Overview

URL branteur.com/quasi-illum/documents.zip
IP185.212.71.149
ASNHostinger International Limited
Location Germany
Report completed2022-09-09 12:55:23 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-09 2 branteur.com/quasi-illum/documents.zip Malware
2022-09-09 2 branteur.com/wp-content/plugins/formidable/css/formidableforms.css?ver=542348 Malware
2022-09-09 2 branteur.com/wp-content/plugins/loftloader-pro/assets/css/loftloader.min.cs (...) Malware
2022-09-09 2 branteur.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.4 Malware
2022-09-09 2 branteur.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.23 Malware
2022-09-09 2 branteur.com/wp-content/plugins/popups-for-divi/scripts/ie-compat.min.js?ve (...) Malware
2022-09-09 2 branteur.com/wp-content/et-cache/global/et-divi-customizer-global.min.css?v (...) Malware
2022-09-09 2 branteur.com/wp-content/et-cache/1844/et-core-unified-cpt-1844.min.css?ver= (...) Malware
2022-09-09 2 branteur.com/wp-content/et-cache/1844/et-core-unified-cpt-deferred-1844.min (...) Malware
2022-09-09 2 branteur.com/wp-content/et-cache/2227/et-core-unified-cpt-deferred-2227.min (...) Malware
2022-09-09 2 branteur.com/wp-content/et-cache/notfound/et-divi-dynamic-tb-1844-tb-2227-l (...) Malware
2022-09-09 2 branteur.com/wp-content/plugins/divi-toolbox/cache/wp_dtb-style-2002513.css (...) Malware
2022-09-09 2 branteur.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Malware
2022-09-09 2 branteur.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?v (...) Malware
2022-09-09 2 branteur.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets (...) Malware
2022-09-09 2 branteur.com/wp-content/plugins/loftloader-pro/assets/js/jquery.waitformedi (...) Malware
2022-09-09 2 branteur.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.23 Malware
2022-09-09 2 branteur.com/wp-content/plugins/divi-toolbox/assets/js/toolbox-scripts.js?v (...) Malware
2022-09-09 2 branteur.com/quasi-illum/documents.zip Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (10)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-09 05:37:59 UTC 143.204.55.115
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-09 12:02:18 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-09 04:43:53 UTC 35.162.35.244
mnemonic passive DNS ocsp.pki.goog (5) 175 2017-06-14 07:23:31 UTC 2022-09-09 04:41:59 UTC 142.250.74.3
mnemonic passive DNS fonts.gstatic.com (4) 0 2014-08-29 13:43:22 UTC 2022-09-09 04:41:01 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-09 07:18:24 UTC 34.120.237.76
mnemonic passive DNS r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-09-09 04:40:05 UTC 23.36.77.32
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-09 04:47:11 UTC 143.204.55.25
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-09 04:48:21 UTC 34.117.237.239
mnemonic passive DNS branteur.com (28) 0 2020-04-26 10:35:57 UTC 2022-08-30 10:28:51 UTC 185.212.71.149 Unknown ranking


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 185.212.71.149

Date UQ / IDS / BL URL IP
2022-10-03 16:41:11 +0000
0 - 0 - 19 branteur.com/quasi-illum/documents.zip 185.212.71.149
2022-09-12 23:16:42 +0000
0 - 0 - 2 royalqueenmarine.com/ex-voluptatem/documents.zip 185.212.71.149
2022-09-12 23:03:18 +0000
0 - 0 - 20 branteur.com/quasi-illum/documents.zip 185.212.71.149
2022-09-12 23:02:14 +0000
0 - 0 - 2 jisengineer.com/et-est/documents.zip 185.212.71.149
2022-09-11 14:48:37 +0000
0 - 0 - 20 branteur.com/quasi-illum/documents.zip 185.212.71.149

Last 5 reports on ASN: Hostinger International Limited

Date UQ / IDS / BL URL IP
2022-11-29 00:49:33 +0000
4 - 0 - 1 15aciwpagerestricted13892047482business.co.vu (...) 153.92.208.12
2022-11-29 00:49:11 +0000
3 - 0 - 1 15aciwpagerestricted13892047482business.co.vu (...) 153.92.208.12
2022-11-29 00:45:42 +0000
4 - 0 - 1 15aciwpagerestricted13892047482business.co.vu (...) 153.92.208.12
2022-11-29 00:24:35 +0000
0 - 0 - 30 kalibatacitymurah.com/ 153.92.8.188
2022-11-28 23:39:55 +0000
0 - 0 - 13 jasaborsumurjakarta.com/hitman-2-real-proper- (...) 153.92.8.20

Last 4 reports on domain: branteur.com

Date UQ / IDS / BL URL IP
2022-10-03 16:41:11 +0000
0 - 0 - 19 branteur.com/quasi-illum/documents.zip 185.212.71.149
2022-09-12 23:03:18 +0000
0 - 0 - 20 branteur.com/quasi-illum/documents.zip 185.212.71.149
2022-09-11 14:48:37 +0000
0 - 0 - 20 branteur.com/quasi-illum/documents.zip 185.212.71.149
2022-09-09 12:55:23 +0000
0 - 0 - 19 branteur.com/quasi-illum/documents.zip 185.212.71.149

Last 3 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-03 16:41:11 +0000
0 - 0 - 19 branteur.com/quasi-illum/documents.zip 185.212.71.149
2022-09-12 23:03:18 +0000
0 - 0 - 20 branteur.com/quasi-illum/documents.zip 185.212.71.149
2022-09-11 14:48:37 +0000
0 - 0 - 20 branteur.com/quasi-illum/documents.zip 185.212.71.149


JavaScript

Executed Scripts (24)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (53)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 09 Sep 2022 12:11:18 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: G14pta1fUtTtVdgdN7cFBYunud3Dp4hRs_Rtu3KNMrMXW89EsgpW8A==
Age: 2633


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3554
Expires: Fri, 09 Sep 2022 13:54:26 GMT
Date: Fri, 09 Sep 2022 12:55:12 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JssfqkD9tZgPiHwquROfcyfzVTt9kuDQ9rPMU53JDAbZvlaRiHwU2Q==
age: 32918
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 09 Sep 2022 12:55:12 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 09 Sep 2022 11:56:07 GMT
Expires: Fri, 09 Sep 2022 12:30:37 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sOuGNSEqDzTs3ff8acvhuBZ8HGbUpV5wgN9NGPIhxioKIq59sqPjKQ==
Age: 3545


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /quasi-illum/documents.zip HTTP/1.1 
Host: branteur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         185.212.71.149
HTTP/1.1 301 Moved Permanently
content-type: text/html
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
date: Fri, 09 Sep 2022 12:55:12 GMT
server: LiteSpeed
location: https://branteur.com/quasi-illum/documents.zip
content-security-policy: upgrade-insecure-requests


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   707
Md5:    1304294c0823ca486542ba408ed761e3
Sha1:   b2a70fb2d810ca13985882e6981f33998823e83e
Sha256: 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4671
Cache-Control: 'max-age=158059'
Date: Fri, 09 Sep 2022 12:55:12 GMT
Last-Modified: Fri, 09 Sep 2022 11:37:21 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lG+KuMwPZbUwACcG3L6KBg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.162.35.244
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8IVOOVm4OS+O72bsFUBTRSzJ6q4=

                                        
                                            GET /wp-content/plugins/formidable/css/formidableforms.css?ver=542348 HTTP/1.1 
Host: branteur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://branteur.com/quasi-illum/documents.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.212.71.149
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 12:55:13 GMT
last-modified: Wed, 04 May 2022 23:48:40 GMT
etag: "1dcfd-627310d8-8a090a86bc58586b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18226
date: Fri, 09 Sep 2022 12:55:13 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65436)
Size:   18226
Md5:    f8674a9a38254d07da77c9bff3b52de1
Sha1:   99a7055d56498e7cf5f903593b28c226e0128715
Sha256: 112ab51f36e380b3fef684ffd9982f1b1d2bbe2d9c1069b2c408213d740467f5

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/popups-for-divi/styles/front.min.css?ver=3.0.5 HTTP/1.1 
Host: branteur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://branteur.com/quasi-illum/documents.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.212.71.149
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 12:55:13 GMT
last-modified: Wed, 04 May 2022 23:48:28 GMT
etag: "1c9f-627310cc-513d1ce4d92d137d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1494
date: Fri, 09 Sep 2022 12:55:13 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7327), with no line terminators
Size:   1494
Md5:    fb0e24eb0030aa3542b5175258f656ed
Sha1:   cb352be176357b22571daf0aace5f2197adab73d
Sha256: c5944f6137fe8304d6539a4513aa7858cdb0de69e8222930e2310eacfefcd789
                                        
                                            GET /wp-content/plugins/loftloader-pro/assets/css/loftloader.min.css?ver=2020031503 HTTP/1.1 
Host: branteur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://branteur.com/quasi-illum/documents.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.212.71.149
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 12:55:13 GMT
last-modified: Fri, 01 May 2020 20:37:43 GMT
etag: "fb82-5eac8897-a0e5b4fe57ec38ad;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6106
date: Fri, 09 Sep 2022 12:55:13 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64385)
Size:   6106
Md5:    14b04bd6d2d67f73bd2f2120ac82f300
Sha1:   26af24f5b740f44aad45ae48b563c0b9523efba8
Sha256: 1c9c91f76d7950f05a9b5cd23524d6fd2f08cbbdc84c6c666cc51ab9dfc668ba

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=5.9.4 HTTP/1.1 
Host: branteur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://branteur.com/quasi-illum/documents.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.212.71.149
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 12:55:13 GMT
last-modified: Wed, 06 Apr 2022 07:25:43 GMT
etag: "145db-624d4077-fba30a36d2316266;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10333
date: Fri, 09 Sep 2022 12:55:13 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (39791)
Size:   10333
Md5:    d6f5b04e5387a48eb2bdccd5747cd801
Sha1:   8054a5ccdd765a1192e1903ffd5d3802392d7b52
Sha256: a8b326c62002e5dec4c136fe545cb37f1df34a8843897564737260d3b0525bdf

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.23 HTTP/1.1 
Host: branteur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://branteur.com/quasi-illum/documents.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.212.71.149
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 12:55:13 GMT
last-modified: Wed, 07 Oct 2020 08:57:43 GMT
etag: "ea95-5f7d8307-693dcbd2f1c4fbee;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11948
date: Fri, 09 Sep 2022 12:55:13 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Size:   11948
Md5:    1ad952c62fb45ca3ed84f428e7552754
Sha1:   7241e25dfd27ceba41f5882905a6a8a5a03aed75
Sha256: b69899522e949f9ed00d5606fe6e9cd1380d2f33ac0474949d92d03852986061

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: branteur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://branteur.com/quasi-illum/documents.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.212.71.149
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 12:55:13 GMT
last-modified: Mon, 13 Dec 2021 07:49:04 GMT
etag: "2bd8-61b6faf0-1d195108899c8786;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3984
date: Fri, 09 Sep 2022 12:55:13 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   3984
Md5:    4116c2be947ecf205a0c7fc117ca55f0
Sha1:   0cd8efc9fe349d67a86b49d1e5582a9b21d05add
Sha256: 6b1970b536b88a18b0eb4fe138e677b9736294057660676507fabee57cb0462c
                                        
                                            GET /wp-content/plugins/popups-for-divi/scripts/ie-compat.min.js?ver=3.0.5 HTTP/1.1 
Host: branteur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://branteur.com/quasi-illum/documents.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.212.71.149
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 12:55:13 GMT
last-modified: Wed, 04 May 2022 23:48:28 GMT
etag: "2712-627310cc-b6d7ddff2762a47b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3517
date: Fri, 09 Sep 2022 12:55:13 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10001)
Size:   3517
Md5:    acc7730e611a0a42d1a2e2e72c4d569c
Sha1:   a22b2c3e1f18333128e44c43c70e0a96b9b0d230
Sha256: cf679653ad76682c4c82d4dc304b29432b1344080f5d96ac7179a2fb5fa24792

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1661155996 HTTP/1.1 
Host: branteur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://branteur.com/quasi-illum/documents.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.212.71.149
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 12:55:13 GMT
last-modified: Mon, 22 Aug 2022 08:13:16 GMT
etag: "32ae-63033a9c-b70915ce56898e45;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2399
date: Fri, 09 Sep 2022 12:55:13 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12974), with no line terminators
Size:   2399
Md5:    3fa4aa206047d0480e583a706330b40e
Sha1:   68cd397e648019663f9071a4d6ecf24688f9a89e
Sha256: 2b4a63b805e725a26f6e7e6b9b57ce782c2ab9b6dc145c7cb52ed231d03c4a1f

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/et-cache/1844/et-core-unified-cpt-1844.min.css?ver=1661171809 HTTP/1.1 
Host: branteur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://branteur.com/quasi-illum/documents.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.212.71.149
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 12:55:13 GMT
last-modified: Mon, 22 Aug 2022 12:36:49 GMT
etag: "161-63037861-977af82db5abd818;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 135
date: Fri, 09 Sep 2022 12:55:13 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (353), with no line terminators
Size:   135
Md5:    362f3a154fc9cd71a649443d6cc9c033
Sha1:   6f5ea6de36d34ae8a2b3d8e1319adc3d158f1a41
Sha256: 68079ae72eb55a253aee3745eb0bdae4d0aa133e847546cc5c82fa3fd385e546

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/et-cache/1844/et-core-unified-cpt-deferred-1844.min.css?ver=1661155996 HTTP/1.1 
Host: branteur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://branteur.com/quasi-illum/documents.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.212.71.149
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 12:55:13 GMT
last-modified: Mon, 22 Aug 2022 08:13:16 GMT
etag: "1ca-63033a9c-9465d6d7ba34f16a;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 150
date: Fri, 09 Sep 2022 12:55:13 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (458), with no line terminators
Size:   150
Md5:    bca5b4e5dae73c5c3ac9a4a7296fb108
Sha1:   d930d8622a308f4899b2771b0ba30f27f52895c3
Sha256: c6e8afa90ba0fa88a524d37125422e03512ac61723d7d69ba43ea2167028aa22

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2020/05/branteur-loader-logo.png HTTP/1.1 
Host: branteur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://branteur.com/quasi-illum/documents.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.212.71.149
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 12:55:13 GMT
last-modified: Wed, 13 May 2020 12:50:56 GMT
etag: "55a-5ebbed30-fcf8c2219c51d390;;;"
accept-ranges: bytes
content-length: 1370
date: Fri, 09 Sep 2022 12:55:13 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 173 x 195, 8-bit colormap, non-interlaced\012- data
Size:   1370
Md5:    9010165a3455e0ffe6702da88586239c
Sha1:   160df7c0a719aa6255c0e7bb114974273a9ccd2e
Sha256: c2126b95fc0b5c69dda681238b241b1b0d9ea77d2b4c580f53cef0d50caa44e7
                                        
                                            GET /wp-content/et-cache/2227/et-core-unified-cpt-deferred-2227.min.css?ver=1661155996 HTTP/1.1 
Host: branteur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://branteur.com/quasi-illum/documents.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.212.71.149
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 12:55:13 GMT
last-modified: Mon, 22 Aug 2022 08:13:16 GMT
etag: "2727-63033a9c-e7ea7bbfbebf45bf;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 993
date: Fri, 09 Sep 2022 12:55:13 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10023), with no line terminators
Size:   993
Md5:    4d30c16a5b5523276dc01198584a43e0
Sha1:   75cb98ddc1c327ef449bb19143d3c13b48234e51
Sha256: a5c4020723a2b621907d65a080f4b8e0c2c95f38cb37623222b9d5de2a700297

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/et-cache/notfound/et-divi-dynamic-tb-1844-tb-2227-late.css?ver=1661155995 HTTP/1.1 
Host: branteur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://branteur.com/quasi-illum/documents.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.212.71.149
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 12:55:13 GMT
last-modified: Mon, 22 Aug 2022 08:13:16 GMT
etag: "10c42-63033a9c-bf311504e2b2ae33;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5760
date: Fri, 09 Sep 2022 12:55:13 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (39491)
Size:   5760
Md5:    76d85b0ec577d85243de7c2df452e018
Sha1:   d804496b564e9cda9c8dab60a7df90155d59f530
Sha256: 75b7e91c1eb36df11c4212bc264adcfae52404d09c410c43cd4e767973461ae8

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/et-cache/notfound/et-divi-dynamic-tb-1844-tb-2227.css?ver=1661155995 HTTP/1.1 
Host: branteur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://branteur.com/quasi-illum/documents.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.212.71.149
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 12:55:13 GMT
last-modified: Mon, 22 Aug 2022 08:13:15 GMT
etag: "10c60-63033a9b-88cca1ea7ea5ea50;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8812
date: Fri, 09 Sep 2022 12:55:13 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (14447)
Size:   8812
Md5:    fd0ce59b2235e418ee270f7d2efc0de1
Sha1:   8949a10aa7cadbeb57d24d641a00daf70be3677d
Sha256: c032bfd5ab78276799a4445496d7a2648b4a002461a43688eb8e022911a97880
                                        
                                            GET /wp-content/plugins/divi-toolbox/cache/wp_dtb-style-2002513.css?ver=5.9.4 HTTP/1.1 
Host: branteur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://branteur.com/quasi-illum/documents.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.212.71.149
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 12:55:13 GMT
last-modified: Tue, 18 Jan 2022 19:53:53 GMT
etag: "633c-61e71ad1-a1b4a97556caff01;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4408
date: Fri, 09 Sep 2022 12:55:13 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (25404), with no line terminators
Size:   4408
Md5:    8a30ff76ab6ac8faf3c0407cf3d406d0
Sha1:   bcf9cdd68cc3fa606d696ab4055bd50faad6ab49
Sha256: fd10099ed5b5b92a386817ae5c735cfb9895c4a8d504b414f719b5479dad9778

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 
Host: branteur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://branteur.com/quasi-illum/documents.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.212.71.149
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 12:55:13 GMT
last-modified: Mon, 13 Dec 2021 07:49:04 GMT
etag: "15db1-61b6faf0-ffaf9a9a6e312a2d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30027
date: Fri, 09 Sep 2022 12:55:13 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30027
Md5:    63373db5c13254717674a1af4cd88aa2
Sha1:   21a1962ab8597d9066640a7157a41370341ff0cf
Sha256: d883f77be0299ddb715175908b03076554287b13f87570369fb58adeade16891

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.23 HTTP/1.1 
Host: branteur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://branteur.com/quasi-illum/documents.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.212.71.149
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 12:55:13 GMT
last-modified: Sat, 30 Jul 2022 19:50:34 GMT
etag: "1d25a-62e58b8a-c7a82fb9f4c23b71;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 43417
date: Fri, 09 Sep 2022 12:55:13 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (41022), with CRLF line terminators
Size:   43417
Md5:    0ddaf66c2196223edae7672ebe0cf484
Sha1:   922f60396ff3d77dc1e053141537b58d8c1f24d3
Sha256: 73146251a002f8ffe48ce5139b71cae57f83522cbae1ac677c55e8502cdd3e29

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.18.0 HTTP/1.1 
Host: branteur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://branteur.com/quasi-illum/documents.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.212.71.149
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 12:55:13 GMT
last-modified: Fri, 12 Aug 2022 06:41:57 GMT
etag: "d15-62f5f635-1072d30fd4054166;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1158
date: Fri, 09 Sep 2022 12:55:13 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   1158
Md5:    11c9d9d1b08e4d33b19ce2b595254036
Sha1:   6749669b48f8cf109bf3dda3cc0a9019c4d845fe
Sha256: 6eb55958f927c3643af1c64a4f33910fd7fb48345b5fd5cd2853a531c2118de1

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/loftloader-pro/assets/js/jquery.waitformedias.min.js?ver=2020031503 HTTP/1.1 
Host: branteur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://branteur.com/quasi-illum/documents.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.212.71.149
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 12:55:13 GMT
last-modified: Thu, 21 Jul 2022 20:59:45 GMT
etag: "117d-62d9be41-8c0efc7f2bfb96ec;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1739
date: Fri, 09 Sep 2022 12:55:13 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (4476)
Size:   1739
Md5:    627524d89ce3629d3384e76a4074833d
Sha1:   02d2c84dcb8ba9df83081ac9b70c0fefcf7354fc
Sha256: b60a61ea019cf2f2d22351c526b5ce0e377ab0e1e45c7c1432337ef38ac64e00

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/loftloader-pro/assets/js/loftloader.min.js?ver=2020031503 HTTP/1.1 
Host: branteur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://branteur.com/quasi-illum/documents.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.212.71.149
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 12:55:13 GMT
last-modified: Mon, 25 Jul 2022 12:13:34 GMT
etag: "2e7b-62de88ee-5163718b7ef5509d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3153
date: Fri, 09 Sep 2022 12:55:13 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (11898)
Size:   3153
Md5:    7426f24123cfac374b631d76b588b9df
Sha1:   920a1bc5ae8ae8413407494e63ffc11da89b3429
Sha256: 2e350c68db4fca9b9d8609b8e22bba6d22b2ef8f5719aaff3f097e60230d0fc9
                                        
                                            GET /wp-content/themes/Divi/core/admin/js/common.js?ver=4.18.0 HTTP/1.1 
Host: branteur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://branteur.com/quasi-illum/documents.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.212.71.149
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 12:55:13 GMT
last-modified: Fri, 12 Aug 2022 06:41:57 GMT
etag: "53f-62f5f635-eefd4e85c2633886;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 490
date: Fri, 09 Sep 2022 12:55:13 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   490
Md5:    14d8fb230109a73c00bf322e8d1ea5c3
Sha1:   34a41d03ff17f37f5c055ed712b3f0c3166aca96
Sha256: 0d0bcdf4f708082c3765123db0fbf2b0a693476fa0940b8bf2d371b56cba5a54
                                        
                                            GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.23 HTTP/1.1 
Host: branteur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://branteur.com/quasi-illum/documents.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.212.71.149
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 12:55:13 GMT
last-modified: Sat, 30 Jul 2022 19:50:24 GMT
etag: "4fd58-62e58b80-dd7639f342eb2ff5;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 78992
date: Fri, 09 Sep 2022 12:55:13 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64268)
Size:   78992
Md5:    3649fa595148cd860d89ba2b4ba17b72
Sha1:   3cf1dc80dd9f5e67ac262b76d310c0e7c59f59a8
Sha256: 0369f542359177c4a180fd889a7779ed7f544e6ec2c578d110b6ce181f4c79d7

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2020/05/branteur-studios-final-logo.png HTTP/1.1 
Host: branteur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://branteur.com/quasi-illum/documents.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.212.71.149
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 12:55:13 GMT
last-modified: Wed, 13 May 2020 12:30:13 GMT
etag: "594-5ebbe855-e88edda2c54d666e;;;"
accept-ranges: bytes
content-length: 1428
date: Fri, 09 Sep 2022 12:55:13 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 125 x 129, 8-bit/color RGBA, non-interlaced\012- data
Size:   1428
Md5:    80f0ef92891e526f540c6b6b85841955
Sha1:   112d35b9c5773c243daf4cdf491a9e1d91d20131
Sha256: a209ecbed5f9f1b4702ce57a922505a9ca82a27d5dd58b89a94793cbceabaf24
                                        
                                            GET /wp-content/themes/Divi/js/scripts.min.js?ver=4.18.0 HTTP/1.1 
Host: branteur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://branteur.com/quasi-illum/documents.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.212.71.149
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 12:55:13 GMT
last-modified: Fri, 12 Aug 2022 06:41:57 GMT
etag: "42e58-62f5f635-beab13acb5e54a73;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 64241
date: Fri, 09 Sep 2022 12:55:13 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65467)
Size:   64241
Md5:    5f6242c03a9ee0740017956faa944046
Sha1:   fdf9bec4a1b90112a88bd2d9eca348eafb9dda1c
Sha256: 7eeae92bdbc2d48bfcc05683101f15b0292ff6dc6641ffb336d20c73e9273e49
                                        
                                            GET /wp-content/plugins/divi-toolbox/assets/js/toolbox-scripts.js?ver=1.6.14 HTTP/1.1 
Host: branteur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://branteur.com/quasi-illum/documents.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.212.71.149
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 12:55:13 GMT
last-modified: Mon, 15 Nov 2021 14:53:45 GMT
etag: "85c2-61927479-67b74716aa089f38;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6554
date: Fri, 09 Sep 2022 12:55:13 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1622)
Size:   6554
Md5:    ef655710a8a325eeb100c100ba7cceea
Sha1:   9b8c87774e405f7f90ae2fc95444afbfa7185509
Sha256: b1aca9dd07fec4c531323e0c96249cf95aee16a9fedff2fb33efdd98c5f0b57d

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/popups-for-divi/scripts/front.min.js?ver=3.0.5 HTTP/1.1 
Host: branteur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://branteur.com/quasi-illum/documents.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.212.71.149
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 12:55:13 GMT
last-modified: Wed, 04 May 2022 23:48:28 GMT
etag: "10394-627310cc-b61a7f2220e71826;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 20410
date: Fri, 09 Sep 2022 12:55:13 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65451), with no line terminators
Size:   20410
Md5:    9821e14823add9330eb1a34a04a06a02
Sha1:   96a1a96b1a8f3eacfd5bdf41eb272ac886905fb8
Sha256: b469fecb2bb72684ef94db852fcb38947522630a9fa35128d7a39e7c08592fd3
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Sep 2022 12:55:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Sep 2022 12:55:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Sep 2022 12:55:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Sep 2022 12:55:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://branteur.com
Connection: keep-alive
Referer: https://branteur.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22084
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 22:41:43 GMT
expires: Tue, 05 Sep 2023 22:41:43 GMT
cache-control: public, max-age=31536000
age: 310410
last-modified: Mon, 15 Aug 2022 18:14:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 22084, version 1.0\012- data
Size:   22084
Md5:    bab4daa6bec06781aa7262eca0be0ed4
Sha1:   b896fcea50433114a0433c9c8117677a875f1116
Sha256: ee901a5f44fcc6ea6ab97fb2751ce51af915d16dd99995a29a5905d2ce4b0831
                                        
                                            GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmRdu.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://branteur.com
Connection: keep-alive
Referer: https://branteur.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 00:10:09 GMT
expires: Fri, 08 Sep 2023 00:10:09 GMT
cache-control: public, max-age=31536000
age: 132304
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 20300, version 1.0\012- data
Size:   20300
Md5:    81ffe938dfac3fa9f641124fe093e3d0
Sha1:   61eed44342a777c997475b588e3da7b64c63f996
Sha256: eae2c82b62c48ee4493b34c0a8e5b399e009ad3e1eafebbe46bdef2fad03ac8f
                                        
                                            GET /quasi-illum/documents.zip HTTP/1.1 
Host: branteur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         185.212.71.149
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
x-powered-by: PHP/7.4.30
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://branteur.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Sep 2022 12:55:13 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (26338), with CRLF, LF line terminators
Size:   50921
Md5:    e958e324e314a3ce7967223587fec3f3
Sha1:   700068756505a01820822c978015bb3517600f0c
Sha256: 8f98d0b795f4afdf16c0365ecbd479875f7bf89623d2f5af8a3ca0d80cea650e

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1JlFQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://branteur.com
Connection: keep-alive
Referer: https://branteur.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 22:42:57 GMT
expires: Tue, 05 Sep 2023 22:42:57 GMT
cache-control: public, max-age=31536000
age: 310336
last-modified: Wed, 27 Apr 2022 16:05:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 10776, version 1.0\012- data
Size:   10776
Md5:    d60b12f3996bdb9c6b7ccb606033f0bd
Sha1:   1c98a8f52a693840077d14186b6a9f82b9ea0e5e
Sha256: 9ee3d5272b624dce64c062c8214684890312a902c9d2f43fc6edfaf452e4252c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Sep 2022 12:55:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1JlEw.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://branteur.com
Connection: keep-alive
Referer: https://branteur.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14448
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 00:38:18 GMT
expires: Fri, 08 Sep 2023 00:38:18 GMT
cache-control: public, max-age=31536000
age: 130616
last-modified: Wed, 27 Apr 2022 16:05:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 14448, version 1.1\012- data
Size:   14448
Md5:    e3a04d819bf308e25b02e31c5aedbbbe
Sha1:   feac74b5590fb8b37d056067a958d71f740b4d89
Sha256: da64c21008f11bca1b8a2e4f0b32b05d250bbf31fedfcb628cd1690092084b83
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2419
Expires: Fri, 09 Sep 2022 13:35:33 GMT
Date: Fri, 09 Sep 2022 12:55:14 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2419
Expires: Fri, 09 Sep 2022 13:35:33 GMT
Date: Fri, 09 Sep 2022 12:55:14 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2419
Expires: Fri, 09 Sep 2022 13:35:33 GMT
Date: Fri, 09 Sep 2022 12:55:14 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7515
x-amzn-requestid: bb6a7928-9bdc-44e7-8478-b415bc504343
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YJu0bGYdoAMF5jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a2b4f-208339fd72e62dff4a2ba339;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 17:50:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: UaU9GK4lcCuAN2WghBDa7f-21dRTA4Fh1tlAmGFMKh4wQOGZlKdmOw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:46:49 GMT
etag: "09dcbdc6043f01dd56920cca3ce3920d0d07b795"
age: 54505
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7515
Md5:    60fa03262bb3728f24a4c7a8177ec788
Sha1:   09dcbdc6043f01dd56920cca3ce3920d0d07b795
Sha256: e7448f186933f9848f1d55f0e8dba593918846d02fb9cc3a7cd86d69b96a7fde
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4002
x-amzn-requestid: ea2f5309-e220-4b7e-b718-9339b9444cc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQ6hHM8IAMFeJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a61dc-7d45fd9253b7b7fa732b6f8d;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:42:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: VD7SlrM2RwFk5cfQvul2bTJA__GPYd5_UPY0D0_5NGLHoBj3yur7PA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:05:15 GMT
age: 53399
etag: "cec8428d159a5bde29e89c64cfb04146f759d52b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4002
Md5:    c9590b525c8b07a297c8784f02b161a1
Sha1:   cec8428d159a5bde29e89c64cfb04146f759d52b
Sha256: d309772ce79d36f7b1df0a3ea85a01f8278db2909c860721d105b772efed82ed
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4532
x-amzn-requestid: e5694699-7f38-4542-8808-54bda7ee7d86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIMmGGUmIAMF2cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63198e26-1aa6788e24fcfdf0008bee21;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 06:39:34 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: smtzoqnzJiET63xsW_r_-eVNsTK01mGqRbvuwekbqjnzS6Sb1fw9HQ==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:54:58 GMT
etag: "70ede5692526afd351d134a391383461dafdc64f"
age: 50416
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4532
Md5:    a5fdeb374d4e3669ce5d9ff2cd22cd19
Sha1:   70ede5692526afd351d134a391383461dafdc64f
Sha256: 10c5d8e41aae1a36525a45375966b5067333f0c7edc176a540fd6527ebe1ad8c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffca3b7c7-528e-421a-8910-451f0b9b667f.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8162
x-amzn-requestid: decb1d93-bcc9-4a71-a054-c537ad7d1add
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YJvndF1fIAMFv7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a2c95-27cef2465fd0e6c849da81af;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 17:55:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: C_J0m9xfkCb5qsoO934KB2Ldk1-yMaMXkgiv9gWus7JqjN3M_HCpdg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 18:01:20 GMT
age: 68034
etag: "67ae4acd88571da51b81fa7ed963b7f2a71845b4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8162
Md5:    09267c271a56ba4c2d4197543f264fac
Sha1:   67ae4acd88571da51b81fa7ed963b7f2a71845b4
Sha256: 906163f9e1bb8908ae7fcfbf4debc2a42fd14a3f90c8814536025a57ee851dbe
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3125
x-amzn-requestid: 5820e798-6469-40f9-8d70-ee71f1a163b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLM5GGQAoAMF8eQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ac1d3-3a0e9db848ea7ab145f1cffa;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 04:32:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: eZaKpjBYe3Qn7vs3zF52Cxob-xu3LMFs8esQAu6Lp6bzM0aOEHoXVg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 04:32:54 GMT
etag: "113393e0dbabb3aff949d19ab6517ba1082b622d"
age: 30140
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3125
Md5:    0078c7a407144a1ede33aef6f734eecf
Sha1:   113393e0dbabb3aff949d19ab6517ba1082b622d
Sha256: 42afcaf15e45dfa9aff14f59f69d60a3de127005e35783d2d35a4cfa652b57b3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F734c0779-c033-4fb9-aef7-ec81416744c3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6365
x-amzn-requestid: dc414175-8174-4fa8-812b-1f72de48d5f7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKRBYEt8oAMFmyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a6208-1c2417b120725a9a0642620a;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:43:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: lvOUBfECM7qlwpj9suDt1A4TRrvdYTsqOQGCNkf3pYYrIHHqZczRcg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 33d72803ad26b392c1b578a2b1276580.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:12:19 GMT
age: 52975
etag: "ff2c27cf141c68259e6e85020b01efc5d41730a6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6365
Md5:    cf8614d876156699bdf11897c45e9ae8
Sha1:   ff2c27cf141c68259e6e85020b01efc5d41730a6
Sha256: c89d6a2fdc789fc725e8bac99774f9f9f0b22000f57d32f5611525bca30002d9