 68b6590684d2798ac4f087947b55c9da05d5ab2c6450574c230f37408ea602cd
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Wed, 11 Jan 2017 21:35:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2867
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12198), with no line terminators
Size:   2867
Md5:    869caa171b68cbec9fee5abbfb944ee8
Sha1:   f237e485e41f88b77384cfdb880f9d5a8f46eac8
Sha256: 25c2896e2790fb0e52f6b6ba1ce97bd87eb40463b4bb65ba16ad434c1d7a36dc
                                        
                                            GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Thu, 03 Nov 2022 00:54:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6800
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (8189)
Size:   6800
Md5:    3d0ff0f6731d9cef860af9a5a0e3ce62
Sha1:   13aed444304d782039e261475c8b4450b83e743e
Sha256: e8d05db77732c71843ced6f386ea82eb32243ac36e7ca3e071cb7f53e2ffbce5
                                        
                                            GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11702
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (40474)
Size:   11702
Md5:    cf45d3e8044770ba8eabf3833e30fdbe
Sha1:   90f787b69fa2f83b87c28f3caa67985b04b333bd
Sha256: c83321c916d9ca392150cf727108c0927ce9394be70e9b08920cff666f823fb4
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.2 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Tue, 13 Sep 2022 01:09:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5293
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (24339)
Size:   5293
Md5:    01a40aed2973cdba31c9381507f66b09
Sha1:   303adcf7a91bd4137dbb27dd4b274bcae3272aec
Sha256: 11a1b8d084703cc507f7cb7e167baabe24d3f93918e7815a0f24b4df34046296

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Thu, 03 Nov 2022 00:54:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7179
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18798)
Size:   7179
Md5:    f4bb18d2e152ba945cb63980362f40e9
Sha1:   925f93a6c4ee411e97d8dc3186f9d66c4b5169ab
Sha256: 16ab496a6c74f5f272f7a5c31e9cb69c753fea994396ef6deacf641180ad317b

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/wp-util.min.js?ver=6.1.1 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Thu, 03 Nov 2022 00:54:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 690
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1391)
Size:   690
Md5:    ebe552e54e3815c6867913d252ff2a79
Sha1:   4982bd9ba944833e821be18419ad8408290f5d75
Sha256: 8b0aedc73b1d41ab59c0ad42553259c90458cfb72b149946a3bae3298c012e40

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.8 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Thu, 10 Nov 2022 17:24:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 339
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (754), with no line terminators
Size:   339
Md5:    f4cea5c82bb62f34a31f39a322513366
Sha1:   bab5dfb3f8d04b76f83ca994798534e697b85290
Sha256: 5b00e0c1288d5d1f1df303a55bd0ff67d9acf5b734bc0093a651727c48a077ff

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/wpforms-lite/assets/lib/jquery.validate.min.js?ver=1.19.5 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Thu, 10 Nov 2022 17:24:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7677
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (24463)
Size:   7677
Md5:    6dd52359af796b867c2dee4255caa52e
Sha1:   7f21b4f744f9bf32b1b5d6a44dae4fa4b75cfd21
Sha256: 4b198541955ce022c655ce5599eddd70cb33afccb09467c1b8287b862d2ef0bb

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/wpforms-lite/assets/lib/mailcheck.min.js?ver=1.1.2 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Thu, 10 Nov 2022 17:24:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1615
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  C source, ASCII text, with very long lines (4014), with no line terminators
Size:   1615
Md5:    204e049174229ff4ff265a32906604d3
Sha1:   1fe2ba0e482195116eab6850f8c2f8503fc92b8f
Sha256: f1efb1329e736df7f94205dcd235a22b3f866b951aa7154b75e4b298b56baf21

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/wpforms-lite/assets/lib/punycode.min.js?ver=1.0.0 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Thu, 10 Nov 2022 17:24:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 833
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1713), with no line terminators
Size:   833
Md5:    08f4f71fba69b46947b1cb8dd287308c
Sha1:   e78a529644bd145de9d1363d31934a9de12ae062
Sha256: ce1890fdec2706b513d60978f087f69c191e4e577ecec0ffe9727c06d176aec1

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/wpforms-lite/assets/js/utils.min.js?ver=1.7.8 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Thu, 10 Nov 2022 17:24:24 GMT
accept-ranges: bytes
content-length: 174
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   174
Md5:    df8d6b24a870f878b16510e5dca1631d
Sha1:   588d0f674156a3208cee87b897af15f40854e484
Sha256: 499999d720ab71bdffc4e0115b8b05e1d5997f12e482426546a58a00edd77f74
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 16 Nov 2022 04:31:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 16 Nov 2022 04:31:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 16 Nov 2022 04:31:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://odeifuomedia.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Nov 2022 14:43:52 GMT
expires: Wed, 15 Nov 2023 14:43:52 GMT
cache-control: public, max-age=31536000
age: 49682
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Size:   8000
Md5:    72993dddf88a63e8f226656f7de88e57
Sha1:   179f97ec0275f09603a8db94d4380eb584d81cd5
Sha256: f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
                                        
                                            GET /s/dmserifdisplay/v10/-nFnOHM81r4j6k0gjAW3mujVU2B2G_Bx0g.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://odeifuomedia.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24532
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Nov 2022 00:14:25 GMT
expires: Sat, 11 Nov 2023 00:14:25 GMT
cache-control: public, max-age=31536000
age: 447449
last-modified: Thu, 21 Apr 2022 16:25:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 24532, version 1.0\012- data
Size:   24532
Md5:    85db9d3b188da5bfdbc66c178a3e33bc
Sha1:   a11c20671ca01da83d46b9f6215885f347d8772c
Sha256: 73e3044bb6912706982542a9e9b15e7472bd53755cea6a0477c5e7c80c24c00d
                                        
                                            GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://odeifuomedia.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 21:48:50 GMT
expires: Thu, 09 Nov 2023 21:48:50 GMT
cache-control: public, max-age=31536000
age: 542584
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size:   7884
Md5:    9212f6f9860f9fc6c69b02fedf6db8c3
Sha1:   ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
Sha256: 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 16 Nov 2022 04:31:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js?ver=1.7.8 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:53 GMT
last-modified: Thu, 10 Nov 2022 17:24:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9337
date: Wed, 16 Nov 2022 04:31:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32390), with no line terminators
Size:   9337
Md5:    9d4d65fb96c906b9a22c005ef652d30a
Sha1:   03218309668302df04d56bd528487f55eeee888a
Sha256: f5cfd56ba8d09ded1b2ef24f6375b460ef10f2a9a4648b61851b1f3cc767679a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2021/05/hero-bg.jpg HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/wp-content/uploads/elementor/css/post-6.css?ver=1668548039
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:55 GMT
last-modified: Tue, 15 Nov 2022 21:33:29 GMT
accept-ranges: bytes
content-length: 135902
date: Wed, 16 Nov 2022 04:31:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1027, components 3\012- data
Size:   135902
Md5:    e37e341acacda2431a691ee692e18178
Sha1:   1e048c008c9b1bd3cdbc7ace6a140160cdb64dd9
Sha256: 6b5207fc5a70af8eb37b128bd61c5890e7e23c3a77d6624d243382153c758910
                                        
                                            GET /wp-content/plugins/elementor/assets/js/lightbox.2d166d71ba2a6a9e66fd.bundle.min.js HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:55 GMT
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9020
date: Wed, 16 Nov 2022 04:31:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (28962)
Size:   9020
Md5:    7d4a0b8db6ee8793d080670cb6eadff7
Sha1:   7ab5bbfc75a28ec1bd06ae3bae5a9046271d84a5
Sha256: 474af6b21466003fc36a4ba2c057549a26de343778b082ae88d3dc4c2be6f63c

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:55 GMT
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 599
date: Wed, 16 Nov 2022 04:31:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1320)
Size:   599
Md5:    b59e163b50b8e62a7e08b4ce88241b48
Sha1:   4f45b1e9e0270133c35c43a1a33d5b2d292b8693
Sha256: 73ba293d6c6c5c89f37eb310eead199d2a7268ada96c881f41ec8ca5b7f693bb

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:55 GMT
last-modified: Wed, 17 Nov 2021 13:27:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3268
date: Wed, 16 Nov 2022 04:31:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10544)
Size:   3268
Md5:    3821415a39954c48c7927e661467c6b8
Sha1:   dfe1116a0efc9898cb6caf094213880da83d6990
Sha256: 5f7f5b28f47c366a0bb70435dc3b2253278222c92429f013084f71fd7d29a32e
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.8.1 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:55 GMT
last-modified: Mon, 01 Aug 2022 04:11:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1047
date: Wed, 16 Nov 2022 04:31:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2620), with no line terminators
Size:   1047
Md5:    906c4decdcd32482c1cf583b07925d30
Sha1:   30e726b9febb4b651544266df656a21251f0e8e3
Sha256: 53f86e9641d0e35772d6b54294cc6dd685fb9a376a1baad151da120fef609423

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1 
Host: odeifuomedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://odeifuomedia.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         192.64.118.17
HTTP/2 200 OK
content-type: font/woff2
                                        
cache-control: public, max-age=604800
expires: Wed, 23 Nov 2022 04:31:55 GMT
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-length: 78196
date: Wed, 16 Nov 2022 04:31:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   1238
Md5:    0bde7d4b3da67537eaf9188e6f8049cf
Sha1:   64300fc482d01d38b40ab20e15960b6509665e5a
Sha256: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b00960f-2d08-4518-83c0-1d7f0f3c973c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8990
x-amzn-requestid: cb142f4b-787e-4b3c-9d75-72579105db60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYFOHi8IAMFpDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406ee-504a14105d2be58b1ce71c18;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GLJACvZUJjLdl3O2HUkWjgr7MqT_SRigTSdweSaTxUc-gTDULbYliA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 22:14:18 GMT
age: 22661
etag: "757f8e6306effbab70d99757c5672564cfc9f623"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8990
Md5:    53d2d9380ba28ed0656b54c22bc56766
Sha1:   757f8e6306effbab70d99757c5672564cfc9f623
Sha256: 6d6c41527ae28cdce016470ec1eb87e0ed384f3ef721838724f29845f3bd8dac
                                        
                                            GET /css?family=Poppins%3A400%2C600%7CDM+Serif+Display%3A400%2C&display=fallback&ver=3.9.4 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 16 Nov 2022 04:31:53 GMT
date: Wed, 16 Nov 2022 04:31:53 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odeifuomedia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 16 Nov 2022 04:31:53 GMT
date: Wed, 16 Nov 2022 04:31:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---