r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6254
Expires: Sat, 03 Dec 2022 20:34:11 GMT
Date: Sat, 03 Dec 2022 18:49:57 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1081
Cache-Control: max-age=143956
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:49:57 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 10:49:13 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12379
Expires: Sat, 03 Dec 2022 22:16:16 GMT
Date: Sat, 03 Dec 2022 18:49:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 18:20:00 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1797
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: bZrHN8jVnk+iS4htjFxPPmpBfQd2EsdRf8Puy1Wu0lpdV2ktnKtgodQdzjiHC7m51/CItM1HAl8=
x-amz-request-id: 308479NQ9SWPQ6J6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 18:47:14 GMT
age: 163
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 18:49:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
npgmining.com.au/
103.152.248.162301 Moved Permanently 707 B IP 103.152.248.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: npgmining.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sat, 03 Dec 2022 18:49:58 GMT
server: LiteSpeed
location: https://npgmining.com.au/
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 18:11:18 GMT
cache-control: public,max-age=3600
age: 2320
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1069
Cache-Control: max-age=138882
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:49:58 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 09:24:40 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.218.168.248101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.168.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +aRM49Qf1VqfnghV2VOA4w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tR4YSWvVOeurirvbNMBGK4Qt9dA=
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a96c48a3affad46a0b7f5b8178b926d3
cab43cf055876aa6e3a3e0563e9bc550a00f70da
f1bf5a7faea6b7ee9b5c8395188e4a5ba1840e1626e500803522c5950c472a68
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 974
Cache-Control: max-age=131262
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:49:59 GMT
Etag: "638af447-116"
Expires: Mon, 05 Dec 2022 07:17:41 GMT
Last-Modified: Sat, 03 Dec 2022 07:01:27 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a96c48a3affad46a0b7f5b8178b926d3
cab43cf055876aa6e3a3e0563e9bc550a00f70da
f1bf5a7faea6b7ee9b5c8395188e4a5ba1840e1626e500803522c5950c472a68
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 974
Cache-Control: max-age=131262
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:49:59 GMT
Etag: "638af447-116"
Expires: Mon, 05 Dec 2022 07:17:41 GMT
Last-Modified: Sat, 03 Dec 2022 07:01:27 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a96c48a3affad46a0b7f5b8178b926d3
cab43cf055876aa6e3a3e0563e9bc550a00f70da
f1bf5a7faea6b7ee9b5c8395188e4a5ba1840e1626e500803522c5950c472a68
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 974
Cache-Control: max-age=131262
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:49:59 GMT
Etag: "638af447-116"
Expires: Mon, 05 Dec 2022 07:17:41 GMT
Last-Modified: Sat, 03 Dec 2022 07:01:27 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278
code.jquery.com/ui/1.10.4/themes/smoothness/jquery-ui.css
69.16.175.42200 OK 6.0 kB URL HTTP/2 code.jquery.com/ui/1.10.4/themes/smoothness/jquery-ui.css
IP 69.16.175.42:0
File type ASCII text, with very long lines (1339)
Hash 83298a8a507016e51d4bf6b4f118bc0f
8cc440bf29df6809c0c3f36457df47c700e028f8
81fcb73b7aec32df03a4a91d4c8c952c4cc8792f55e00b1fb2587e4b6f37a87a
GET /ui/1.10.4/themes/smoothness/jquery-ui.css HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://npgmining.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:49:59 GMT
content-encoding: gzip
content-length: 6001
content-type: text/css
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
accept-ranges: bytes
server: nginx
etag: W/"28feccc0-7d15"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670093399.dop221.sk1.t,1670093399.cds247.sk1.hn,1670093399.cds243.sk1.c
X-Firefox-Spdy: h2
npgmining.com.au/wp-content/themes/theme/style.css
103.152.248.162200 OK 2.8 kB URL HTTP/2 npgmining.com.au/wp-content/themes/theme/style.css
IP 103.152.248.162:0
Hash af3695998052a20f81f8e27fcaa68a59
1f50e4d09b7a5e49df5c0b1f504c02e8030ff48a
aa3bb72e7433546a9adc9052d6a0e4fc1b651e73a1787980a152710f6cd118eb
GET /wp-content/themes/theme/style.css HTTP/1.1
Host: npgmining.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://npgmining.com.au/
Cookie: PHPSESSID=1bccb3a3bb21f7496f5312a613465411
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 18:49:59 GMT
content-type: text/css
last-modified: Wed, 22 May 2019 02:48:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2771
date: Sat, 03 Dec 2022 18:49:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
npgmining.com.au/wp-content/themes/theme/css/pushy.css
103.152.248.162200 OK 800 B URL HTTP/2 npgmining.com.au/wp-content/themes/theme/css/pushy.css
IP 103.152.248.162:0
Hash 6ce4d3c03891eb74a1b63316e2c82a67
5da0ecd9ca10d86fa96086268b3f8b48c04cccb6
2f750bed404b331d1654bb8796ba6812554d118bf8b4fe6044810dc2556da117
GET /wp-content/themes/theme/css/pushy.css HTTP/1.1
Host: npgmining.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://npgmining.com.au/
Cookie: PHPSESSID=1bccb3a3bb21f7496f5312a613465411
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 18:49:59 GMT
content-type: text/css
last-modified: Fri, 23 Oct 2015 01:23:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 800
date: Sat, 03 Dec 2022 18:49:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
npgmining.com.au/wp-includes/css/dist/block-library/style.min.css?ver=6.1
103.152.248.162200 OK 12 kB URL HTTP/2 npgmining.com.au/wp-includes/css/dist/block-library/style.min.css?ver=6.1
IP 103.152.248.162:0
File type ASCII text, with very long lines (47826)
Hash 3f7f7fa954242b63cf5127c14417c6e5
712c7c9ea049d297e3fb27d3c805be5c5867c4d4
e274dc85b6107cb6054dbee83ddb1e3dda3162ca8f93b16b2d692a451cf9511d
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1 HTTP/1.1
Host: npgmining.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://npgmining.com.au/
Cookie: PHPSESSID=1bccb3a3bb21f7496f5312a613465411
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 18:49:59 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 11:45:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11601
date: Sat, 03 Dec 2022 18:49:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
npgmining.com.au/wp-includes/css/classic-themes.min.css?ver=1
103.152.248.162200 OK 144 B URL HTTP/2 npgmining.com.au/wp-includes/css/classic-themes.min.css?ver=1
IP 103.152.248.162:0
Hash fcbd239f30d9a6dd1f3637f291143d37
2871bf7d98af3f43e42f7fa32808048e7134fabf
c2f98e9d71f782b7a3266cd337c61ae6c8dcbb7203669c07852aa2ab65ab6144
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: npgmining.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://npgmining.com.au/
Cookie: PHPSESSID=1bccb3a3bb21f7496f5312a613465411
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 18:49:59 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 11:45:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 144
date: Sat, 03 Dec 2022 18:49:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
npgmining.com.au/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
103.152.248.162200 OK 30 kB URL HTTP/2 npgmining.com.au/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 103.152.248.162:0
File type ASCII text, with very long lines (65447)
Hash 3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: npgmining.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://npgmining.com.au/
Cookie: PHPSESSID=1bccb3a3bb21f7496f5312a613465411
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 18:49:59 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 11:45:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Sat, 03 Dec 2022 18:49:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
npgmining.com.au/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
103.152.248.162200 OK 4.0 kB URL HTTP/2 npgmining.com.au/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 103.152.248.162:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: npgmining.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://npgmining.com.au/
Cookie: PHPSESSID=1bccb3a3bb21f7496f5312a613465411
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 18:49:59 GMT
content-type: application/javascript
last-modified: Fri, 21 Oct 2022 01:30:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Sat, 03 Dec 2022 18:49:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
npgmining.com.au/wp-content/plugins/rtoenrol/css/rtoenrol.css
103.152.248.162200 OK 1.5 kB URL HTTP/2 npgmining.com.au/wp-content/plugins/rtoenrol/css/rtoenrol.css
IP 103.152.248.162:0
File type assembler source, ASCII text
Hash fafbc03a8f077037dbd4c528d0d90348
b7a10a0897e92ab407b940a586d1d99454927933
083fea0e63ca8952c409c4cf9e938452573108c879be36c0cd930baae3a5ea73
GET /wp-content/plugins/rtoenrol/css/rtoenrol.css HTTP/1.1
Host: npgmining.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://npgmining.com.au/
Cookie: PHPSESSID=1bccb3a3bb21f7496f5312a613465411
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 18:49:59 GMT
content-type: text/css
last-modified: Mon, 28 May 2018 22:58:29 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1457
date: Sat, 03 Dec 2022 18:49:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
npgmining.com.au/wp-content/plugins/rtostudent/css/style.css
103.152.248.162200 OK 349 B URL HTTP/2 npgmining.com.au/wp-content/plugins/rtostudent/css/style.css
IP 103.152.248.162:0
Hash 76b8ff375607c1e47f465fed2348a16c
85db29abf2cf50b6358cb67a84fe78417e5c5f3e
40a7194f2dc5c28a0fd79a6fe43da685aa13ee5a2f7f4782d52c0218dbc5b65f
GET /wp-content/plugins/rtostudent/css/style.css HTTP/1.1
Host: npgmining.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://npgmining.com.au/
Cookie: PHPSESSID=1bccb3a3bb21f7496f5312a613465411
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 18:49:59 GMT
content-type: text/css
last-modified: Mon, 04 Jan 2016 20:45:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 349
date: Sat, 03 Dec 2022 18:49:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7369
Expires: Sat, 03 Dec 2022 20:52:49 GMT
Date: Sat, 03 Dec 2022 18:50:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7369
Expires: Sat, 03 Dec 2022 20:52:49 GMT
Date: Sat, 03 Dec 2022 18:50:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7369
Expires: Sat, 03 Dec 2022 20:52:49 GMT
Date: Sat, 03 Dec 2022 18:50:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7369
Expires: Sat, 03 Dec 2022 20:52:49 GMT
Date: Sat, 03 Dec 2022 18:50:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XvG2dAUeB914GQ1qJwQRHovAtra8OSjG-CsXeR8UOBq5r8qVjEbPBQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 22:39:04 GMT
age: 72656
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 379a4a1b95d3aa3c5a4f8e7f9abb030f
d45dceb3dc58a07197aa5077582b5b1cd2ff791a
1b92dec5bf90beffbcd9060052b8788f08645dd4ba34219f7ddb2d40bbd2d151
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7732
x-amzn-requestid: 3781c2b7-082a-468a-a186-f7483494e749
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoEq3IAMFnKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-679fe9f905e07abf4e6a812c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V4Z3TZtTDMjnyxZx7VdJrKtZ-PbZkWnsQ0-1eFDem4TVyRGvk0dc7A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:53:36 GMT
age: 75384
etag: "d45dceb3dc58a07197aa5077582b5b1cd2ff791a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
Hash b52bd101d957ab5b6afc665ded7418c5
0e234783dab9c6fd15b657bb3021a7bff2d22e2e
9bc8f527b3f4981fbdf66c7f827123fbc020af873e399fb4e8cceaec18a07340
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 06:00:50 GMT
age: 46150
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e74254b3fdce7d6b84a71a7aff43789
65c8b4abf957f9b54d99d0f78559e639adb29efb
f278c3cc6734da7188862a8c651c803e7ac1fda82234e191761453cb1359d3ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5354
x-amzn-requestid: 3d58ffea-3433-4c5c-a60b-17f6de3a33e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsnvG44oAMFfyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638427ca-63b375f04189b7ce7d84cd5d;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:15:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GBhAilKMKo9RvIzqzF9V4jTZbvpa2rPZeoy6Jy8fMc1-JO078OAYzQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 05:53:40 GMT
age: 46580
etag: "65c8b4abf957f9b54d99d0f78559e639adb29efb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45182367fd4f8b6dd234eef1022acdb1
d4b3052021ff3ad1dc4134fa25eb12a98e7c17da
a57fadaf74db2fb457cfe761314d56f021d22146f5bdb6a8bf11b6519e8a558d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9715
x-amzn-requestid: c8102cfa-78dc-4d81-ad6a-e16b9132e238
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZO2HQKIAMF8IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2b-350c586b568e6565763376bd;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0QkVKyYm9UwlF5FEeli9UsRAQwEi3-c3bMR-QSJxIKRQe7WWT76dGQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:37:54 GMT
age: 76326
etag: "d4b3052021ff3ad1dc4134fa25eb12a98e7c17da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fcb89ca25035b2bbb71ae5dd175fcd40
544428cdad754b1bb7be3cd46a79bf078fd5b450
36dcbbe6cd2710ee502776b4bcf32053e92b750a55e2bd4cdeadbc694c7c2699
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: c824c317-e6e3-4006-9f9d-ea54e8170a4c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cf2_tGErIAMF8_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63896b97-7fc523296afea4dd4b5d1de8;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 03:05:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tp50A9LYeT1RvSPImBUoQNKtarPryKb8Zacm_nxqDh-gegwdQov7Nw==
via: 1.1 40b967aa4aa18637c4b91214147f3cb4.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 03:50:52 GMT
age: 53948
etag: "544428cdad754b1bb7be3cd46a79bf078fd5b450"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
npgmining.com.au/images/logo-small.png
103.152.248.162200 OK 20 kB URL HTTP/2 npgmining.com.au/images/logo-small.png
IP 103.152.248.162:0
File type PNG image data, 203 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash fe8f141c5c952ecda87bec9e9f073858
9805dd1b01b2472b5482b8bb45d47a2ebf6cc4d7
871a0cc72d59a56c598b2883466fa1e3b19102acb36b448814d80c881d0a8e18
GET /images/logo-small.png HTTP/1.1
Host: npgmining.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://npgmining.com.au/
Cookie: PHPSESSID=1bccb3a3bb21f7496f5312a613465411
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 18:49:59 GMT
content-type: image/png
last-modified: Fri, 23 Oct 2015 01:21:14 GMT
accept-ranges: bytes
content-length: 20038
date: Sat, 03 Dec 2022 18:49:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
npgmining.com.au/wp-includes/js/jquery/ui/draggable.min.js?ver=1.13.2
103.152.248.162200 OK 4.7 kB URL HTTP/2 npgmining.com.au/wp-includes/js/jquery/ui/draggable.min.js?ver=1.13.2
IP 103.152.248.162:0
File type ASCII text, with very long lines (18142)
Hash 9fa09b4b4bb995e5f5942c37123f8499
690fc801667580c2aaa28df68137c7d37b6315fa
237e712f62ee8933d4f8fb444949c35ca94bd37ced1c7960f9f56c822c08e756
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/draggable.min.js?ver=1.13.2 HTTP/1.1
Host: npgmining.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://npgmining.com.au/
Cookie: PHPSESSID=1bccb3a3bb21f7496f5312a613465411
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 18:49:59 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 11:45:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4650
date: Sat, 03 Dec 2022 18:49:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
npgmining.com.au/wp-includes/js/jquery/ui/controlgroup.min.js?ver=1.13.2
103.152.248.162200 OK 1.4 kB URL HTTP/2 npgmining.com.au/wp-includes/js/jquery/ui/controlgroup.min.js?ver=1.13.2
IP 103.152.248.162:0
File type ASCII text, with very long lines (4205)
Hash f973396439d69c748c68227df6a13e37
97ace9383120cfce7c4ff540e3c829541ce94ef1
d6a475f6805246cd0cbd24519db972729d5e72137573967e91c42285bc5804ad
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/controlgroup.min.js?ver=1.13.2 HTTP/1.1
Host: npgmining.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://npgmining.com.au/
Cookie: PHPSESSID=1bccb3a3bb21f7496f5312a613465411
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 18:49:59 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 11:45:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1445
date: Sat, 03 Dec 2022 18:49:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
npgmining.com.au/
103.152.248.162200 OK 7.9 kB IP 103.152.248.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381)
Hash 54a2cab9cecc61ede40dd4ef4725cfd4
fb88a54177f1c389683f436ac0f3167846878118
2777977f8fc2feed7353f2076e5523baffab6bf5bcd04091b0b710a0e9ca1f34
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: npgmining.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.4.33
set-cookie: PHPSESSID=1bccb3a3bb21f7496f5312a613465411; path=/; secure
content-type: text/html; charset=UTF-8
link: <https://npgmining.com.au/wp-json/>; rel="https://api.w.org/", <https://npgmining.com.au/wp-json/wp/v2/pages/5>; rel="alternate"; type="application/json", <https://npgmining.com.au/>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Dec 2022 18:49:59 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
104.18.10.207200 OK 7.8 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
IP 104.18.10.207:0
File type ASCII text, with very long lines (26548)
Hash 2081d586b6a6624422a6180972393286
035dade63a5483500bb1d63dffbeea489f8a2068
41ace515b77108610adb2f19660e1d3c4652ab0c74d04d70a0b6ab7391166b3f
GET /font-awesome/4.4.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://npgmining.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:49:59 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 12/13/2021 21:25:06
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 632
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 8ac87b10825a6871d9cd076fc3a23e4f
cdn-cache: HIT
cf-cache-status: HIT
age: 15540151
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 773e7c42bbeb0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
104.18.10.207200 OK 24 kB URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
IP 104.18.10.207:0
File type ASCII text, with very long lines (65371)
Hash dc5e4de71468e94bc7b7f62fd0504132
009ab22cc714c962a40b38213ad24b41cf55e120
d68c53ccf03b0e72d119314cbbe349777157509db6a0e052c6833cab95f5d725
GET /bootstrap/3.3.5/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://npgmining.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:49:59 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"5d5357cb3704e1f43a1f5bfed2aebf42"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 02/24/2022 14:58:46
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 864
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: fbe7e6fea753e22c4e1fd8ba1cf2b066
cdn-cache: HIT
cf-cache-status: HIT
age: 15542785
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 773e7c42bbe10b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
npgmining.com.au/wp-content/plugins/rtostudent/js/script.js?ver=0.1
103.152.248.162200 OK 1.1 kB URL HTTP/2 npgmining.com.au/wp-content/plugins/rtostudent/js/script.js?ver=0.1
IP 103.152.248.162:0
Hash 26f3bd72f503eb7692aca9812b3d24f6
c5aeccea2338b6fa56957b4757c6cbe3b4adf772
7f1c18bd49a701c24e9d47c199c10b90e078a22fb04297c765c2a0dee8b4d94a
GET /wp-content/plugins/rtostudent/js/script.js?ver=0.1 HTTP/1.1
Host: npgmining.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://npgmining.com.au/
Cookie: PHPSESSID=1bccb3a3bb21f7496f5312a613465411
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 18:49:59 GMT
content-type: application/javascript
last-modified: Wed, 12 Oct 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1064
date: Sat, 03 Dec 2022 18:49:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
npgmining.com.au/wp-content/themes/theme/js/script.js?
103.152.248.162200 OK 2.1 kB URL HTTP/2 npgmining.com.au/wp-content/themes/theme/js/script.js?
IP 103.152.248.162:0
Hash 0261e2357459575744694a2dddeecce7
0f6723f807b97d2bf6fda57f58d56fd5c43cbc8f
f83b818c046e94e26787789223bac8968cd04d6286c012b0da05985a4bf68a98
GET /wp-content/themes/theme/js/script.js? HTTP/1.1
Host: npgmining.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://npgmining.com.au/
Cookie: PHPSESSID=1bccb3a3bb21f7496f5312a613465411
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 18:49:59 GMT
content-type: application/javascript
last-modified: Wed, 12 Oct 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2116
date: Sat, 03 Dec 2022 18:49:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
npgmining.com.au/wp-content/themes/theme/js/pushy.js?
103.152.248.162200 OK 1.0 kB URL HTTP/2 npgmining.com.au/wp-content/themes/theme/js/pushy.js?
IP 103.152.248.162:0
Hash f4fc570a80b784a9eca6f242e9aa09a4
44ac0ec30db53c00d2e0cb2311f4969938e06f8f
64118317aa6256dee03e5f4e2b5517a30462dec942bcb120c218ad2265558a7e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/theme/js/pushy.js? HTTP/1.1
Host: npgmining.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://npgmining.com.au/
Cookie: PHPSESSID=1bccb3a3bb21f7496f5312a613465411
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 18:49:59 GMT
content-type: application/javascript
last-modified: Wed, 12 Oct 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1037
date: Sat, 03 Dec 2022 18:49:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
npgmining.com.au/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
103.152.248.162200 OK 6.8 kB URL HTTP/2 npgmining.com.au/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 103.152.248.162:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 3d0ff0f6731d9cef860af9a5a0e3ce62
13aed444304d782039e261475c8b4450b83e743e
e8d05db77732c71843ced6f386ea82eb32243ac36e7ca3e071cb7f53e2ffbce5
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: npgmining.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://npgmining.com.au/
Cookie: PHPSESSID=1bccb3a3bb21f7496f5312a613465411
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 18:49:59 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 11:45:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6800
date: Sat, 03 Dec 2022 18:49:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
npgmining.com.au/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2
103.152.248.162200 OK 3.8 kB URL HTTP/2 npgmining.com.au/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2
IP 103.152.248.162:0
File type ASCII text, with very long lines (11760)
Hash 3a8c0c6bf695efea9e3acfaff14c3ca5
38e58a427812d0655192a36bf644d51853febe8b
fe50234a7e2fa53617f7379107d8e4f2baba0a98fc8a20e001fc5b2766292743
GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2 HTTP/1.1
Host: npgmining.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://npgmining.com.au/
Cookie: PHPSESSID=1bccb3a3bb21f7496f5312a613465411
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 18:49:59 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 11:45:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3760
date: Sat, 03 Dec 2022 18:49:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
npgmining.com.au/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.2
103.152.248.162200 OK 1.0 kB URL HTTP/2 npgmining.com.au/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.2
IP 103.152.248.162:0
File type ASCII text, with very long lines (3224)
Hash 8e5968255afb7b8150cfa6580a07f9fa
17d3ef1fc3886a503f677a777da4d69d3a081c13
d87df7901b51c7aa9309e2b0b87400f14a3bd0c4239386541cbacfe7d8157319
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.2 HTTP/1.1
Host: npgmining.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://npgmining.com.au/
Cookie: PHPSESSID=1bccb3a3bb21f7496f5312a613465411
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 18:49:59 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 11:45:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1001
date: Sat, 03 Dec 2022 18:49:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
npgmining.com.au/wp-includes/js/jquery/ui/resizable.min.js?ver=1.13.2
103.152.248.162200 OK 5.1 kB URL HTTP/2 npgmining.com.au/wp-includes/js/jquery/ui/resizable.min.js?ver=1.13.2
IP 103.152.248.162:0
File type ASCII text, with very long lines (18523)
Hash bacf74d0d081bb48d40b94cda6119fcf
ac367e1dc5816689fc56187af5842522946f6312
e0ce2c4da90b49ee3d6ed49b016e7a47be497d9ef04f7e2f32abaa3aca6fa4d0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/resizable.min.js?ver=1.13.2 HTTP/1.1
Host: npgmining.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://npgmining.com.au/
Cookie: PHPSESSID=1bccb3a3bb21f7496f5312a613465411
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 18:49:59 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 11:45:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5119
date: Sat, 03 Dec 2022 18:49:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
npgmining.com.au/wp-content/plugins/rtoenrol/js/rtoenrol.js?ver=1670093399
103.152.248.162200 OK 4.7 kB URL HTTP/2 npgmining.com.au/wp-content/plugins/rtoenrol/js/rtoenrol.js?ver=1670093399
IP 103.152.248.162:0
Hash ab3b73a417eae186f0b4621f7627677b
a973969ea024be928daadb9216735bfab36ef2d5
61e3f235aa668a36ac172d46718e1dcd038ae8f1fa96f3e108d40bfa10471c1c
GET /wp-content/plugins/rtoenrol/js/rtoenrol.js?ver=1670093399 HTTP/1.1
Host: npgmining.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://npgmining.com.au/
Cookie: PHPSESSID=1bccb3a3bb21f7496f5312a613465411
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 18:49:59 GMT
content-type: application/javascript
last-modified: Wed, 12 Oct 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4683
date: Sat, 03 Dec 2022 18:49:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
npgmining.com.au/wp-content/uploads/2022/08/Drill-Rig-Post-Overhaul-scaled-e1660716668378-1024x544.jpg
103.152.248.162200 OK 111 kB URL HTTP/2 npgmining.com.au/wp-content/uploads/2022/08/Drill-Rig-Post-Overhaul-scaled-e1660716668378-1024x544.jpg
IP 103.152.248.162:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1024x544, components 3\012- data
Size 111 kB (110659 bytes)
Hash 519e5319e3cc271a678ed2e61cab93dd
5a28ca2f27dd345a02589c2f0105480de8e93c34
3c381eb244b049218ef850445c0e7c6499a8431158068965320e4d676c309e44
GET /wp-content/uploads/2022/08/Drill-Rig-Post-Overhaul-scaled-e1660716668378-1024x544.jpg HTTP/1.1
Host: npgmining.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://npgmining.com.au/
Cookie: PHPSESSID=1bccb3a3bb21f7496f5312a613465411
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 18:49:59 GMT
content-type: image/jpeg
last-modified: Wed, 17 Aug 2022 06:11:09 GMT
accept-ranges: bytes
content-length: 110659
date: Sat, 03 Dec 2022 18:49:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
npgmining.com.au/wp-includes/js/wp-emoji-release.min.js?ver=6.1
103.152.248.162200 OK 4.6 kB URL HTTP/2 npgmining.com.au/wp-includes/js/wp-emoji-release.min.js?ver=6.1
IP 103.152.248.162:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1 HTTP/1.1
Host: npgmining.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://npgmining.com.au/
Cookie: PHPSESSID=1bccb3a3bb21f7496f5312a613465411
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 18:49:59 GMT
content-type: application/javascript
last-modified: Wed, 12 Oct 2022 05:12:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Sat, 03 Dec 2022 18:49:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash f5ef1daf05967219aa1db3a61cb35c40
9e7edce0d436558da89e4c016e9f1c27ad335026
a64737eba54f1abe1c3f4860591e8e8439d11935ddc9e76669c64647e4010227
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=124521
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:50:00 GMT
Etag: "638addc1-2d7"
Expires: Mon, 05 Dec 2022 05:25:21 GMT
Last-Modified: Sat, 03 Dec 2022 05:25:21 GMT
Server: nginx
Content-Length: 727
npgmining.com.au/wp-content/uploads/2015/10/iphone-131115-174-cropped.jpg
103.152.248.162200 OK 279 kB URL HTTP/2 npgmining.com.au/wp-content/uploads/2015/10/iphone-131115-174-cropped.jpg
IP 103.152.248.162:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=14], baseline, precision 8, 1484x436, components 3\012- data
Size 279 kB (278846 bytes)
Hash 148938afb94b792764a287e3e3cb1108
c7ef10b75de122261181f0c6d386e9d18dd48d95
590236c4c9527b93bb0a05b8236cc09f768125f044de30aa837fcda0e87e7de5
GET /wp-content/uploads/2015/10/iphone-131115-174-cropped.jpg HTTP/1.1
Host: npgmining.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://npgmining.com.au/
Cookie: PHPSESSID=1bccb3a3bb21f7496f5312a613465411
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 18:50:00 GMT
content-type: image/jpeg
last-modified: Tue, 29 May 2018 00:40:26 GMT
accept-ranges: bytes
content-length: 278846
date: Sat, 03 Dec 2022 18:50:00 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
npgmining.rtodata.com.au/api/widget/widget.js
3.24.196.56403 Forbidden 118 B URL HTTP/2 npgmining.rtodata.com.au/api/widget/widget.js
IP 3.24.196.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash bad2e8579dcdb79399aac2064216a37d
7771e4d9c60e02ce2246b5d71bb23f92b9fb8a90
58bf2215b395dcac74c009aa98701854e43cbe54a1cd3a95fee6a647ca9910d4
GET /api/widget/widget.js HTTP/1.1
Host: npgmining.rtodata.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://npgmining.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: awselb/2.0
date: Sat, 03 Dec 2022 18:50:01 GMT
content-type: text/html
content-length: 118
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:50:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://npgmining.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 03 Dec 2022 18:41:08 GMT
expires: Sat, 03 Dec 2022 20:41:08 GMT
cache-control: public, max-age=7200
age: 533
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:50:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j98&a=1012612996&t=pageview&_s=1&dl=https%3A%2F%2Fnpgmining.com.au%2F&ul=en-us&de=UTF-8&dt=Home%20%C2%BB%20NPG%20Mining&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=1480845534&gjid=115638233&cid=1559622494.1670093399&tid=UA-69358732-1&_gid=814477323.1670093399&_r=1&_slc=1&z=606973396
142.250.74.110200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=1012612996&t=pageview&_s=1&dl=https%3A%2F%2Fnpgmining.com.au%2F&ul=en-us&de=UTF-8&dt=Home%20%C2%BB%20NPG%20Mining&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=1480845534&gjid=115638233&cid=1559622494.1670093399&tid=UA-69358732-1&_gid=814477323.1670093399&_r=1&_slc=1&z=606973396
IP 142.250.74.110:0
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j98&a=1012612996&t=pageview&_s=1&dl=https%3A%2F%2Fnpgmining.com.au%2F&ul=en-us&de=UTF-8&dt=Home%20%C2%BB%20NPG%20Mining&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=1480845534&gjid=115638233&cid=1559622494.1670093399&tid=UA-69358732-1&_gid=814477323.1670093399&_r=1&_slc=1&z=606973396 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://npgmining.com.au
Connection: keep-alive
Referer: https://npgmining.com.au/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://npgmining.com.au
date: Sat, 03 Dec 2022 18:50:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3abdcce275bb9723b4ac1d0c38cc8891
91f0d888c38db0899f106b652e3dcac062648099
ff411fc0d5abaf519d6600961ec51ad71ad9a02e23cc02ad818e27f0324b3d1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7657
x-amzn-requestid: c0dbd862-41cf-4fa8-ab6b-256763c63fbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1Fo6IAMF9EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-554ffbc83fd70c557437120f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ElvfdUly4Rb3YOQyMO2C_VelFUe6xcFbMh6x5fNrRzGjKCITdGSwLQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:37:47 GMT
age: 76339
etag: "91f0d888c38db0899f106b652e3dcac062648099"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
npgmining.com.au/images/favicon.ico
103.152.248.162404 Not Found 0 B URL HTTP/2 npgmining.com.au/images/favicon.ico
IP 103.152.248.162:0
GET /images/favicon.ico HTTP/1.1
Host: npgmining.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://npgmining.com.au/
Cookie: PHPSESSID=1bccb3a3bb21f7496f5312a613465411
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://npgmining.com.au/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Dec 2022 18:50:01 GMT
server: LiteSpeed
X-Firefox-Spdy: h2