r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12247
Expires: Thu, 10 Nov 2022 18:34:53 GMT
Date: Thu, 10 Nov 2022 15:10:46 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a19a5555cc9ea92581b0cc504cb64345
01a86ce33d5eb33420ed76266360f32c62a96f31
9ebd48b4053bb4a7a27718670c44075b1f35d037be7fd16750fcbc3ffd68b18c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1781
Cache-Control: max-age=157802
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:10:46 GMT
Etag: "636cd2eb-1d7"
Expires: Sat, 12 Nov 2022 11:00:48 GMT
Last-Modified: Thu, 10 Nov 2022 10:31:07 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a19a5555cc9ea92581b0cc504cb64345
01a86ce33d5eb33420ed76266360f32c62a96f31
9ebd48b4053bb4a7a27718670c44075b1f35d037be7fd16750fcbc3ffd68b18c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1119
Cache-Control: max-age=157141
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:10:46 GMT
Etag: "636cd2eb-1d7"
Expires: Sat, 12 Nov 2022 10:49:47 GMT
Last-Modified: Thu, 10 Nov 2022 10:31:07 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
Alt-Used: 0
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 10 Nov 2022 14:43:51 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2b57492bf85f4ae6abbd1641b17dc9ab
008e71ec05d47bf025ca64e17da2ea1bd8e71111
17894427c471f7fa02ca274795dc55df1bfc99d7bd83f9ee36249394035110fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17894427C471F7FA02CA274795DC55DF1BFC99D7BD83F9EE36249394035110FD"
Last-Modified: Wed, 09 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4788
Expires: Thu, 10 Nov 2022 16:30:34 GMT
Date: Thu, 10 Nov 2022 15:10:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: cNoX97lSs8Ki4grvOLZhpzrNIGnR7zHrvQEk5tkaMg4qKgZf0K+DT16jBo4/MJH+75iW0T/T+a7lT+7XEd/UlQ==
x-amz-request-id: W3HQVXRMKHQ3KB6X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 10 Nov 2022 14:12:10 GMT
age: 3516
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:10:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
rsleather-intnl.com/
178.33.111.235301 Moved Permanently 20 B IP 178.33.111.235:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: rsleather-intnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 10 Nov 2022 15:10:46 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=4d3c98a97b41457444339be0c67eb381; path=/
gdpr[consent_types]=%5B%5D; expires=Fri, 10-Nov-2023 15:10:47 GMT; Max-Age=31536000; path=/
gdpr[allowed_cookies]=%5B%22%22%5D; expires=Fri, 10-Nov-2023 15:10:47 GMT; Max-Age=31536000; path=/
Location: http://www.rsleather-intnl.com/
Referrer-Policy: no-referrer-when-downgrade
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 081ea13ba4390a4baab25cf57c2672f3
30cc9c329228e3d7bc6041f1aa553f06f8136eed
5a48c189581edd8ae4a4e58e2d54359bb75ba769828436394e4c256fe861814e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3638
Cache-Control: max-age=154604
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:10:47 GMT
Etag: "636cbf2d-1d7"
Expires: Sat, 12 Nov 2022 10:07:31 GMT
Last-Modified: Thu, 10 Nov 2022 09:06:53 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
www.rsleather-intnl.com/
178.33.111.235200 OK 2.7 kB IP 178.33.111.235:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4282)
Hash 94f8c03d1ddf295180bd28c3ac4c6689
05c799c35ce66093a931a83100958260f0b94014
8a0dffb5eaacc24d9ce5abd14a50bff765d8142c7e9d7b32e76bbf790b0491b4
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.rsleather-intnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:10:47 GMT
Server: Apache
Expires: Thu, 10 Nov 2022 16:10:47 GMT
Pragma: public
Cache-Control: max-age=3600, public
X-Powered-By: W3 Total Cache/0.9.7.3
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 10 Nov 2022 15:10:47 GMT
ETag: "b7945cb8b9979df77058543b49351adb"
Referrer-Policy: no-referrer-when-downgrade
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.rsleather-intnl.com/wp-content/plugins/add-search-to-menu/public/css/ivory-search.css?ver=4.1.4
178.33.111.235200 OK 777 B URL HTTP/1.1 www.rsleather-intnl.com/wp-content/plugins/add-search-to-menu/public/css/ivory-search.css?ver=4.1.4
IP 178.33.111.235:0
Hash 1da16ccc597afab6a66b1a88d84352c0
36b373a68ef4b01964aeebd514ce94eab57eb376
b2c4ae8a19d9445bc4341611f78be65561f9ea7dcb5a46a2ee72aa75e8c94062
GET /wp-content/plugins/add-search-to-menu/public/css/ivory-search.css?ver=4.1.4 HTTP/1.1
Host: www.rsleather-intnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.rsleather-intnl.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:10:47 GMT
Server: Apache
Vary: Accept-Encoding
Last-Modified: Mon, 24 Dec 2018 12:27:45 GMT
ETag: "a2c-57dc3b954f240-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Fri, 10 Nov 2023 15:10:47 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
X-Powered-By: W3 Total Cache/0.9.7.3
Content-Length: 777
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.rsleather-intnl.com/wp-content/plugins/booked/assets/js/tooltipster/css/tooltipster.css?ver=3.3.0
178.33.111.235200 OK 1.7 kB URL HTTP/1.1 www.rsleather-intnl.com/wp-content/plugins/booked/assets/js/tooltipster/css/tooltipster.css?ver=3.3.0
IP 178.33.111.235:0
Hash f37ca84a2822fa035cd5ba4a8f84e3bb
e7f3450819ce84986bea31d5d5a3c0c764fe2217
fb556b63f43be319a090876f1552798944e3b2347d41a71beebb475df94b9973
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/booked/assets/js/tooltipster/css/tooltipster.css?ver=3.3.0 HTTP/1.1
Host: www.rsleather-intnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.rsleather-intnl.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:10:47 GMT
Server: Apache
Vary: Accept-Encoding
Last-Modified: Wed, 18 Jul 2018 13:24:29 GMT
ETag: "237d-57145fb753d40-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Fri, 10 Nov 2023 15:10:47 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
X-Powered-By: W3 Total Cache/0.9.7.3
Content-Length: 1709
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.rsleather-intnl.com/wp-content/plugins/booked/assets/css/icons.css?ver=2.1
178.33.111.235200 OK 6.6 kB URL HTTP/1.1 www.rsleather-intnl.com/wp-content/plugins/booked/assets/css/icons.css?ver=2.1
IP 178.33.111.235:0
File type ASCII text, with very long lines (11040), with no line terminators
Hash bf785f8d850cef3955c161edf9cfcfe4
26e83516acf572903e5a23561df2c82d989eae4a
35a15ae2c2432d53d1e2379255548e3ce7f006eb943c033b102a19cf92c5efbd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/booked/assets/css/icons.css?ver=2.1 HTTP/1.1
Host: www.rsleather-intnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.rsleather-intnl.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:10:47 GMT
Server: Apache
Vary: Accept-Encoding
Last-Modified: Wed, 18 Jul 2018 13:24:29 GMT
ETag: "2b20-57145fb753d40-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Fri, 10 Nov 2023 15:10:47 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
X-Powered-By: W3 Total Cache/0.9.7.3
Content-Length: 6604
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.rsleather-intnl.com/wp-content/plugins/booked/assets/css/responsive.css?ver=2.1
178.33.111.235200 OK 1.7 kB URL HTTP/1.1 www.rsleather-intnl.com/wp-content/plugins/booked/assets/css/responsive.css?ver=2.1
IP 178.33.111.235:0
Hash b0577ef5ad807b2b60391e76534089d1
5bfa73401294536133f143c46ca0a88c58882c49
4c40719722234f0a45509693d195031e84099237e92121039135fb39e7fb8970
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/booked/assets/css/responsive.css?ver=2.1 HTTP/1.1
Host: www.rsleather-intnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.rsleather-intnl.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:10:47 GMT
Server: Apache
Vary: Accept-Encoding
Last-Modified: Wed, 18 Jul 2018 13:24:29 GMT
ETag: "2581-57145fb753d40-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Fri, 10 Nov 2023 15:10:47 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
X-Powered-By: W3 Total Cache/0.9.7.3
Content-Length: 1710
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.rsleather-intnl.com/wp-content/plugins/booked/assets/js/tooltipster/css/themes/tooltipster-light.css?ver=3.3.0
178.33.111.235200 OK 225 B URL HTTP/1.1 www.rsleather-intnl.com/wp-content/plugins/booked/assets/js/tooltipster/css/themes/tooltipster-light.css?ver=3.3.0
IP 178.33.111.235:0
Hash 61d2a4e16d0a8f87627b87a7f5ab711b
ce2509c46067d2102430361052d3908ff65c2bf0
79cd1be36fadffc16a9a5b566cccaa22f355a3610630f686cc6855ee93d5d677
GET /wp-content/plugins/booked/assets/js/tooltipster/css/themes/tooltipster-light.css?ver=3.3.0 HTTP/1.1
Host: www.rsleather-intnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.rsleather-intnl.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:10:47 GMT
Server: Apache
Vary: Accept-Encoding
Last-Modified: Wed, 18 Jul 2018 13:24:29 GMT
ETag: "16d-57145fb753d40-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Fri, 10 Nov 2023 15:10:47 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
X-Powered-By: W3 Total Cache/0.9.7.3
Content-Length: 225
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.rsleather-intnl.com/wp-content/plugins/booked/assets/css/animations.css?ver=2.1
178.33.111.235200 OK 506 B URL HTTP/1.1 www.rsleather-intnl.com/wp-content/plugins/booked/assets/css/animations.css?ver=2.1
IP 178.33.111.235:0
Hash 9184c39b34e1a900498669e189bfdfb4
098453ea7f0bbbe3f7738f9182d6ef294ef83cc1
d63f6608ec39552ba50bc52ed66cf2f375e31c4f537efa388fedccb094fcd347
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/booked/assets/css/animations.css?ver=2.1 HTTP/1.1
Host: www.rsleather-intnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.rsleather-intnl.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:10:47 GMT
Server: Apache
Vary: Accept-Encoding
Last-Modified: Wed, 18 Jul 2018 13:24:28 GMT
ETag: "ec2-57145fb65fb00-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Fri, 10 Nov 2023 15:10:47 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
X-Powered-By: W3 Total Cache/0.9.7.3
Content-Length: 506
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.rsleather-intnl.com/wp-content/plugins/booked/assets/css/styles.css?ver=2.1
178.33.111.235200 OK 7.9 kB URL HTTP/1.1 www.rsleather-intnl.com/wp-content/plugins/booked/assets/css/styles.css?ver=2.1
IP 178.33.111.235:0
File type ASCII text, with very long lines (531)
Hash 5c2f37d11298215bb8b2405be56792ae
2303c5d0e7e7a08dfa4c49b5071c0a6d52887ab2
155b32b2003fffd46729677f85a7a202666760e30b70be00d72c936260d2a598
GET /wp-content/plugins/booked/assets/css/styles.css?ver=2.1 HTTP/1.1
Host: www.rsleather-intnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.rsleather-intnl.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:10:47 GMT
Server: Apache
Vary: Accept-Encoding
Last-Modified: Wed, 18 Jul 2018 13:24:29 GMT
ETag: "cc71-57145fb753d40-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Fri, 10 Nov 2023 15:10:47 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
X-Powered-By: W3 Total Cache/0.9.7.3
Content-Length: 7852
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.rsleather-intnl.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.5
178.33.111.235200 OK 671 B URL HTTP/1.1 www.rsleather-intnl.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.5
IP 178.33.111.235:0
Hash 63dc88a9eaede6fccb60583f4a6e94df
45ba9e7d20aee8b8379dc57add7598b733f33dbb
6b89fca44b725e09dbb37f64eceea968703689f34bf2bc0183dab84699b2a395
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.5 HTTP/1.1
Host: www.rsleather-intnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.rsleather-intnl.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:10:47 GMT
Server: Apache
Vary: Accept-Encoding
Last-Modified: Sat, 03 Nov 2018 07:37:26 GMT
ETag: "6cf-579bdb92bf980-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Fri, 10 Nov 2023 15:10:47 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
X-Powered-By: W3 Total Cache/0.9.7.3
Content-Length: 671
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.rsleather-intnl.com/wp-content/plugins/email-subscribers/widget/es-widget.css?ver=4.9.20
178.33.111.235200 OK 190 B URL HTTP/1.1 www.rsleather-intnl.com/wp-content/plugins/email-subscribers/widget/es-widget.css?ver=4.9.20
IP 178.33.111.235:0
File type ASCII text, with CRLF line terminators
Hash 5c734d7f0457557a7c59d1b251b4a905
12a264b30a651786ce6f27d289a78d12cf6ab58d
258b5a9dd5473bf35308e195ba417321f1d0abcc62d3ffd0cfc2e27ef9861ff3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/email-subscribers/widget/es-widget.css?ver=4.9.20 HTTP/1.1
Host: www.rsleather-intnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.rsleather-intnl.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:10:47 GMT
Server: Apache
Vary: Accept-Encoding
Last-Modified: Tue, 06 Nov 2018 12:21:36 GMT
ETag: "198-579fe0af47400-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Fri, 10 Nov 2023 15:10:47 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
X-Powered-By: W3 Total Cache/0.9.7.3
Content-Length: 190
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.rsleather-intnl.com/wp-content/plugins/gdpr/assets/css/gdpr-public.css?ver=2.1.0
178.33.111.235200 OK 4.8 kB URL HTTP/1.1 www.rsleather-intnl.com/wp-content/plugins/gdpr/assets/css/gdpr-public.css?ver=2.1.0
IP 178.33.111.235:0
File type ASCII text, with very long lines (52032)
Hash 8263540025ed6d969249bb87a30e6d85
1a8770b78afaa10e5c7d710e6ae02733231782cb
5f6d3f4a58539113d1eacbc581c9044799bd5d03434f8c200a653d1edee6f08d
GET /wp-content/plugins/gdpr/assets/css/gdpr-public.css?ver=2.1.0 HTTP/1.1
Host: www.rsleather-intnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.rsleather-intnl.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:10:47 GMT
Server: Apache
Vary: Accept-Encoding
Last-Modified: Wed, 18 Jul 2018 13:25:18 GMT
ETag: "cb41-57145fe60eb80-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Fri, 10 Nov 2023 15:10:47 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
X-Powered-By: W3 Total Cache/0.9.7.3
Content-Length: 4834
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.rsleather-intnl.com/wp-content/uploads/stm_fonts/stm/stm.css?ver=1.0
178.33.111.235200 OK 1.5 kB URL HTTP/1.1 www.rsleather-intnl.com/wp-content/uploads/stm_fonts/stm/stm.css?ver=1.0
IP 178.33.111.235:0
Hash bc40f151f4291e5dccc2b532fa497125
5d6f9eb0edabe4f7e74a81db804403ae8170a792
514548d3fab152d981d572debcf17aa6d8ac2fa4c644d1727515bfd022faa270
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/stm_fonts/stm/stm.css?ver=1.0 HTTP/1.1
Host: www.rsleather-intnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.rsleather-intnl.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:10:47 GMT
Server: Apache
Vary: Accept-Encoding
Last-Modified: Wed, 18 Jul 2018 13:21:43 GMT
ETag: "1cf2-57145f19047c0-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Fri, 10 Nov 2023 15:10:47 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
X-Powered-By: W3 Total Cache/0.9.7.3
Content-Length: 1523
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.rsleather-intnl.com/wp-content/plugins/logo-slider-wp/public/assets/lib/owl.carousel2/owl.carousel.css?ver=1.0.0
178.33.111.235200 OK 1.1 kB URL HTTP/1.1 www.rsleather-intnl.com/wp-content/plugins/logo-slider-wp/public/assets/lib/owl.carousel2/owl.carousel.css?ver=1.0.0
IP 178.33.111.235:0
File type ASCII text, with CRLF line terminators
Hash c97e537117abac9ce24020cf4282b9db
78ec34c58f1f8927171abb2488a28e658ae6fa60
a2e55cfe0b20f47162e93f1d31e97645c0362381b9cf433c84d11f4850597a41
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/logo-slider-wp/public/assets/lib/owl.carousel2/owl.carousel.css?ver=1.0.0 HTTP/1.1
Host: www.rsleather-intnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.rsleather-intnl.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:10:47 GMT
Server: Apache
Vary: Accept-Encoding
Last-Modified: Tue, 06 Nov 2018 09:54:26 GMT
ETag: "12de-579fbfca55880-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Fri, 10 Nov 2023 15:10:47 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
X-Powered-By: W3 Total Cache/0.9.7.3
Content-Length: 1115
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.rsleather-intnl.com/wp-content/plugins/instagram-feed/css/sb-instagram.min.css?ver=1.10.1
178.33.111.235200 OK 2.4 kB URL HTTP/1.1 www.rsleather-intnl.com/wp-content/plugins/instagram-feed/css/sb-instagram.min.css?ver=1.10.1
IP 178.33.111.235:0
File type ASCII text, with very long lines (13102), with no line terminators
Hash c2e56eed919185a3a94216908f479e1c
e681d3e267be6bb560f1b1132d3701b6a48fcebc
54b9c790db426782ad8c480f080bc90eb2e0bf00f1d1dcafca63a70fd24b12f6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/instagram-feed/css/sb-instagram.min.css?ver=1.10.1 HTTP/1.1
Host: www.rsleather-intnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.rsleather-intnl.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:10:47 GMT
Server: Apache
Vary: Accept-Encoding
Last-Modified: Wed, 03 Oct 2018 11:32:44 GMT
ETag: "332e-577516596ef00-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Fri, 10 Nov 2023 15:10:47 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
X-Powered-By: W3 Total Cache/0.9.7.3
Content-Length: 2394
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.rsleather-intnl.com/wp-content/plugins/logo-slider-wp/public/assets/lib/owl.carousel2/owl.theme.default.min.css?ver=1.0.0
178.33.111.235200 OK 392 B URL HTTP/1.1 www.rsleather-intnl.com/wp-content/plugins/logo-slider-wp/public/assets/lib/owl.carousel2/owl.theme.default.min.css?ver=1.0.0
IP 178.33.111.235:0
File type ASCII text, with very long lines (1055), with no line terminators
Hash 4bb4bede622e6cedcea11a173c113885
f32fdfc735ccce0ec2814fe65bef8d9148a0e22a
8a1b15214645df1a4eb5983b617c94e2e5da8bea3f894b787e4fd7c8f587e2fb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/logo-slider-wp/public/assets/lib/owl.carousel2/owl.theme.default.min.css?ver=1.0.0 HTTP/1.1
Host: www.rsleather-intnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.rsleather-intnl.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:10:47 GMT
Server: Apache
Vary: Accept-Encoding
Last-Modified: Tue, 06 Nov 2018 09:54:26 GMT
ETag: "41f-579fbfca55880-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Fri, 10 Nov 2023 15:10:47 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
X-Powered-By: W3 Total Cache/0.9.7.3
Content-Length: 392
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.rsleather-intnl.com/wp-content/plugins/logo-slider-wp/public/assets/lib/animate/animate-logo.css?ver=20
178.33.111.235200 OK 4.4 kB URL HTTP/1.1 www.rsleather-intnl.com/wp-content/plugins/logo-slider-wp/public/assets/lib/animate/animate-logo.css?ver=20
IP 178.33.111.235:0
File type ASCII text, with CRLF line terminators
Hash d6e0b63d85dd790ca7dc256551adb532
2842aeb1e00390c4fc6ecaa354ff8828ea1d5a5f
ad29dc4fdfb8ea66741cf337506ed4998e41ebe7de5134343b12d9c33e8b25f9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/logo-slider-wp/public/assets/lib/animate/animate-logo.css?ver=20 HTTP/1.1
Host: www.rsleather-intnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.rsleather-intnl.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:10:47 GMT
Server: Apache
Vary: Accept-Encoding
Last-Modified: Tue, 06 Nov 2018 09:54:26 GMT
ETag: "13cec-579fbfca55880-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Fri, 10 Nov 2023 15:10:47 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
X-Powered-By: W3 Total Cache/0.9.7.3
Content-Length: 4433
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.rsleather-intnl.com/wp-content/plugins/logo-slider-wp/public/assets/css/logo-slider-wp-public.css?ver=1.0.0
178.33.111.235200 OK 888 B URL HTTP/1.1 www.rsleather-intnl.com/wp-content/plugins/logo-slider-wp/public/assets/css/logo-slider-wp-public.css?ver=1.0.0
IP 178.33.111.235:0
Hash 4138fbd8bb52c354a601672394093f28
f3e7aa1cca6a8e5cef5c738e8ccf9f82485585f5
4153e47ab1eb042d22f3a438b70170c1aca59685827bcee3c17a8d762c4b269e
GET /wp-content/plugins/logo-slider-wp/public/assets/css/logo-slider-wp-public.css?ver=1.0.0 HTTP/1.1
Host: www.rsleather-intnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.rsleather-intnl.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:10:47 GMT
Server: Apache
Vary: Accept-Encoding
Last-Modified: Tue, 06 Nov 2018 09:54:26 GMT
ETag: "13a6-579fbfca55880-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Fri, 10 Nov 2023 15:10:47 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
X-Powered-By: W3 Total Cache/0.9.7.3
Content-Length: 888
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.rsleather-intnl.com/wp-content/plugins/recent-tweets-widget/tp_twitter_plugin.css?ver=1.0
178.33.111.235200 OK 280 B URL HTTP/1.1 www.rsleather-intnl.com/wp-content/plugins/recent-tweets-widget/tp_twitter_plugin.css?ver=1.0
IP 178.33.111.235:0
File type ASCII text, with CRLF line terminators
Hash d28d324a2488dedaff9bf551cf1c1d9f
d02f66126cf1224f1e2b080539068eea2121c278
c6d7e2762ab644374666b8ad7e209c5f0748ec3d53f45b83d2182444dbd6254a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/recent-tweets-widget/tp_twitter_plugin.css?ver=1.0 HTTP/1.1
Host: www.rsleather-intnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.rsleather-intnl.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:10:47 GMT
Server: Apache
Vary: Accept-Encoding
Last-Modified: Wed, 18 Jul 2018 13:25:18 GMT
ETag: "211-57145fe60eb80-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Fri, 10 Nov 2023 15:10:47 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
X-Powered-By: W3 Total Cache/0.9.7.3
Content-Length: 280
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.rsleather-intnl.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=3.5.10
178.33.111.235200 OK 2.2 kB URL HTTP/1.1 www.rsleather-intnl.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=3.5.10
IP 178.33.111.235:0
File type ASCII text, with very long lines (16542), with no line terminators
Hash 7e972f6c1b2623731f8a00bac6c27b89
c74dbad6d727697f8a479e8928da654273abdc4b
56a3d5d9f218531f5135906f5c15990ae8a70bd8d09abe40588bab417504ee8e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=3.5.10 HTTP/1.1
Host: www.rsleather-intnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.rsleather-intnl.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:10:47 GMT
Server: Apache
Vary: Accept-Encoding
Last-Modified: Wed, 16 Mar 2022 12:32:59 GMT
ETag: "409e-5da551d25c459-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Fri, 10 Nov 2023 15:10:47 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
X-Powered-By: W3 Total Cache/0.9.7.3
Content-Length: 2157
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.rsleather-intnl.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8
178.33.111.235200 OK 9.5 kB URL HTTP/1.1 www.rsleather-intnl.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8
IP 178.33.111.235:0
File type Unicode text, UTF-8 text, with very long lines (5178), with CRLF line terminators
Hash d263d5eaa7c883c3657af7dbb878b8a1
3d7423e15e86031092227572a6bfea1d1400ce9e
adf2c10039a96f761770b8744b46b019d0e80b2c1ee5d2eb077bae0e19a23a43
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8 HTTP/1.1
Host: www.rsleather-intnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.rsleather-intnl.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:10:47 GMT
Server: Apache
Vary: Accept-Encoding
Last-Modified: Wed, 18 Jul 2018 13:19:00 GMT
ETag: "9b46-57145e7d91900-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Fri, 10 Nov 2023 15:10:47 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
X-Powered-By: W3 Total Cache/0.9.7.3
Content-Length: 9545
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.rsleather-intnl.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.5.10
178.33.111.235200 OK 8.8 kB URL HTTP/1.1 www.rsleather-intnl.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.5.10
IP 178.33.111.235:0
File type Unicode text, UTF-8 text, with very long lines (62378), with no line terminators
Hash 0b5034b32c7ec8a3706b1b3c94997868
6f852e47af1f821a8babb9525a59fd979386b478
69b430591a7829bf3c70364790f734b7d3a3fe1c23b79b9da893910da0d632b7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.5.10 HTTP/1.1
Host: www.rsleather-intnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.rsleather-intnl.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:10:47 GMT
Server: Apache
Vary: Accept-Encoding
Last-Modified: Wed, 16 Mar 2022 12:32:59 GMT
ETag: "f3b8-5da551d25c071-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Fri, 10 Nov 2023 15:10:47 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
X-Powered-By: W3 Total Cache/0.9.7.3
Content-Length: 8778
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.rsleather-intnl.com/wp-content/themes/consulting/assets/css/font-awesome.min.css?ver=4.1.6
178.33.111.235200 OK 7.1 kB URL HTTP/1.1 www.rsleather-intnl.com/wp-content/themes/consulting/assets/css/font-awesome.min.css?ver=4.1.6
IP 178.33.111.235:0
File type ASCII text, with very long lines (30837)
Hash 52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/consulting/assets/css/font-awesome.min.css?ver=4.1.6 HTTP/1.1
Host: www.rsleather-intnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.rsleather-intnl.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:10:47 GMT
Server: Apache
Vary: Accept-Encoding
Last-Modified: Wed, 03 Oct 2018 11:27:10 GMT
ETag: "7918-5775151ae7f80-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Fri, 10 Nov 2023 15:10:47 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
X-Powered-By: W3 Total Cache/0.9.7.3
Content-Length: 7053
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.rsleather-intnl.com/wp-content/plugins/booked-frontend-agents/css/styles.css?ver=2.1
178.33.111.235200 OK 947 B URL HTTP/1.1 www.rsleather-intnl.com/wp-content/plugins/booked-frontend-agents/css/styles.css?ver=2.1
IP 178.33.111.235:0
File type ASCII text, with very long lines (332)
Hash 7ffb9551faaddec664995c04dbe2c0eb
9765bec2b276129817d1c0977db3987fb4b8e501
125c878acf196f3474b44f77cd39b25cc5723b9863becb5e3e1ad23b4be1d72f
GET /wp-content/plugins/booked-frontend-agents/css/styles.css?ver=2.1 HTTP/1.1
Host: www.rsleather-intnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.rsleather-intnl.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:10:47 GMT
Server: Apache
Vary: Accept-Encoding
Last-Modified: Wed, 18 Jul 2018 13:26:20 GMT
ETag: "1176-571460212f700-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Fri, 10 Nov 2023 15:10:47 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
X-Powered-By: W3 Total Cache/0.9.7.3
Content-Length: 947
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
push.services.mozilla.com/
35.162.52.254101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.52.254:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YyMtpx6E29oh8jRqfIGrdg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: nnGN/ADSfYS6kmDCEah4ae+GJ1w=
www.rsleather-intnl.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.20
178.33.111.235200 OK 4.3 kB URL HTTP/1.1 www.rsleather-intnl.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.20
IP 178.33.111.235:0
File type ASCII text, with very long lines (9063)
Hash bc89387b6a6f886f99511cca233b5071
77c1103c6d84263a73bff007bd635750d5b26296
baf8e3410e57e5650ad72f25eb93d82ea36ac8bd51904948e3d2f2a05faa3e78
GET /wp-includes/js/wp-emoji-release.min.js?ver=4.9.20 HTTP/1.1
Host: www.rsleather-intnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.rsleather-intnl.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:10:47 GMT
Server: Apache
Vary: Accept-Encoding
Last-Modified: Thu, 15 Apr 2021 10:04:49 GMT
ETag: "2ea7-5bffffe6d6ede-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Fri, 10 Nov 2023 15:10:47 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
X-Powered-By: W3 Total Cache/0.9.7.3
Content-Length: 4347
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/x-javascript
www.rsleather-intnl.com/wp-content/themes/consulting/assets/css/bootstrap.min.css?ver=4.1.6
178.33.111.235200 OK 20 kB URL HTTP/1.1 www.rsleather-intnl.com/wp-content/themes/consulting/assets/css/bootstrap.min.css?ver=4.1.6
IP 178.33.111.235:0
File type ASCII text, with very long lines (65177)
Hash 5d8e3955234751d19d8dde07f28aae35
263a52bb43ff5ad87edb45dd7dd3593bfe43b89f
b82afe4f6c2675b99d4c61e6ad4c957bf8668ae20d426ac31b04bf0ed68eb10e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/consulting/assets/css/bootstrap.min.css?ver=4.1.6 HTTP/1.1
Host: www.rsleather-intnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.rsleather-intnl.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:10:47 GMT
Server: Apache
Vary: Accept-Encoding
Last-Modified: Wed, 03 Oct 2018 11:27:10 GMT
ETag: "1cdba-5775151ae7f80-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Fri, 10 Nov 2023 15:10:47 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
X-Powered-By: W3 Total Cache/0.9.7.3
Content-Length: 19616
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.rsleather-intnl.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=3.5.10
178.33.111.235200 OK 1.1 kB URL HTTP/1.1 www.rsleather-intnl.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=3.5.10
IP 178.33.111.235:0
File type ASCII text, with very long lines (6758), with no line terminators
Hash bac3c679da4930209be92b338cb74b7f
1a18633b3aecdcb7146475a1f6a90c58058f9e9b
b5b63cee0120e4cf9a183bab0905af9d4fa8712d4afef4d0b7d7c0f914ae26b3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=3.5.10 HTTP/1.1
Host: www.rsleather-intnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.rsleather-intnl.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:10:47 GMT
Server: Apache
Vary: Accept-Encoding
Last-Modified: Wed, 16 Mar 2022 12:32:59 GMT
ETag: "1a66-5da551d25c459-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Fri, 10 Nov 2023 15:10:47 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
X-Powered-By: W3 Total Cache/0.9.7.3
Content-Length: 1055
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.rsleather-intnl.com/favicon.ico
178.33.111.235200 OK 0 B URL HTTP/1.1 www.rsleather-intnl.com/favicon.ico
IP 178.33.111.235:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.rsleather-intnl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.rsleather-intnl.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:10:47 GMT
Server: Apache
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Content-Length: 0
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7635
Expires: Thu, 10 Nov 2022 17:18:03 GMT
Date: Thu, 10 Nov 2022 15:10:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7635
Expires: Thu, 10 Nov 2022 17:18:03 GMT
Date: Thu, 10 Nov 2022 15:10:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7635
Expires: Thu, 10 Nov 2022 17:18:03 GMT
Date: Thu, 10 Nov 2022 15:10:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7635
Expires: Thu, 10 Nov 2022 17:18:03 GMT
Date: Thu, 10 Nov 2022 15:10:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1301540a-8618-4725-97e7-ac03773f7ed0.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1301540a-8618-4725-97e7-ac03773f7ed0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a929256680885031f55121c35d626bcc
9caf2466f70995d5763b970f916c4944b364a4ff
9366db1c171fe9dae5946198415c9a02005a432fccd359896f94bce874c91027
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1301540a-8618-4725-97e7-ac03773f7ed0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9283
x-amzn-requestid: c800cccd-80cc-4cd6-8856-66cfd07141c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWmC2HnpIAMF3kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1d45-686eac2b6c65b8dd41dfb44a;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2SqQjq27y6Vrwzl9a_ho6sOPImE7Fpbyxie8_fuPGa6bf8fn-yX0Jw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 22:13:45 GMT
age: 61023
etag: "9caf2466f70995d5763b970f916c4944b364a4ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe468f92f-2486-4c80-ab37-4225f9f983cc.webp
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe468f92f-2486-4c80-ab37-4225f9f983cc.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5fc04eddc597d6b10db5d59c53f20aec
dddc0da13526d24aaea990cc1d68d9212612da43
a7e2d1fd141c4383de3411be95b8875c9d969d5f001020793a2b4d939aaa780b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe468f92f-2486-4c80-ab37-4225f9f983cc.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12268
x-amzn-requestid: cd9ea4f7-9a75-47b4-a0ad-817c821a592e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlpZHbBIAMFfUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1ca2-69a98f453929cc817bead2c7;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Xq1vIovXXR0pPaaHjKWeLcZszoEkISrYvqKvshtQ9dFTf6CUwxmIWA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 22:16:00 GMT
etag: "dddc0da13526d24aaea990cc1d68d9212612da43"
content-type: image/jpeg
age: 60888
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash feb275cc5fa7b13e70522cb76f001bbc
80ca9cf6cbbc73a884c3a839ace9a7aa191a8504
a5680637b55669355967b87fd4be4881a3e4dea746b7c420acf4dcb46b8a28de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8242
x-amzn-requestid: 1ab9c180-7e6b-4eae-a6cf-6a45c96fdc4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlrkE_2oAMFk2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1cb0-0089846803d11bb649874507;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6xhB_vy5Aj6ScBQuTwWX93HFG5eS3SZHr7dP2Qsz-Q1P1pcXk339gQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:43:10 GMT
age: 62858
etag: "80ca9cf6cbbc73a884c3a839ace9a7aa191a8504"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb45d42fc-185c-4bf0-906b-55b0275ee2d4.jpeg
34.120.237.76200 OK 3.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb45d42fc-185c-4bf0-906b-55b0275ee2d4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aeb648ba8ff2bcbb363004559ced5b87
25c8230dc14cfc31d8660b8ea8a72f3ac881ea7e
3eb0d98cc52b574f7496061ab00d6276c7a83ca1be7b7974a932a7827a9dd4b3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb45d42fc-185c-4bf0-906b-55b0275ee2d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3319
x-amzn-requestid: 4720d817-e198-4cae-b14c-b78972e7dd05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlrkGdMIAMF8_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1cb0-6c3edabf3f07e37951156122;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:36 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DM1zgiiuwGAtsVQj7S-Nz7N8_NvgUdw8JceoQtBRJrNg9iUmpfBY3w==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:43:10 GMT
age: 62858
etag: "25c8230dc14cfc31d8660b8ea8a72f3ac881ea7e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F407f630c-7642-40eb-8db3-288b03315712.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F407f630c-7642-40eb-8db3-288b03315712.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 178b1b5efcd0c5997d0e5b820193abe2
460630852800c0304295c78df268bfec64416f98
9822d2ef4199dcc01f81a8e6d3a91d9545466c17abfca4eb30e0a49ca8301da6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F407f630c-7642-40eb-8db3-288b03315712.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3445
x-amzn-requestid: 92b5ba7a-e45a-495c-89ae-9738fd5644bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWloyHMpoAMF-Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c9e-5508b96c349a34537809ef0e;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3-XU3AO60wbMDZcPshBPHvxEFAQHVs7-dlg52BfbxkSlDAEx9kaeeg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:50:01 GMT
age: 62447
etag: "460630852800c0304295c78df268bfec64416f98"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F790db4df-e6d4-48ab-92fb-179a770f76b7.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F790db4df-e6d4-48ab-92fb-179a770f76b7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c2db9097ad95b726c65a3130483daf7
2b6dbe326a49e03a0f8d1a5d15930fd7870f6f79
1da5e63e7a3e837c758bb365e5e99e6dfb6c54e9b2fe038c3eb1334a86dc4d74
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F790db4df-e6d4-48ab-92fb-179a770f76b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7723
x-amzn-requestid: 1e07419e-8cd6-43d6-b0bb-61183502ee40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlpGHFKIAMFUUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1ca0-751c8b152ea5c28f5a78bf46;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: BXdwO74rhbF9575IFRz-DNbcEFNiX7JiCtsvghmUE8zOju0eyuFjow==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 22:16:00 GMT
etag: "2b6dbe326a49e03a0f8d1a5d15930fd7870f6f79"
content-type: image/jpeg
age: 60888
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2