r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 96367f956a4177aec7e7e80221539d58
8dcad10fde96c139d1ef212388cb6755fe3fe077
f4f9bdb5180359dfd734cef1e6f1b54bc9d8f72cae557366eb74f22100b94dc4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4F9BDB5180359DFD734CEF1E6F1B54BC9D8F72CAE557366EB74F22100B94DC4"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11006
Expires: Thu, 15 Dec 2022 15:03:00 GMT
Date: Thu, 15 Dec 2022 11:59:34 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 555d8608594803d49eeb9581c6b70702
d01e0201e0ba0cf751ef97226620338a853bc635
2885cdac311a30161a8ac9ef8e54c788afafd4f86ed197a651fc6d8bda077908
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2885CDAC311A30161A8AC9EF8E54C788AFAFD4F86ED197A651FC6D8BDA077908"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4682
Expires: Thu, 15 Dec 2022 13:17:36 GMT
Date: Thu, 15 Dec 2022 11:59:34 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 15 Dec 2022 11:08:59 GMT
content-type: application/json
age: 3035
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 51bd0cc75ed746fd33c950eb12936b7e
4a1007ea6c6e4f5e8b4a7d1f85f7a3e329dc8f50
188d4a0d544f40048dc7476cb4f5e478f1eb49a8ef1d51699fb155d2ae258655
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "188D4A0D544F40048DC7476CB4F5E478F1EB49A8EF1D51699FB155D2AE258655"
Last-Modified: Tue, 13 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7011
Expires: Thu, 15 Dec 2022 13:56:25 GMT
Date: Thu, 15 Dec 2022 11:59:34 GMT
Connection: keep-alive
evokecapital.net/
34.145.80.165301 Moved Permanently 233 B IP 34.145.80.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 001d0bd0dbd16782c9fb1fadf96094c0
e1edfd9c9fff0c13ec9890eb59b00f22025c6cbe
a8981e882d95503aa96a4c089234cf014fc5822712a75e1057ce49fe4824cb60
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 15 Dec 2022 11:59:34 GMT
Server: Apache
Location: https://evokecapital.net/
Content-Length: 233
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /MLA/0KuHBdlzh4BWEM+m6t6MPapvtdq3pV94KbdywUhLnwBPXHDsiAv8hgJ+i0lzyZhN1m4ywg=
x-amz-request-id: WKX2618A4HBS44EF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 15 Dec 2022 11:52:45 GMT
age: 409
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Dec 2022 11:59:34 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 15 Dec 2022 11:08:00 GMT
age: 3095
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dc51211247c5fc33cab7ea20a2563f05
0734c9ab3847906e1fcbc9a31eb2f155cfff1c72
fee87a69a84cbb9877339c593b2cca8e5e189d97e9faf824fef545d0e34b2540
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FEE87A69A84CBB9877339C593B2CCA8E5E189D97E9FAF824FEF545D0E34B2540"
Last-Modified: Thu, 15 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 15 Dec 2022 17:59:35 GMT
Date: Thu, 15 Dec 2022 11:59:35 GMT
Connection: keep-alive
evokecapital.net/
34.145.80.165301 Moved Permanently 0 B IP 34.145.80.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Date: Thu, 15 Dec 2022 11:59:35 GMT
Server: Apache
X-Redirect-By: WordPress
Location: https://www.evokecapital.net/
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b9f0adeb27a19629aeff6f34de67f3ad
3876d1b871d7da6d18de23c2edb301eb30728066
c5744a90c8f66629aa2331465a32afe0d430b36d16fd98bc821e370f1b24463c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3415
Cache-Control: max-age=165860
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 11:59:35 GMT
Etag: "639ae3b4-1d7"
Expires: Sat, 17 Dec 2022 10:03:55 GMT
Last-Modified: Thu, 15 Dec 2022 09:07:00 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.43.228.5101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.228.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hs4GHQrcPt9jTIRbY1+0xA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /FZm7CsIxXht4KVlsAu/vtdiXMU=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4888
Expires: Thu, 15 Dec 2022 13:21:04 GMT
Date: Thu, 15 Dec 2022 11:59:36 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4888
Expires: Thu, 15 Dec 2022 13:21:04 GMT
Date: Thu, 15 Dec 2022 11:59:36 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4888
Expires: Thu, 15 Dec 2022 13:21:04 GMT
Date: Thu, 15 Dec 2022 11:59:36 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4888
Expires: Thu, 15 Dec 2022 13:21:04 GMT
Date: Thu, 15 Dec 2022 11:59:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F874ce85e-7786-4e92-aea7-1c22181143e6.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F874ce85e-7786-4e92-aea7-1c22181143e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 389fe7dd5f3f80351a97fe4106be49b5
a91f474e6d320797c2ea32ecaf7a341f5f77fe82
11957edbfb3dc06abbe8ee6aa9dac0a25f84ba909a6404030c9f081343384513
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F874ce85e-7786-4e92-aea7-1c22181143e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9108
x-amzn-requestid: 2134a88c-a745-4061-ac63-16989306d7da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dH_FlF6MoAMFQsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63997889-18ba85822302c07e672f17e3;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 07:17:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cqlGj6xu4etxgHqsCba0T3DmafdJe71e4CRzfte5w2HSr-CQqweufQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 07:55:29 GMT
age: 14647
etag: "a91f474e6d320797c2ea32ecaf7a341f5f77fe82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91bfedca-f74c-4bc0-9808-bfbd384a8508.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91bfedca-f74c-4bc0-9808-bfbd384a8508.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 52310941c29a5fa39c1f50ecad222db4
164f9c5dc80de2448be587cc9e0b6b2865be6c1c
abfaee5861e073a3448d4509137a8ae41c87810dbdc1a226870e4d67b9b372d4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91bfedca-f74c-4bc0-9808-bfbd384a8508.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7515
x-amzn-requestid: 22dd6bae-36a5-4ba0-b397-379b3d9bdc1b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpL9EHSIAMF5gA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef19-362a6bc00c386225614a01f3;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:31:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: LsArzWJ9ZB1XPcHKgoANz-bfBrvDiYYS3-jqq_vpfDKfoZwwCp3rqA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 22:03:07 GMT
age: 50189
etag: "164f9c5dc80de2448be587cc9e0b6b2865be6c1c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f6337-b00d-4487-82ce-cbed5b4f3f4f.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f6337-b00d-4487-82ce-cbed5b4f3f4f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0d2294cdacdc84b8b19874ba56035a6d
53009a81b15e464d5529d36b1e04b841b2ae034e
67d59aa026b43ed3f698f3853b986fc7c07e4e6e5f7b3551e59238f79978480a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f6337-b00d-4487-82ce-cbed5b4f3f4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7616
x-amzn-requestid: 71bbe208-11e3-4280-bf09-bff8bd18fcb4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c82fXGmPoAMF3Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63950462-12393ca432808b7f0b2771dc;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 22:12:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G1MopDnv-WOAbIBMe0v-V9xXeJIVDReKWSMG33dQt1q5GpK41RU0PQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 07:03:37 GMT
age: 17759
etag: "53009a81b15e464d5529d36b1e04b841b2ae034e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f56798-4039-4a1a-9490-f61d1b1e77da.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f56798-4039-4a1a-9490-f61d1b1e77da.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 672ae812012d060ba75fbb8cb9d6038c
2ab1016451432b6cd1d6b9756c6cc6a926ffa7ce
cd9c002af775a6ba6ff8902a67e19c2ed2663d23bf8a1c3fe763598a60ba8d69
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f56798-4039-4a1a-9490-f61d1b1e77da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5259
x-amzn-requestid: 21c0e355-e696-4785-a162-5f96e02836f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c3fV1HHKIAMFsjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6392df58-608335604793d9f46939a81a;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 07:10:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YF20vWN7faRilx8H98vMPeAimGKAPA-32GulYRed4h-vQAzwkYNgbA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 22:14:27 GMT
age: 49509
etag: "2ab1016451432b6cd1d6b9756c6cc6a926ffa7ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc8ebfc6-61e6-40a2-9330-dccc75c41225.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc8ebfc6-61e6-40a2-9330-dccc75c41225.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86aaca525eba678cdae6480594a8249a
87171c4499e8d82e8ec325e9133c180c0773c1dc
03fb5c8f20a85f301f9bf3096aefb36bbadfdd54d4bdd5227d45fced4ad004d7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc8ebfc6-61e6-40a2-9330-dccc75c41225.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9864
x-amzn-requestid: cef32774-5aee-477b-a929-60d34e8d093c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dHwMtGO1oAMFjHQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639960b7-79414714540e99977b32b6c7;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 05:35:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: FXgZkJXSICEd8RRuW8v9nnGV9KxXcCCRsbfKn50j3B8fMW8oZX2YOQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 17:06:34 GMT
age: 67982
etag: "87171c4499e8d82e8ec325e9133c180c0773c1dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cff467d-ce7f-4454-8f95-b9c6348a2347.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cff467d-ce7f-4454-8f95-b9c6348a2347.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 651b0f2569cf044585ce4f571cfd89fb
4c5e9db56536dd4145d63200d0fd74e2aa243fbf
c561267909b1e19768a2c11d78bab18faaa0de11d822e56324d7642daf798bf5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cff467d-ce7f-4454-8f95-b9c6348a2347.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5820
x-amzn-requestid: aea526e4-f177-483a-bf63-4dbc3e526bf6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dHHBHE8HIAMFn0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63991ed3-2fdc5eed7f4c006224bd29c5;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 00:54:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: usEmccGMldP3GGjxbRfQ_TuRDdRzDqo8C31tNcjXVpz3ke03xykUfg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 13:45:56 GMT
etag: "4c5e9db56536dd4145d63200d0fd74e2aa243fbf"
content-type: image/jpeg
age: 80020
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.evokecapital.net/
34.145.80.165200 OK 40 kB IP 34.145.80.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (24825)
Hash e4ec21458b46173607c5fb2faedcb0f7
472cea09940e9d8bda7563c58de53307e32b1c1b
7f6e0c4ab51d98127125566a3997526d52a76dbb032a9930263077aa920f7213
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:35 GMT
Server: Apache
Link: <https://www.evokecapital.net/wp-json/>; rel="https://api.w.org/", <https://www.evokecapital.net/wp-json/wp/v2/pages/9>; rel="alternate"; type="application/json", <https://www.evokecapital.net/>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 40184
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.evokecapital.net/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
34.145.80.165200 OK 12 kB URL HTTP/1.1 www.evokecapital.net/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 34.145.80.165:0
File type ASCII text, with very long lines (47826)
Hash 8fa87dd23394a22621248ec378d2af59
9305bc637a89b1700d7f56a19a80bd32b0feb2f7
c162f7de24fa2d4e93e0da254ef287ff72f4a3e03f42443265097968351388dc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:36 GMT
Server: Apache
Last-Modified: Wed, 16 Nov 2022 07:08:23 GMT
ETag: "172a9-5ed91236a8c24-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12518
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.evokecapital.net/wp-content/themes/twentytwentyone/style.css?ver=1.0.0
34.145.80.165200 OK 23 kB URL HTTP/1.1 www.evokecapital.net/wp-content/themes/twentytwentyone/style.css?ver=1.0.0
IP 34.145.80.165:0
File type Unicode text, UTF-8 text, with very long lines (403)
Hash 198bfc0151e184fc450802c7f094a65b
46197f67e5fa6defa4cfe4f9126c9dc1b842f1ca
c2eade6734d51fc3403cb15e9b253d92aa3493ae520f827d241fd27d9efc035a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/twentytwentyone/style.css?ver=1.0.0 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:37 GMT
Server: Apache
Last-Modified: Tue, 05 Jul 2022 17:49:32 GMT
ETag: "263d6-5e3127990d1a2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 22841
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7554f75e4959d216038e95962579e741
10f237248a234544391eb351e97515d385a372b3
cb2bc78887ed330dee49076c04ba87723fdc2a869a124dba2a475cac174480da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 11:59:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.evokecapital.net/wp-includes/css/classic-themes.min.css?ver=1
34.145.80.165200 OK 189 B URL HTTP/1.1 www.evokecapital.net/wp-includes/css/classic-themes.min.css?ver=1
IP 34.145.80.165:0
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:37 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 07:15:04 GMT
ETag: "d9-5ec77997f3bd4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 189
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.evokecapital.net/wp-content/plugins/anywhere-elementor-pro/includes/assets/lib/vegas/vegas.min.css?ver=2.4.0
34.145.80.165200 OK 1.2 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/anywhere-elementor-pro/includes/assets/lib/vegas/vegas.min.css?ver=2.4.0
IP 34.145.80.165:0
File type ASCII text, with very long lines (9460)
Hash c3db6dba0ace574c826f0904bc01560d
f0235abd28174318b88fc6c782e3d0f8b9bc15e9
3daa064c7cc97dc73d9b4b5cdc56db9ee4d9942bc8e4b70ca372432e8859f122
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/anywhere-elementor-pro/includes/assets/lib/vegas/vegas.min.css?ver=2.4.0 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:37 GMT
Server: Apache
Last-Modified: Fri, 22 Jul 2022 18:18:30 GMT
ETag: "251f-5e468dc7bf3c9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1239
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.evokecapital.net/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
34.145.80.165200 OK 3.9 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
IP 34.145.80.165:0
File type ASCII text, with very long lines (19082)
Hash 10c9d6d3417ebcf9499ecee0d5f2824d
35f00f613c91174860c4a44e5bfb20ea5be0ad0a
68146d87ca9204b68cffd915ddbc11f7a59f8403041232a2c885cdf24f8f4473
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:37 GMT
Server: Apache
Last-Modified: Sat, 23 Jul 2022 23:46:46 GMT
ETag: "4ab8-5e4819051991a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3935
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e30904bd9b57028f7ba1cc8e04ff08fd
9acb88374abef6387243ce8c5cf1149d73879ac1
be1ece2af7858ffc84e916d4554a805760c13a2eab346ac5a09a232b79116225
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 11:59:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-52EPG5NT4X
142.250.74.40200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-52EPG5NT4X
IP 142.250.74.40:0
File type ASCII text, with very long lines (20080)
Hash b3a999f2e5a62c72e6c8f3e3a1cbf6e9
1a30961c27e636c956e1592a39749bf0667cce9d
15ed15f9d67742d00f6d1d62a4b1f247a0d179bba5421095a2da821c8b9525e9
GET /gtag/js?id=G-52EPG5NT4X HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 15 Dec 2022 11:59:37 GMT
expires: Thu, 15 Dec 2022 11:59:37 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76247
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.evokecapital.net/wp-content/plugins/anywhere-elementor-pro/includes/assets/css/ae-pro.min.css?ver=2.25.1
34.145.80.165200 OK 12 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/anywhere-elementor-pro/includes/assets/css/ae-pro.min.css?ver=2.25.1
IP 34.145.80.165:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7df1e48617713a2a37a9d326546f48ef
0d0324a69f2b113fe077ad4ec0abba8702a753bc
91bb33c9d4805b38f5760e6e250b3f6512696db78592edc515c2b9b73630c0be
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/anywhere-elementor-pro/includes/assets/css/ae-pro.min.css?ver=2.25.1 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:37 GMT
Server: Apache
Last-Modified: Fri, 22 Jul 2022 18:18:30 GMT
ETag: "17190-5e468dc7c0369-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12230
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.evokecapital.net/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
34.145.80.165200 OK 6.3 kB URL HTTP/1.1 www.evokecapital.net/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 34.145.80.165:0
File type ASCII text, with very long lines (15660)
Hash b48c89d0089286dbc34dd2b58df02a2d
c855d63cedba7ad967385917cc27a6a902dec5eb
6f8639e069fef393afd397ce6d31276bcba4980990d50133d00054974b787225
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:37 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 07:15:03 GMT
ETag: "5746-5ec77996eebc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6324
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7554f75e4959d216038e95962579e741
10f237248a234544391eb351e97515d385a372b3
cb2bc78887ed330dee49076c04ba87723fdc2a869a124dba2a475cac174480da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 11:59:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e30904bd9b57028f7ba1cc8e04ff08fd
9acb88374abef6387243ce8c5cf1149d73879ac1
be1ece2af7858ffc84e916d4554a805760c13a2eab346ac5a09a232b79116225
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 11:59:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.evokecapital.net/wp-content/uploads/elementor/css/custom-pro-frontend-lite.min.css?ver=1658513944
34.145.80.165200 OK 1.6 kB URL HTTP/1.1 www.evokecapital.net/wp-content/uploads/elementor/css/custom-pro-frontend-lite.min.css?ver=1658513944
IP 34.145.80.165:0
File type ASCII text, with very long lines (11362), with no line terminators
Hash 105aee2062b3bc71072ead3211e62695
93bd587822b68fca33715c121344ff837c39976e
dde91b05bb973a1cac2dd7a26dda9e148d1f33d2a365cd529be47571760f267a
GET /wp-content/uploads/elementor/css/custom-pro-frontend-lite.min.css?ver=1658513944 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:37 GMT
Server: Apache
Last-Modified: Fri, 22 Jul 2022 18:19:04 GMT
ETag: "2c62-5e468de80918b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1613
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.evokecapital.net/wp-content/uploads/elementor/css/custom-frontend-lite.min.css?ver=1658513944
34.145.80.165200 OK 14 kB URL HTTP/1.1 www.evokecapital.net/wp-content/uploads/elementor/css/custom-frontend-lite.min.css?ver=1658513944
IP 34.145.80.165:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ad35017fef0d7cbbd81b93bfbb64cc7c
3526492ba97ceecf94ed635ee641a30993108396
e46f47d07ef7fdec18dcc8f70d31277ca2ef42289925c3855b0cff72b3dd6e00
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/custom-frontend-lite.min.css?ver=1658513944 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:37 GMT
Server: Apache
Last-Modified: Fri, 22 Jul 2022 18:19:04 GMT
ETag: "1a5dc-5e468de7ff545-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13976
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.evokecapital.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.6.7
34.145.80.165200 OK 13 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.6.7
IP 34.145.80.165:0
File type ASCII text, with very long lines (59158)
Hash d7913fc87c4606f82b4ee77a8d47fc2f
62a54acf7535ae53425b44dadfe5fdabf3d8300a
bb05c88bb0b82e2f14f1efb94b4c3511292f74c3bb7cb0b104d300a42a49492f
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.6.7 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:37 GMT
Server: Apache
Last-Modified: Sat, 23 Jul 2022 23:46:46 GMT
ETag: "e7d0-5e48190516a38-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12869
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.evokecapital.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.6.7
34.145.80.165200 OK 4.2 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.6.7
IP 34.145.80.165:0
File type ASCII text, with very long lines (26516)
Hash d74abcef3df71d56667a44693f75c454
be993a7b5c88a550ef0dc19c4841f240e41967f8
8c8fb98c0a68a93f2bcf224fcc1bdaa1095fc1b3f5418f2e2c5fddcfa3dee410
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.6.7 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:37 GMT
Server: Apache
Last-Modified: Sat, 23 Jul 2022 23:46:46 GMT
ETag: "684e-5e48190516a38-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4229
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
www.evokecapital.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
34.145.80.165200 OK 13 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 34.145.80.165:0
File type ASCII text, with very long lines (57726)
Hash 991d00cd7cb62d50a29295522d554f1f
e128a5238f141e9c4da1979716108d858340fe03
b8fcb61816168fc6a7ee01bb09fa4378398838dc6e4f49dc411872876355d113
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:37 GMT
Server: Apache
Last-Modified: Sat, 23 Jul 2022 23:46:46 GMT
ETag: "e238-5e48190516a38-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12582
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.evokecapital.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
34.145.80.165200 OK 309 B URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 34.145.80.165:0
File type ASCII text, with very long lines (483)
Hash 0ea43e394ddaae5fdb710dbbc8869e58
3b0c93adc80720236096201db5cc2751e703996d
85225fffa21a94bfd954393d7471069ab227b98fd8b51cb5ab4af5488168a34e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:37 GMT
Server: Apache
Last-Modified: Sat, 23 Jul 2022 23:46:46 GMT
ETag: "29d-5e48190516a38-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 309
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.evokecapital.net/wp-content/plugins/ultimate-elementor/assets/min-css/uael-frontend.min.css?ver=1.36.8
34.145.80.165200 OK 68 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/ultimate-elementor/assets/min-css/uael-frontend.min.css?ver=1.36.8
IP 34.145.80.165:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4978be802b2ba5fe6395daacaf512855
8092518070be8b5bd02428213f2e110a7c73e37d
ab81091120ed3a9d8a76984d7def8d8abe219c26dc7c3b69232d57d531e7760c
GET /wp-content/plugins/ultimate-elementor/assets/min-css/uael-frontend.min.css?ver=1.36.8 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:37 GMT
Server: Apache
Last-Modified: Thu, 07 Jul 2022 15:38:16 GMT
ETag: "99202-5e338dfd5c56a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
www.evokecapital.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
34.145.80.165200 OK 308 B URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
IP 34.145.80.165:0
File type ASCII text, with very long lines (489)
Hash 0a08469d24387f830bbaaa00b3c228ae
01f5dfeb8f93a32c9a8f66fe5940758109771fcd
3c7c29e5fc1193ff7ce24f72f77b2dc129e1a9434a97ef7b625f6f715531803c
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:37 GMT
Server: Apache
Last-Modified: Sat, 23 Jul 2022 23:46:46 GMT
ETag: "2a3-5e48190516a38-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 308
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
www.evokecapital.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
34.145.80.165200 OK 5.5 kB URL HTTP/1.1 www.evokecapital.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 34.145.80.165:0
File type ASCII text, with very long lines (11126)
Hash 49073d7e947f7af9c039a380db94c9b6
01f5a336a6518d3d0b625109043b098464d3beb1
6a53d3ccb5b2a5bc28c118b32d602a4a0e0313eb26330b3fae1ad3bc9bc77fb7
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:37 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 07:15:04 GMT
ETag: "3a65-5ec77997e2e00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5476
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.6.7
34.145.80.165200 OK 5.5 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.6.7
IP 34.145.80.165:0
File type ASCII text, with very long lines (14891)
Hash 8f80c0ae2696f06dc688402e9ba4d826
b1ee94a49d0fa373db65566f7d7bf1f8163ae784
2b822431626148cc7d845907413e2063c05dd8d8e85968eb3d9c73124e7d4e42
GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.6.7 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:37 GMT
Server: Apache
Last-Modified: Sat, 23 Jul 2022 23:46:46 GMT
ETag: "495c-5e48190466580-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5549
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-content/themes/twentytwenty-one-child/style.css?ver=6.1.1
34.145.80.165200 OK 1.6 kB URL HTTP/1.1 www.evokecapital.net/wp-content/themes/twentytwenty-one-child/style.css?ver=6.1.1
IP 34.145.80.165:0
Hash 0a82ff38564b5fb6df4eb6956514effd
880d88a0042d57e28ae7a3ca79134b1ec9122d0f
425ebf2a2966c0b7fca80575b2937e8c3221bfce8560c4155533f1756e01320f
GET /wp-content/themes/twentytwenty-one-child/style.css?ver=6.1.1 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:37 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 09:40:25 GMT
ETag: "138c-5dfe6fab49b39-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1567
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.evokecapital.net/wp-content/uploads/elementor/css/custom-pro-widget-nav-menu.min.css?ver=1658513945
34.145.80.165200 OK 3.5 kB URL HTTP/1.1 www.evokecapital.net/wp-content/uploads/elementor/css/custom-pro-widget-nav-menu.min.css?ver=1658513945
IP 34.145.80.165:0
File type ASCII text, with very long lines (29344), with no line terminators
Hash f1a40bb68736e2ff21335fb897ba1c97
3d08ae95b9f04fd1b09121d145e613cf501474d9
71983f03e6935cf2291f17a8d8e105e4cd956a7188a0c8db4806a60d4c0d1bda
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/custom-pro-widget-nav-menu.min.css?ver=1658513945 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:37 GMT
Server: Apache
Last-Modified: Fri, 22 Jul 2022 18:19:05 GMT
ETag: "72a0-5e468de962d9b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3492
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css
www.evokecapital.net/wp-content/uploads/elementor/css/custom-widget-icon-list.min.css?ver=1658513945
34.145.80.165200 OK 981 B URL HTTP/1.1 www.evokecapital.net/wp-content/uploads/elementor/css/custom-widget-icon-list.min.css?ver=1658513945
IP 34.145.80.165:0
File type ASCII text, with very long lines (11736), with no line terminators
Hash c341060579f35114ba36f9dea3a0a977
481e5443806f5a5232468c9004b0b265ab6ab774
9f08559f7e762c2a770fabb81b4f66ad10cc5a2654ed71dac0291e9c159cee40
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/custom-widget-icon-list.min.css?ver=1658513945 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:37 GMT
Server: Apache
Last-Modified: Fri, 22 Jul 2022 18:19:05 GMT
ETag: "2dd8-5e468de976626-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 981
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
www.evokecapital.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
34.145.80.165200 OK 32 kB URL HTTP/1.1 www.evokecapital.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 34.145.80.165:0
File type ASCII text, with very long lines (65447)
Hash 7d7b3286a359e1b680af306232c8f45c
876a5950bee8dfe500d1c83bba819ef5149229e7
f336f1bd1da43a250cd7720c88d04ef925e763253a2e9a1f9a2674a808c78430
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:37 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 07:15:04 GMT
ETag: "16ce1-5ec77997e2e00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 32341
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-content/plugins/elementor-pro/assets/css/widget-carousel.min.css
34.145.80.165200 OK 3.5 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/elementor-pro/assets/css/widget-carousel.min.css
IP 34.145.80.165:0
File type ASCII text, with very long lines (36838)
Hash 1948fcc6ea491fc1214529653a35e8e6
23705a249bfde09538e9362cd8fb787713a2bdf0
56746bb46227de1a3c667691a9530406288b7c3a6eea0f7c05bb5db2dea2a96b
GET /wp-content/plugins/elementor-pro/assets/css/widget-carousel.min.css HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:37 GMT
Server: Apache
Last-Modified: Mon, 20 Jun 2022 21:20:43 GMT
ETag: "9011-5e1e7ad3e88c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3534
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.evokecapital.net/wp-content/themes/twentytwentyone/style.css?ver=6.1.1
34.145.80.165200 OK 23 kB URL HTTP/1.1 www.evokecapital.net/wp-content/themes/twentytwentyone/style.css?ver=6.1.1
IP 34.145.80.165:0
File type Unicode text, UTF-8 text, with very long lines (403)
Hash 198bfc0151e184fc450802c7f094a65b
46197f67e5fa6defa4cfe4f9126c9dc1b842f1ca
c2eade6734d51fc3403cb15e9b253d92aa3493ae520f827d241fd27d9efc035a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/twentytwentyone/style.css?ver=6.1.1 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:37 GMT
Server: Apache
Last-Modified: Tue, 05 Jul 2022 17:49:32 GMT
ETag: "263d6-5e3127990d1a2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 22841
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.evokecapital.net/wp-content/plugins/gravityforms/assets/css/dist/basic.min.css?ver=2.6.8
34.145.80.165200 OK 7.3 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/gravityforms/assets/css/dist/basic.min.css?ver=2.6.8
IP 34.145.80.165:0
File type ASCII text, with very long lines (47167), with no line terminators
Hash ad9126db5a30becedbca3c088e7d5a13
f7c57a739b7ce94aab9c722af828db79cbdee811
cf0ed81fd7a5278b74c6d22844042e3f1757749815f5dcb90f1fd13394f9bdeb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/gravityforms/assets/css/dist/basic.min.css?ver=2.6.8 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2022 13:49:54 GMT
ETag: "b83f-5ed1e0c4a016f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7250
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.evokecapital.net/wp-content/plugins/gravityforms/assets/css/dist/theme-components.min.css?ver=2.6.8
34.145.80.165200 OK 0 B URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/gravityforms/assets/css/dist/theme-components.min.css?ver=2.6.8
IP 34.145.80.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/gravityforms/assets/css/dist/theme-components.min.css?ver=2.6.8 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2022 13:49:54 GMT
ETag: "0-5ed1e0c4a016f"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/css
www.evokecapital.net/wp-content/plugins/gravityforms/assets/css/dist/theme-ie11.min.css?ver=2.6.8
34.145.80.165200 OK 401 B URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/gravityforms/assets/css/dist/theme-ie11.min.css?ver=2.6.8
IP 34.145.80.165:0
File type ASCII text, with very long lines (1753), with no line terminators
Hash 8d7c5d4fd77c210d53f0e4aa7bffb22d
0575a21fea20f557477c4c222356915f6c884995
b00611713e74017f6dbe6353f7107ef8524d5f877c19cda61d9e3abf299276a8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/gravityforms/assets/css/dist/theme-ie11.min.css?ver=2.6.8 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2022 13:49:54 GMT
ETag: "6d9-5ed1e0c4a016f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 401
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
www.evokecapital.net/wp-content/plugins/gravityforms/assets/css/dist/theme.min.css?ver=2.6.8
34.145.80.165200 OK 5.2 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/gravityforms/assets/css/dist/theme.min.css?ver=2.6.8
IP 34.145.80.165:0
File type ASCII text, with very long lines (30590), with no line terminators
Hash b02f31812ac7da18ae5a70980851647c
e3687d25557a2ba74e441abf9b98425382f10eb3
816f5acf5a75344f26bdfbb87e542b1fbc4d96515af5184aeb3fcf9f3b4b249c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/gravityforms/assets/css/dist/theme.min.css?ver=2.6.8 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2022 13:49:54 GMT
ETag: "777e-5ed1e0c4a016f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5247
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.evokecapital.net/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.6.7
34.145.80.165200 OK 2.6 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.6.7
IP 34.145.80.165:0
File type ASCII text, with very long lines (10019)
Hash 0ea81c35141c6a4692506e4fe8d36edb
392c5f96995e66d74c27ed5a42f93169c2f32d18
b7488fd21ad73e483cdcaf42097ea7787ffe0616477e29a537f53f6064e321ab
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.6.7 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Sat, 23 Jul 2022 23:46:46 GMT
ETag: "4824-5e48190513b56-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2592
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2e709a04ea80113c435ca4f9d37e93e7
053f34d74eded192d698bb20956897ec3e3ad23b
2535554bd9d9004c7888cde496278d847002218fb1d35a3d4bacdd98c8a92ff9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 11:59:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.evokecapital.net/wp-content/plugins/anywhere-elementor-pro/includes/assets/js/ae-pro.min.js?ver=2.25.1
34.145.80.165200 OK 3.9 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/anywhere-elementor-pro/includes/assets/js/ae-pro.min.js?ver=2.25.1
IP 34.145.80.165:0
File type ASCII text, with very long lines (12975)
Hash 4b802707683586c9471fd4a9dd050c77
fca24eb9c9bee88d5bec66ee9ce14c56f6c5b27d
53ff43bf2cc1f6f97f4198781038e9b2cfaed7438f19c29b2b3424bb948b3392
GET /wp-content/plugins/anywhere-elementor-pro/includes/assets/js/ae-pro.min.js?ver=2.25.1 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Fri, 22 Jul 2022 18:18:30 GMT
ETag: "4126-5e468dc75e980-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3906
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-content/plugins/anywhere-elementor-pro/build/index.min.js?ver=2.25.1
34.145.80.165200 OK 15 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/anywhere-elementor-pro/build/index.min.js?ver=2.25.1
IP 34.145.80.165:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a01f12ee99285f47519162ce14f80cc3
7ea3f04b112e1df274bc5247bd5d7abc194c5ad5
94229b3c21e3da71cae504419635e562b5788ca5a5dedd70958d017a47a66935
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/anywhere-elementor-pro/build/index.min.js?ver=2.25.1 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Fri, 22 Jul 2022 18:18:30 GMT
ETag: "11992-5e468dc75e980-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 15135
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.35200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.evokecapital.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 06:30:11 GMT
expires: Sat, 09 Dec 2023 06:30:11 GMT
cache-control: public, max-age=31536000
age: 538167
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.evokecapital.net/wp-content/plugins/anywhere-elementor-pro/includes/assets/js/ae-editor.min.js?ver=2.25.1
34.145.80.165200 OK 2.0 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/anywhere-elementor-pro/includes/assets/js/ae-editor.min.js?ver=2.25.1
IP 34.145.80.165:0
File type ASCII text, with very long lines (1688)
Hash 4674be41a15eedf485f55d288c27e51b
601bd5442e34b2cf29d17226c54425d6d014200c
d0cad7cf994726967d3fbcbc7a4c722c554673bac0154318d07595ddf8c60bc1
GET /wp-content/plugins/anywhere-elementor-pro/includes/assets/js/ae-editor.min.js?ver=2.25.1 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Fri, 22 Jul 2022 18:18:30 GMT
ETag: "150f-5e468dc75e980-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1970
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2e709a04ea80113c435ca4f9d37e93e7
053f34d74eded192d698bb20956897ec3e3ad23b
2535554bd9d9004c7888cde496278d847002218fb1d35a3d4bacdd98c8a92ff9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 11:59:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.evokecapital.net/wp-content/plugins/anywhere-elementor-pro/includes/assets/lib/vegas/vegas.min.js?ver=2.4.0
34.145.80.165200 OK 4.4 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/anywhere-elementor-pro/includes/assets/lib/vegas/vegas.min.js?ver=2.4.0
IP 34.145.80.165:0
File type ASCII text, with very long lines (9875)
Hash 0e319351b586a5ba748c4518acde46ec
37dc93c525f5f75af035798be6364c8c1fe90fcc
cb252daf4422adcc6d7ccc6ae669e8ff7b557d0565f096a997da1e768d93b8e6
GET /wp-content/plugins/anywhere-elementor-pro/includes/assets/lib/vegas/vegas.min.js?ver=2.4.0 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Fri, 22 Jul 2022 18:18:30 GMT
ETag: "3547-5e468dc75e980-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4428
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-content/themes/twentytwenty-one-child/js/script.js?ver=1.0
34.145.80.165200 OK 1.4 kB URL HTTP/1.1 www.evokecapital.net/wp-content/themes/twentytwenty-one-child/js/script.js?ver=1.0
IP 34.145.80.165:0
Hash 8c093e776aa4d96d961fa4842903a148
73677544efb8088904525fa6dfadb63e4f0a8596
2d8abb60cfdf6bb0b30c19017deb3b5ad0f1e0b4c05119b10774247eac7a436e
GET /wp-content/themes/twentytwenty-one-child/js/script.js?ver=1.0 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Wed, 29 Sep 2021 07:49:11 GMT
ETag: "e9d-5cd1d90d24bc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1361
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-content/themes/twentytwentyone/assets/js/responsive-embeds.js?ver=1.0.0
34.145.80.165200 OK 1.8 kB URL HTTP/1.1 www.evokecapital.net/wp-content/themes/twentytwentyone/assets/js/responsive-embeds.js?ver=1.0.0
IP 34.145.80.165:0
Hash 550fcad3ea461d6e776eb8375ed88fe8
36a63084adf5f5f01664edd90e48248fef1187fe
da31d805b7dfa3c7ed7e66f29ea85111a0b488655d77f74ee2f1e736ede4817b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/twentytwentyone/assets/js/responsive-embeds.js?ver=1.0.0 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Tue, 05 Jul 2022 17:49:31 GMT
ETag: "12f4-5e312798180c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1837
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
34.145.80.165200 OK 8.5 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
IP 34.145.80.165:0
File type ASCII text, with very long lines (25137)
Hash bb5c99adb2058bad9577e2b7bc2a95d7
95c227a669e9e43fdbee5a72639ab865b722d8d7
fa29fc21b0cd0b071255d94ac267027485442b18aa9d973651f210463002b0c5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Mon, 20 Jun 2022 21:20:43 GMT
ETag: "70ff-5e1e7ad3240c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8486
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-includes/js/imagesloaded.min.js?ver=4.1.4
34.145.80.165200 OK 3.1 kB URL HTTP/1.1 www.evokecapital.net/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 34.145.80.165:0
File type ASCII text, with very long lines (5499)
Hash 04b94a73987bfbe5865e8ec1238046f3
bed6376081e0689372ba02e12f547e12ff7f7d23
44edb09985abbd1dca9881c01d7d3fc8d659f2c10ddbcc19f3dafc5fc2161a75
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 07:15:03 GMT
ETag: "248a-5ec77996eebc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3138
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js?ver=0.2.1
34.145.80.165200 OK 2.0 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js?ver=0.2.1
IP 34.145.80.165:0
File type ASCII text, with very long lines (1823)
Hash 081c01faf812eeb4f462c3a1659ba298
30e7c0fbf5ea012810a4dc6b0420791434971c71
ea6dbe6df8b23a78e5f0d6618b70fdf2c0da6c529df3f26f34c6eb92da433b4c
GET /wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js?ver=0.2.1 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Sat, 23 Jul 2022 23:46:46 GMT
ETag: "1596-5e48190466580-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2041
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
34.145.80.165200 OK 3.8 kB URL HTTP/1.1 www.evokecapital.net/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 34.145.80.165:0
File type ASCII text, with very long lines (6497)
Hash 6ee7b09c6c858df3d6a1c12e76db074d
3cccf0113afbde191c85e887143a3fc084d40f93
ca0351f6d28405f415c866e6e7627cbc123cc2ef18b7e8a01a42612bd6d94b00
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 07:15:03 GMT
ETag: "27d8-5ec77996eebc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3789
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
34.145.80.165200 OK 7.9 kB URL HTTP/1.1 www.evokecapital.net/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 34.145.80.165:0
File type Unicode text, UTF-8 text, with very long lines (17841)
Hash 4746613ae2252e6e0208c7c94f4175ed
c391db9e214839dd0cd97de33e94813dbc82f4b2
9cfd09c08c39c36acd04b248ba436602cc6834daa5436e06786e26b7110fdeed
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 07:15:03 GMT
ETag: "542c-5ec77996eebc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7853
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
34.145.80.165200 OK 1.6 kB URL HTTP/1.1 www.evokecapital.net/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
IP 34.145.80.165:0
File type ASCII text, with very long lines (485)
Hash 2fe96597bd07c50ff4ecf15c59fcc5ca
e5017bc8ee59c452f1f0476e8050149dc84a0a3c
b4801a212abf1f7e34ef39b0180f6f84234fe711650499bace3fa4869730b2c9
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 07:15:03 GMT
ETag: "107f-5ec77996eebc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1629
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
34.145.80.165200 OK 3.0 kB URL HTTP/1.1 www.evokecapital.net/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP 34.145.80.165:0
File type ASCII text, with very long lines (4897)
Hash 7c899cf0042723bb32f280240c96e198
a4013a506e67c0763a3fa69ef7a69d0e48a9a6d7
95c20ac72a9f3b3999ac7d7becf7d0f6bd96eef44654fc1f96b50d5227af5696
GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 07:15:03 GMT
ETag: "21bb-5ec77996eebc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2980
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
34.145.80.165200 OK 5.2 kB URL HTTP/1.1 www.evokecapital.net/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP 34.145.80.165:0
Hash 5fe4efda92eb3edab663956b5ced89c2
b68e1c25fd33bd6fc9adf825617a88e1ef3e2ffa
5705c3ac20f454e797370a0decd761c03f14075e0d6a378a09466e2e9160423a
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 07:15:03 GMT
ETag: "3683-5ec77996eebc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5185
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-includes/js/dist/a11y.min.js?ver=ecce20f002eda4c19664
34.145.80.165200 OK 2.3 kB URL HTTP/1.1 www.evokecapital.net/wp-includes/js/dist/a11y.min.js?ver=ecce20f002eda4c19664
IP 34.145.80.165:0
File type Unicode text, UTF-8 text, with very long lines (2494)
Hash a6ed0e22db8444609cf07ae09d2c92af
08882b625f327e8293deb0da14df40c0d24b468b
7fe7017b64cdd4d590f4426ca064942f3c89c4315ad4494b25dffb8aa839f777
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/a11y.min.js?ver=ecce20f002eda4c19664 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 07:15:03 GMT
ETag: "1859-5ec77996eebc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2304
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.6.8
34.145.80.165200 OK 2.2 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.6.8
IP 34.145.80.165:0
File type ASCII text, with very long lines (1858)
Hash 9d18560234fc74b88553cd2b65efb30e
576c05083fba064ea85f3c526c13e1cba7e04ced
ed230b2ef007ca6b070c48e95ebb12773dfa53d87b8158db7145df43baac9bd5
GET /wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.6.8 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2022 13:49:54 GMT
ETag: "15b9-5ed1e0c41e480-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2200
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.6.8
34.145.80.165200 OK 15 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.6.8
IP 34.145.80.165:0
File type ASCII text, with very long lines (44220)
Hash 3fcdf8a1de9ffc2738c1aae876df356a
b5504063681832aecbd2e81c60982a7662b3233d
01853d92ee15977a3831767f773c0e34e93867b8cb6694ea063bc49422c19779
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.6.8 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2022 13:49:54 GMT
ETag: "bb33-5ed1e0c41e480-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14558
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-content/plugins/gravityforms/js/jquery.maskedinput.min.js?ver=2.6.8
34.145.80.165200 OK 3.1 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/gravityforms/js/jquery.maskedinput.min.js?ver=2.6.8
IP 34.145.80.165:0
File type ASCII text, with very long lines (4194)
Hash b703c305ce62338e0a4d112a63a567ef
33fa3b45b39f7ad8db4cebf584ada38ea1d76faf
42b7efd658428bab7de94144c13f18f96508a6702637226aac31af0321288d81
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/gravityforms/js/jquery.maskedinput.min.js?ver=2.6.8 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2022 13:49:54 GMT
ETag: "1ed9-5ed1e0c41e480-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3138
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-content/plugins/ultimate-elementor/assets/min-js/uael-frontend.min.js?ver=1.36.8
34.145.80.165200 OK 10 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/ultimate-elementor/assets/min-js/uael-frontend.min.js?ver=1.36.8
IP 34.145.80.165:0
File type ASCII text, with very long lines (33427)
Hash 6bdea3587eb57d6cf8ca14d2634b811b
bf20bc764ae2f0b645989cdfc947fe2f5640291c
472384140f90aeb8db79c64a74f27c105b0999b154a1b0944cb0978dcfedfc19
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-elementor/assets/min-js/uael-frontend.min.js?ver=1.36.8 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Thu, 07 Jul 2022 15:38:10 GMT
ETag: "910a-5e338df71bc80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10279
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.2
34.145.80.165200 OK 3.7 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.2
IP 34.145.80.165:0
File type ASCII text, with very long lines (5163)
Hash 589df3eebe2936fb34c33acfa787be21
2c6dc778884e41c901e1b255c51334823adce25a
d9fbbf9c3f8d415e4d56b7f9c2860ed096e4e530a4369a27b22bd5c223561dbd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.2 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Mon, 20 Jun 2022 21:20:43 GMT
ETag: "22cd-5e1e7ad3240c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3683
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.7
34.145.80.165200 OK 3.5 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.7
IP 34.145.80.165:0
File type ASCII text, with very long lines (4940)
Hash 9c1cdf661c2d1f3f43a7395490d8b804
f8e2a4a490754b18df0d9646c3b0dbdeff58353f
7bfd4a0f201056bd4f528d5d65493efb37c914a72228ff4f5f22b3fd92368771
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.7 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Sat, 23 Jul 2022 23:46:46 GMT
ETag: "21ea-5e48190466580-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3507
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.7
34.145.80.165200 OK 6.0 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.7
IP 34.145.80.165:0
File type ASCII text, with very long lines (14470)
Hash 5fc376742a2f7fb760b7083d08e988ed
9a73ce8d58c18a1346abd9bbe61df30e59bc8125
646f0aaffc82d37b1d59a8a395f57b490ab7e3e7be6d7321b958f58cb7b79a2f
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.7 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Sat, 23 Jul 2022 23:46:46 GMT
ETag: "4724-5e48190466580-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5958
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.2
34.145.80.165200 OK 7.0 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.2
IP 34.145.80.165:0
File type ASCII text, with very long lines (21186)
Hash daa27812ac4e4aaa76ea008bf1953224
0015649e68ac85730cc9d14c2852acb33d3abc44
ffc1488e757176a954e637bbb234c1fc787abc2c7aa4ca2d5447319393818aa8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.2 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Mon, 20 Jun 2022 21:20:43 GMT
ETag: "6164-5e1e7ad3240c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6965
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
34.145.80.165200 OK 4.3 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 34.145.80.165:0
File type ASCII text, with very long lines (12220)
Hash cbb8d8e6fb9e287a24e38531e844627c
4eaa2723eb9c6604e3590c071559d298589d3769
9d0781a9be9041af93ef57c414401cbf4f4ca7b99aaae83afc619f94d5673459
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Sat, 23 Jul 2022 23:46:46 GMT
ETag: "3e33-5e48190466580-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4309
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.7
34.145.80.165200 OK 12 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.7
IP 34.145.80.165:0
File type ASCII text, with very long lines (37942)
Hash b6cefd4ff599b97c90f792dd7c988292
8556a59b203df9d563fbb13d8ff869507f181e40
81931b82a46fa527ea6ad569d607d7c1b53c936fa9623fccdc7839df2c12c71a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.7 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Sat, 23 Jul 2022 23:46:46 GMT
ETag: "a2d4-5e48190466580-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12340
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
34.145.80.165200 OK 8.4 kB URL HTTP/1.1 www.evokecapital.net/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 34.145.80.165:0
File type Unicode text, UTF-8 text, with very long lines (8211)
Hash 411ca0ed61e83e4655e8886afc242f39
fe0a6c459a9c7e0328cdb66b11969a6c2ec098f3
47bc832b4a8f29507b0b18e08576e8787610e9b55d3e7edf982c7707a1f25679
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 07:15:04 GMT
ETag: "624d-5ec77997e2e00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8429
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.2
34.145.80.165200 OK 7.0 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.2
IP 34.145.80.165:0
File type ASCII text, with very long lines (24361)
Hash 81b9f51f1a50ab9e23ff2fcd46f77ada
4bb93e72d47d0db59511b50f735bb1d94447dfa3
a81027cfb45e28455e36181667785936effd077a0dfc7b535adf001c25c1a2be
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.2 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Mon, 20 Jun 2022 21:20:43 GMT
ETag: "6dcb-5e1e7ad3240c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6960
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.7.2
34.145.80.165200 OK 2.7 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.7.2
IP 34.145.80.165:0
File type ASCII text, with very long lines (3235)
Hash a3cd11ce136f1e37b1a1cc81f56bd5d4
c678398a5a000ee756cafd702cde1f22beb44225
a99c4fa05ccab85644bda8ae3963d567cd223205bdf5521f1d8a52710bc35043
GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.7.2 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Mon, 20 Jun 2022 21:20:43 GMT
ETag: "1b31-5e1e7ad3240c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2670
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-content/uploads/2021/09/BebasNeueBook.woff2
34.145.80.165200 OK 17 kB URL HTTP/1.1 www.evokecapital.net/wp-content/uploads/2021/09/BebasNeueBook.woff2
IP 34.145.80.165:0
File type Web Open Font Format (Version 2), TrueType, length 16888, version 1.0\012- data
Hash 2ff59134b555d6dab3c08b6047fe99ec
efb4edd6fd6b29258b8ea6d429136855d22ca3a7
2ec086453bba15b3b3e06b4521365ab2400472fd0b04cd48afe177c7c510a9cb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2021/09/BebasNeueBook.woff2 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Wed, 29 Sep 2021 09:40:37 GMT
ETag: "41f8-5cd1f1f568f40"
Accept-Ranges: bytes
Content-Length: 16888
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: font/woff2
www.evokecapital.net/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
34.145.80.165200 OK 78 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 34.145.80.165:0
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.evokecapital.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Sat, 23 Jul 2022 23:46:46 GMT
ETag: "13174-5e48190514af7"
Accept-Ranges: bytes
Content-Length: 78196
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: font/woff2
region1.google-analytics.com/g/collect?v=2&tid=G-52EPG5NT4X>m=2oebu0&_p=1038331901&cid=1645226433.1671105576&ul=en-us&sr=1280x1024&_s=1&sid=1671105575&sct=1&seg=0&dl=https%3A%2F%2Fwww.evokecapital.net%2F&dt=Evoke%20Capital&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-52EPG5NT4X>m=2oebu0&_p=1038331901&cid=1645226433.1671105576&ul=en-us&sr=1280x1024&_s=1&sid=1671105575&sct=1&seg=0&dl=https%3A%2F%2Fwww.evokecapital.net%2F&dt=Evoke%20Capital&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-52EPG5NT4X>m=2oebu0&_p=1038331901&cid=1645226433.1671105576&ul=en-us&sr=1280x1024&_s=1&sid=1671105575&sct=1&seg=0&dl=https%3A%2F%2Fwww.evokecapital.net%2F&dt=Evoke%20Capital&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.evokecapital.net
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.evokecapital.net
date: Thu, 15 Dec 2022 11:59:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.evokecapital.net/wp-content/uploads/2021/10/BebasNeueBold.woff2
34.145.80.165200 OK 22 kB URL HTTP/1.1 www.evokecapital.net/wp-content/uploads/2021/10/BebasNeueBold.woff2
IP 34.145.80.165:0
File type Web Open Font Format (Version 2), TrueType, length 22312, version 1.0\012- data
Hash 13d7fb15863eac480c5354e9a7a49b59
66a0028c1816591a4ee0c03d5424ca06979b3c18
770200731a0a0d27b8d93c30dd14a12709cd84a08c589ddfb029f9146ac8822a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2021/10/BebasNeueBold.woff2 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Tue, 12 Oct 2021 05:36:46 GMT
ETag: "5728-5ce213b331780"
Accept-Ranges: bytes
Content-Length: 22312
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: font/woff2
www.evokecapital.net/wp-content/uploads/2021/09/Layer-16-copy.jpg
34.145.80.165200 OK 14 kB URL HTTP/1.1 www.evokecapital.net/wp-content/uploads/2021/09/Layer-16-copy.jpg
IP 34.145.80.165:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1707x838, components 3\012- data
Hash e485e2cf8b5cc75cb34aaaeb6a6e4709
cba3ee1e563f0fbd841e4620667678630e44ba9f
921b22dbeacee0a12cc56304307eb50c974c91f5f6d36eb8dbc6cdf564921890
GET /wp-content/uploads/2021/09/Layer-16-copy.jpg HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:39 GMT
Server: Apache
Last-Modified: Thu, 30 Sep 2021 06:02:35 GMT
ETag: "367b-5cd30316e74c0"
Accept-Ranges: bytes
Content-Length: 13947
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/jpeg
www.evokecapital.net/wp-content/themes/twentytwentyone/assets/css/print.css?ver=1.0.0
34.145.80.165200 OK 1.1 kB URL HTTP/1.1 www.evokecapital.net/wp-content/themes/twentytwentyone/assets/css/print.css?ver=1.0.0
IP 34.145.80.165:0
Hash ffb300f922250ca4dc6e0bbd4d0f302a
a340446e431cdaa0081e78fde866506266fbbed2
91c03bb7f1a3ee98f49eaaca571a4f2f5aa2bcd27bdb9569f6817a97dcbbcf20
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/twentytwentyone/assets/css/print.css?ver=1.0.0 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:39 GMT
Server: Apache
Last-Modified: Tue, 05 Jul 2022 17:49:31 GMT
ETag: "b51-5e3127990c202-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1084
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/css
www.evokecapital.net/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.15.0
34.145.80.165200 OK 92 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.15.0
IP 34.145.80.165:0
File type Web Open Font Format (Version 2), TrueType, length 92444, version 1.0\012- data
Hash e5d9164498f1649084fe6fb95d3ad593
29e71123f8ef22f20f8d50bc4caac9db6e04a824
1525cd3ea05d1c00e4b385e781749c3bac5c01570b5800198bec0a252bb6c715
GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.15.0 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.evokecapital.net/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Sat, 23 Jul 2022 23:46:46 GMT
ETag: "1691c-5e4819051991a"
Accept-Ranges: bytes
Content-Length: 92444
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: font/woff2
www.evokecapital.net/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js
34.145.80.165200 OK 2.6 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js
IP 34.145.80.165:0
File type ASCII text, with very long lines (3284)
Hash 6ae5666dce4a6b6df02b02499a11deae
614f01d3cddcdd49fdfae79b841d3a9b83cc56e1
f0bf4c7d1e0138f26df048b1af87620118d987027e57a2fe78a56fbaafbc79ae
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Cookie: _ga_52EPG5NT4X=GS1.1.1671105575.1.0.1671105575.0.0.0; _ga=GA1.1.1645226433.1671105576; GetLocalTimeZone=GMT+0000 (Coordinated Universal Time)
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:39 GMT
Server: Apache
Last-Modified: Mon, 20 Jun 2022 21:20:43 GMT
ETag: "1b76-5e1e7ad3240c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2584
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-content/plugins/elementor-pro/assets/js/slides.8e4c7cc58ad39c5630ac.bundle.min.js
34.145.80.165200 OK 2.8 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/elementor-pro/assets/js/slides.8e4c7cc58ad39c5630ac.bundle.min.js
IP 34.145.80.165:0
File type ASCII text, with very long lines (3811)
Hash fa21cb7fe72f0bacf9598729ea483b38
47278ee051b75cd830ac493ad09607a1647b06a6
7156c90a8eaee1baf4f719becb95953eaaa09046633bf786955312d9f483639f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/slides.8e4c7cc58ad39c5630ac.bundle.min.js HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Cookie: _ga_52EPG5NT4X=GS1.1.1671105575.1.0.1671105575.0.0.0; _ga=GA1.1.1645226433.1671105576; GetLocalTimeZone=GMT+0000 (Coordinated Universal Time)
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:39 GMT
Server: Apache
Last-Modified: Mon, 20 Jun 2022 21:20:43 GMT
ETag: "1d85-5e1e7ad3240c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2751
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-content/uploads/2022/06/allwhite3.png
34.145.80.165200 OK 20 kB URL HTTP/1.1 www.evokecapital.net/wp-content/uploads/2022/06/allwhite3.png
IP 34.145.80.165:0
File type PNG image data, 727 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash 4c17bb0184b236d382bd52a7d3496186
41963dea835255b98cb209b1e0031bcd2d6e221d
a05ae67d405802e14e01686953f0a774fa9be47c37bfee678a0c145201b323b5
GET /wp-content/uploads/2022/06/allwhite3.png HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:39 GMT
Server: Apache
Last-Modified: Wed, 22 Jun 2022 16:56:30 GMT
ETag: "4c13-5e20c38055fdf"
Accept-Ranges: bytes
Content-Length: 19475
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png
www.evokecapital.net/wp-content/plugins/elementor/assets/js/counter.02cef29c589e742d4c8c.bundle.min.js
34.145.80.165200 OK 1.8 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/elementor/assets/js/counter.02cef29c589e742d4c8c.bundle.min.js
IP 34.145.80.165:0
File type ASCII text, with very long lines (894)
Hash 0d0dd53afa414e7bf589cdfe15d49bd6
53bdb7106cd0b040a7586a97dcbc52ed53d1942a
b43235855103ac358283213587a09ba224b7bebfe64831420949f7cccaa96867
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/counter.02cef29c589e742d4c8c.bundle.min.js HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Cookie: _ga_52EPG5NT4X=GS1.1.1671105575.1.0.1671105575.0.0.0; _ga=GA1.1.1645226433.1671105576; GetLocalTimeZone=GMT+0000 (Coordinated Universal Time)
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:39 GMT
Server: Apache
Last-Modified: Sat, 23 Jul 2022 23:46:46 GMT
ETag: "121c-5e48190466580-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1790
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-content/plugins/elementor-pro/assets/js/carousel.5af857cc40abaf7d2683.bundle.min.js
34.145.80.165200 OK 3.0 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/elementor-pro/assets/js/carousel.5af857cc40abaf7d2683.bundle.min.js
IP 34.145.80.165:0
File type ASCII text, with very long lines (4960)
Hash da8e0ceee0e77baced46650f771f367b
0343f75e516a68a36aa967988a0d2905547e59cc
3205ee5f8a75e3f7ea6f898c6fff5a770c5518d4013d593a32464f3230771db3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/carousel.5af857cc40abaf7d2683.bundle.min.js HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Cookie: _ga_52EPG5NT4X=GS1.1.1671105575.1.0.1671105575.0.0.0; _ga=GA1.1.1645226433.1671105576; GetLocalTimeZone=GMT+0000 (Coordinated Universal Time)
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:39 GMT
Server: Apache
Last-Modified: Mon, 20 Jun 2022 21:20:43 GMT
ETag: "2202-5e1e7ad3240c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2989
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
34.145.80.165200 OK 2.0 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP 34.145.80.165:0
File type ASCII text, with very long lines (1342)
Hash 832486b080e05e96be7ac35bb333f928
1c7682bc5c7380ecd47b3d95cbc271765e1f1dc6
23a6981a020928257ef37e8e4c90379fe96185dc168a71a9341276d5eccedca4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Cookie: _ga_52EPG5NT4X=GS1.1.1671105575.1.0.1671105575.0.0.0; _ga=GA1.1.1645226433.1671105576; GetLocalTimeZone=GMT+0000 (Coordinated Universal Time)
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:39 GMT
Server: Apache
Last-Modified: Sat, 23 Jul 2022 23:46:46 GMT
ETag: "13dc-5e48190466580-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1973
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-content/plugins/anywhere-elementor-pro/includes/assets/lib/vegas/overlays/00.png
34.145.80.165200 OK 923 B URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/anywhere-elementor-pro/includes/assets/lib/vegas/overlays/00.png
IP 34.145.80.165:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 97e5629ed48982f91be2d851c2d886b1
20ae15ad97dcbfe51a25814f8c23338c1b3c64bb
cb23323b7b54d1c29b2db3497732167519fe7ecbb81ebb7e8d9fcd8498c0f1b3
GET /wp-content/plugins/anywhere-elementor-pro/includes/assets/lib/vegas/overlays/00.png HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Cookie: _ga_52EPG5NT4X=GS1.1.1671105575.1.0.1671105575.0.0.0; _ga=GA1.1.1645226433.1671105576; GetLocalTimeZone=GMT+0000 (Coordinated Universal Time)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:39 GMT
Server: Apache
Last-Modified: Fri, 22 Jul 2022 18:18:30 GMT
ETag: "39b-5e468dc7bf3c9"
Accept-Ranges: bytes
Content-Length: 923
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/png
www.evokecapital.net/wp-content/uploads/elementor/thumbs/EVOKE-background-transparent-logo-blue-pfjljk8tuqcmza4f4evtmhi0y3pfl9fflo3399ue4g.png
34.145.80.165200 OK 19 kB URL HTTP/1.1 www.evokecapital.net/wp-content/uploads/elementor/thumbs/EVOKE-background-transparent-logo-blue-pfjljk8tuqcmza4f4evtmhi0y3pfl9fflo3399ue4g.png
IP 34.145.80.165:0
File type PNG image data, 370 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash eda6e40181b94b367ec8f9de22c43bce
f1132bd4dead134980bf40b1c491b1e70d3b51c6
39a7a3b7e57bcfb7e2e4154bcb02a62054e1e3a6458a176b22ff359b52322767
GET /wp-content/uploads/elementor/thumbs/EVOKE-background-transparent-logo-blue-pfjljk8tuqcmza4f4evtmhi0y3pfl9fflo3399ue4g.png HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:39 GMT
Server: Apache
Last-Modified: Thu, 04 Nov 2021 00:29:35 GMT
ETag: "4ae3-5cfeb9ef9f9c0"
Accept-Ranges: bytes
Content-Length: 19171
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
www.evokecapital.net/wp-content/uploads/2021/09/Group-1-copy.jpg
34.145.80.165200 OK 125 kB URL HTTP/1.1 www.evokecapital.net/wp-content/uploads/2021/09/Group-1-copy.jpg
IP 34.145.80.165:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x2184, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale -32613-1280, spot sensor temperature 0.000000, unit celsius, color scheme 0, minimum point enabled, calibration: offset 0.000000, slope 43762651857577574400.000000\012- data
Size 125 kB (124679 bytes)
Hash 502b7a75865b2cdbb49c1301156ac968
8504f0707f1e1ffab217dacecad0128d45a67284
3c055a06f64846b4d657358d5d344e409c0fc8609cf507f2622965b87994470d
GET /wp-content/uploads/2021/09/Group-1-copy.jpg HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:39 GMT
Server: Apache
Last-Modified: Thu, 30 Sep 2021 04:56:03 GMT
ETag: "1e707-5cd2f437d5ec0"
Accept-Ranges: bytes
Content-Length: 124679
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/jpeg
www.evokecapital.net/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
34.145.80.165200 OK 37 kB URL HTTP/1.1 www.evokecapital.net/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP 34.145.80.165:0
File type ASCII text, with very long lines (65280)
Hash 6b4b6075963e5a03278fae162656ecca
daa7dfbae6d0b94830d15f1ff7c491c189708cdf
94616ad2154c522d846aeaccc326e852d09dbacc33b3940a610b7497b9d6adcd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Cookie: _ga_52EPG5NT4X=GS1.1.1671105575.1.0.1671105575.0.0.0; _ga=GA1.1.1645226433.1671105576; GetLocalTimeZone=GMT+0000 (Coordinated Universal Time)
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:39 GMT
Server: Apache
Last-Modified: Sat, 23 Jul 2022 23:46:46 GMT
ETag: "22e1e-5e48190466580-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 36857
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
www.evokecapital.net/wp-content/uploads/2022/06/AdobeStock_327080293-scaled.jpeg
34.145.80.165200 OK 834 kB URL HTTP/1.1 www.evokecapital.net/wp-content/uploads/2022/06/AdobeStock_327080293-scaled.jpeg
IP 34.145.80.165:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 2560x1639, components 3\012- data
Size 834 kB (833966 bytes)
Hash 050efedc88221cb6399ae2f08288e7fa
85ee5bf8df8f28c29366bd6584a2f9560f92f957
5cceff5495f9d87335ad70079fb885310527088d31113b546f8ef97adc7bfdd1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/06/AdobeStock_327080293-scaled.jpeg HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:38 GMT
Server: Apache
Last-Modified: Wed, 15 Jun 2022 21:13:42 GMT
ETag: "cb9ae-5e182fef239c3"
Accept-Ranges: bytes
Content-Length: 833966
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/jpeg
www.evokecapital.net/wp-content/uploads/2021/09/Layer-44-1.jpg
34.145.80.165200 OK 45 kB URL HTTP/1.1 www.evokecapital.net/wp-content/uploads/2021/09/Layer-44-1.jpg
IP 34.145.80.165:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1918x960, components 3\012- data
Hash 7badaa2f2eaf57af771c7074db7a3f23
d62f3b90db5adb4835f4506770564e25aa31e555
6e58b6885a8b58b318dac3d0b3acf2127d2636ea3f5d78ef8320f33431a43e91
GET /wp-content/uploads/2021/09/Layer-44-1.jpg HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:39 GMT
Server: Apache
Last-Modified: Thu, 30 Sep 2021 09:37:36 GMT
ETag: "aff5-5cd3332641800"
Accept-Ranges: bytes
Content-Length: 45045
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/jpeg
www.evokecapital.net/wp-content/uploads/2021/09/Layer-51.jpg
34.145.80.165200 OK 7.1 kB URL HTTP/1.1 www.evokecapital.net/wp-content/uploads/2021/09/Layer-51.jpg
IP 34.145.80.165:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 898x680, components 3\012- data
Hash b8cbfeb00942b4d99fa6eb1e5f035e8a
dee68379746f3167b6fe946f2bf28b959db40802
389f806f2c48b26e4d8d9464c06bf052a4a6c86e7b5153eeff88d4c3c2450044
GET /wp-content/uploads/2021/09/Layer-51.jpg HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:39 GMT
Server: Apache
Last-Modified: Thu, 30 Sep 2021 10:03:51 GMT
ETag: "1bda-5cd339044afc0"
Accept-Ranges: bytes
Content-Length: 7130
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/jpeg
www.evokecapital.net/wp-content/uploads/2021/09/Layer-44.jpg
34.145.80.165200 OK 362 kB URL HTTP/1.1 www.evokecapital.net/wp-content/uploads/2021/09/Layer-44.jpg
IP 34.145.80.165:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2495x1312, components 3\012- data
Size 362 kB (361569 bytes)
Hash 0a7454dc60eacfadd4cc43cc5d98cc18
a34dad19b7c93ff2ecc9c14f035172cc8735cacd
5b86610d2755f0e6cf42611e8fb2d2475564ac3172f45c143b0a4dcd655edd50
GET /wp-content/uploads/2021/09/Layer-44.jpg HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:39 GMT
Server: Apache
Last-Modified: Thu, 30 Sep 2021 06:31:51 GMT
ETag: "58461-5cd309a18e3c0"
Accept-Ranges: bytes
Content-Length: 361569
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/jpeg
www.evokecapital.net/wp-content/uploads/2021/09/Image01-768x665.jpg
34.145.80.165200 OK 60 kB URL HTTP/1.1 www.evokecapital.net/wp-content/uploads/2021/09/Image01-768x665.jpg
IP 34.145.80.165:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 768x665, components 3\012- data
Hash 466c14b3e5b01f9d3c17fe47d097f993
949152d18948766163b1636b4abe346dfe35d118
a6c75b7b00aa5fd0e8dbc00d1b30eff014ab841ec3426e8e424e1f5aa70fec4c
GET /wp-content/uploads/2021/09/Image01-768x665.jpg HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:39 GMT
Server: Apache
Last-Modified: Thu, 30 Sep 2021 05:17:42 GMT
ETag: "ec5e-5cd2f90ea8980"
Accept-Ranges: bytes
Content-Length: 60510
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/jpeg
www.evokecapital.net/wp-content/uploads/2021/09/image02-768x673.jpg
34.145.80.165200 OK 69 kB URL HTTP/1.1 www.evokecapital.net/wp-content/uploads/2021/09/image02-768x673.jpg
IP 34.145.80.165:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 768x673, components 3\012- data
Hash 0136df9cc0d36cd52b0f4fa08df7af6b
624e3c141524aa6a7699b8c9cdf6aed2e565aab6
67628a408cc35d0559e7bd6a5a512ab8f239520ad1be0512960c56fb02080b4a
GET /wp-content/uploads/2021/09/image02-768x673.jpg HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:39 GMT
Server: Apache
Last-Modified: Thu, 30 Sep 2021 05:17:43 GMT
ETag: "10c14-5cd2f90f9cbc0"
Accept-Ranges: bytes
Content-Length: 68628
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/jpeg
www.evokecapital.net/wp-content/uploads/2021/10/Webp.net-compress-image-9.jpg
34.145.80.165200 OK 286 kB URL HTTP/1.1 www.evokecapital.net/wp-content/uploads/2021/10/Webp.net-compress-image-9.jpg
IP 34.145.80.165:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2100x1400, components 3\012- data
Size 286 kB (286544 bytes)
Hash d98e33e7d660a5ce48e2d1913dc3c4e4
aaa143f5e4efe3467ec0d4265c6c0383a53e9a74
b6d56dba4faca57dbf63da329838d59227c675ca34b3c9921bc65fb7bb83bc79
GET /wp-content/uploads/2021/10/Webp.net-compress-image-9.jpg HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:39 GMT
Server: Apache
Last-Modified: Fri, 01 Oct 2021 11:47:36 GMT
ETag: "45f50-5cd4921260600"
Accept-Ranges: bytes
Content-Length: 286544
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/jpeg
www.evokecapital.net/wp-content/uploads/2021/10/nastuh-abootalebi-eHD8Y1Znfpk-unsplash.jpg
34.145.80.165200 OK 427 kB URL HTTP/1.1 www.evokecapital.net/wp-content/uploads/2021/10/nastuh-abootalebi-eHD8Y1Znfpk-unsplash.jpg
IP 34.145.80.165:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 2301x1536, components 3\012- data
Size 427 kB (427029 bytes)
Hash 7cf9ac6d7636cd5ff9881d8f0863f431
bf3053ebd8732f19478cfa05dc99716b0f6fd428
3dbf398ce43e556dd53d1b8c81c8535efe8f8058bc20db0a6e6e2738e50a77ec
GET /wp-content/uploads/2021/10/nastuh-abootalebi-eHD8Y1Znfpk-unsplash.jpg HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Cookie: _ga_52EPG5NT4X=GS1.1.1671105575.1.0.1671105575.0.0.0; _ga=GA1.1.1645226433.1671105576; GetLocalTimeZone=GMT+0000 (Coordinated Universal Time)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:39 GMT
Server: Apache
Last-Modified: Fri, 01 Oct 2021 11:15:53 GMT
ETag: "68415-5cd48afb88c40"
Accept-Ranges: bytes
Content-Length: 427029
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
www.evokecapital.net/wp-content/uploads/2021/12/cropped-favicon-blue-192x192.png
34.145.80.165200 OK 12 kB URL HTTP/1.1 www.evokecapital.net/wp-content/uploads/2021/12/cropped-favicon-blue-192x192.png
IP 34.145.80.165:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 93e10f0699d9e552476cb8c4be624532
c6567ba8b1841e209ada260e7795ae3865d79225
9ab6bd109b2eb0bfe3275af9aa546f8f26d06d7eb637cfd1b624d41589fc1d99
GET /wp-content/uploads/2021/12/cropped-favicon-blue-192x192.png HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Cookie: _ga_52EPG5NT4X=GS1.1.1671105575.1.0.1671105575.0.0.0; _ga=GA1.1.1645226433.1671105576; GetLocalTimeZone=GMT+0000 (Coordinated Universal Time)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:40 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 17:38:27 GMT
ETag: "2e17-5d31ea831abd3"
Accept-Ranges: bytes
Content-Length: 11799
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/png
www.evokecapital.net/wp-content/uploads/2021/12/cropped-favicon-blue-32x32.png
34.145.80.165200 OK 720 B URL HTTP/1.1 www.evokecapital.net/wp-content/uploads/2021/12/cropped-favicon-blue-32x32.png
IP 34.145.80.165:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 331c933d988d277c0c7c8e444f1eb749
6a6e83a17abb3390c6c96bb01fd25c19962ae2e6
2353b45dffa267956ba158e5e2faffcd3319b28b10ac633b43ee0e7ed1a9c113
GET /wp-content/uploads/2021/12/cropped-favicon-blue-32x32.png HTTP/1.1
Host: www.evokecapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Cookie: _ga_52EPG5NT4X=GS1.1.1671105575.1.0.1671105575.0.0.0; _ga=GA1.1.1645226433.1671105576; GetLocalTimeZone=GMT+0000 (Coordinated Universal Time)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 11:59:40 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 17:38:27 GMT
ETag: "2d0-5d31ea83228d6"
Accept-Ranges: bytes
Content-Length: 720
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57e1af37-0e83-424f-98c5-a8245b583871.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57e1af37-0e83-424f-98c5-a8245b583871.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a4e12af6d9653a205bf7314349bdea4
b39aa5fdef821f3138df8909781027cd05428dc9
6a5e05f85d0066300935c250be1b36d8efe9a3c56cc2473a58c18ae9599c509e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57e1af37-0e83-424f-98c5-a8245b583871.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9148
x-amzn-requestid: 0ea26bac-f713-41b4-b98d-d8b059a9cd1d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpcOFHvoAMF6-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef81-348c18be1382b5762c952041;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:32:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GqIOMxqzRhR3CKOHQA8j1IpyoRODba6VcLVLyaLq_Y6QhCizxPEmBQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 21:59:22 GMT
age: 50421
etag: "b39aa5fdef821f3138df8909781027cd05428dc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP 142.250.74.74:0
GET /css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.evokecapital.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 15 Dec 2022 11:59:37 GMT
date: Thu, 15 Dec 2022 11:59:37 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2