firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 804f8bbb7f556d51a5f52d5ebd5b6eef
922cd7e06df278615a04abb81d811d14596c8180
ef4804d381a34ab67873a7755621081c49c646310e085a9b2356ae07098f6021
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Backoff, Retry-After, Content-Type
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 15:14:00 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lGX7FPhs_2hcxqQo3ujQ3U2zsS235BqxDXKX49812sgu4Bzz_V-HFw==
Age: 908
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2185
Expires: Thu, 22 Sep 2022 16:05:34 GMT
Date: Thu, 22 Sep 2022 15:29:09 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 22 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -edlroWCG_W5KcoJRVitTVM35ZpuD5riVRMrUKCbQpVx-nvfRZ0MCg==
age: 39235
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 15:29:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.luzyflama.com/wp-login.php
72.249.55.80200 OK 1.8 kB URL HTTP/1.1 www.luzyflama.com/wp-login.php
IP 72.249.55.80:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 8894cb0d2169ac9d84ec16f2ab7125b4
d8818a5ff351ad99cdcf871de302d917217fa27d
1c22ede5d9c4641bfc198e1f8a6f7a98229e1388fd72476a8d063d94f19f805b
Analyzer Verdict Alert fortinet Malware
GET /wp-login.php HTTP/1.1
Host: www.luzyflama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 15:29:08 GMT
Server: Apache/2
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Frame-Options: SAMEORIGIN
Set-Cookie: wordpress_test_cookie=WP+Cookie+check; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1845
Keep-Alive: timeout=2, max=100
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 22 Sep 2022 15:03:22 GMT
Cache-Control: max-age=3600
Expires: Thu, 22 Sep 2022 15:12:16 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rymS153IALy5pFV0kSjVcKmAspiMJRcOKJMG9DVDev6rDiIt62bB3w==
Age: 1547
www.luzyflama.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
72.249.55.80200 OK 4.0 kB URL HTTP/1.1 www.luzyflama.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 72.249.55.80:0
File type ASCII text, with very long lines (9959)
Hash a6c81e2f02bd04160d2de88c4e8f3559
e3f3c91427d785820ca97dabe738f01faf041f36
b734d83af5da0eb627e04d3e62ce652b9eb7de19667a1b91da6b93f0ea5d7ffe
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: www.luzyflama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.luzyflama.com/wp-login.php
Cookie: wordpress_test_cookie=WP+Cookie+check
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 15:29:09 GMT
Server: Apache/2
Last-Modified: Fri, 10 Jul 2020 05:45:40 GMT
ETag: "2748-5aa0fd9de2900-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4014
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6463
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 15:29:09 GMT
Last-Modified: Thu, 22 Sep 2022 13:41:26 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
www.luzyflama.com/wp-content/themes/magup/scripts/jquery.innerfade.js?ver=5.4.11
72.249.55.80200 OK 964 B URL HTTP/1.1 www.luzyflama.com/wp-content/themes/magup/scripts/jquery.innerfade.js?ver=5.4.11
IP 72.249.55.80:0
Hash 35ffd918ed647218534023cdfababa3b
ca88e92b814a411e730c23cc48dd6c66166068d6
a920ba8e85f3677ffb7aac608919106b1ac18c9b550b760dcd40c561c8164f2c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/magup/scripts/jquery.innerfade.js?ver=5.4.11 HTTP/1.1
Host: www.luzyflama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.luzyflama.com/wp-login.php
Cookie: wordpress_test_cookie=WP+Cookie+check
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 15:29:09 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 10 Jul 2020 05:50:32 GMT
ETag: "e2b-5aa0feb45ba00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 964
Keep-Alive: timeout=2, max=100
Content-Type: application/javascript
www.luzyflama.com/wp-content/themes/magup/scripts/jquery.bottom-slider.js?ver=5.4.11
72.249.55.80200 OK 672 B URL HTTP/1.1 www.luzyflama.com/wp-content/themes/magup/scripts/jquery.bottom-slider.js?ver=5.4.11
IP 72.249.55.80:0
Hash f591d328302e11d2018234a566605906
9e87d04098d469ff42dbc3a6a114ccb76d691735
e60d7129049a6e963e51c57a40daeadacbc5ce45600a31f1ed3b8a8bb8b878f5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/magup/scripts/jquery.bottom-slider.js?ver=5.4.11 HTTP/1.1
Host: www.luzyflama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.luzyflama.com/wp-login.php
Cookie: wordpress_test_cookie=WP+Cookie+check
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 15:29:09 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 10 Jul 2020 05:50:32 GMT
ETag: "8c7-5aa0feb45ba00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 672
Keep-Alive: timeout=2, max=100
Content-Type: application/javascript
www.luzyflama.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
72.249.55.80200 OK 34 kB URL HTTP/1.1 www.luzyflama.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP 72.249.55.80:0
File type ASCII text, with very long lines (31997)
Hash acf54950dfb2d6981e941d733b377591
340de686aecd9e6246a32c71e7de63ed69229ceb
d97f66caea5260bc71609f0da43ac0d937ecc09253910e5dda4c9fe4dbde20fc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: www.luzyflama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.luzyflama.com/wp-login.php
Cookie: wordpress_test_cookie=WP+Cookie+check
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 15:29:09 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 10 Jul 2020 05:56:28 GMT
ETag: "17a69-5aa10007ddb00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 33776
Keep-Alive: timeout=2, max=100
Content-Type: application/javascript
www.luzyflama.com/wp-content/themes/magup/scripts/custom.js?ver=5.4.11
72.249.55.80200 OK 2.5 kB URL HTTP/1.1 www.luzyflama.com/wp-content/themes/magup/scripts/custom.js?ver=5.4.11
IP 72.249.55.80:0
Hash d02bc7f6901cf16026c8c8afe1ac5eb5
298196ed8fb5805390669dd56cdefbe13a76da1e
96bdca42445916715780684066683b128120820abe71d249736cb547a64f5f48
GET /wp-content/themes/magup/scripts/custom.js?ver=5.4.11 HTTP/1.1
Host: www.luzyflama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.luzyflama.com/wp-login.php
Cookie: wordpress_test_cookie=WP+Cookie+check
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 15:29:09 GMT
Server: Apache/2
Last-Modified: Fri, 10 Jul 2020 05:50:32 GMT
ETag: "2401-5aa0feb45ba00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2471
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.luzyflama.com/wp-includes/css/buttons.min.css?ver=5.4.11
72.249.55.80200 OK 1.5 kB URL HTTP/1.1 www.luzyflama.com/wp-includes/css/buttons.min.css?ver=5.4.11
IP 72.249.55.80:0
File type ASCII text, with very long lines (5832)
Hash ac2160d7ea5328e24868e25a5845e738
249798af33ba6f4a93a20c63e44847670d725b98
61afac6e8fc30ec0a0d186def1cbd65bf0aa138c2d0a94a676dd4a22becdb93b
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/buttons.min.css?ver=5.4.11 HTTP/1.1
Host: www.luzyflama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.luzyflama.com/wp-login.php
Cookie: wordpress_test_cookie=WP+Cookie+check
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 15:29:09 GMT
Server: Apache/2
Last-Modified: Fri, 10 Jul 2020 05:56:29 GMT
ETag: "16eb-5aa10008d1d40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1458
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/css
www.luzyflama.com/wp-admin/css/forms.min.css?ver=5.4.11
72.249.55.80200 OK 6.0 kB URL HTTP/1.1 www.luzyflama.com/wp-admin/css/forms.min.css?ver=5.4.11
IP 72.249.55.80:0
File type ASCII text, with very long lines (24420)
Hash 376c3367cc0f15e3a77c09b405d0e6e6
ed863c5733bb5ee0a805998742a30889d587a54a
84eb35b874f525f430c04858a1df617fd2c83017f0c228e3ba5c4e3b817c7b2b
GET /wp-admin/css/forms.min.css?ver=5.4.11 HTTP/1.1
Host: www.luzyflama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.luzyflama.com/wp-login.php
Cookie: wordpress_test_cookie=WP+Cookie+check
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 15:29:09 GMT
Server: Apache/2
Last-Modified: Thu, 15 Apr 2021 19:33:23 GMT
ETag: "5f87-5c007efbd06c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6008
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/css
www.luzyflama.com/wp-includes/css/dashicons.min.css?ver=5.4.11
72.249.55.80200 OK 28 kB URL HTTP/1.1 www.luzyflama.com/wp-includes/css/dashicons.min.css?ver=5.4.11
IP 72.249.55.80:0
File type ASCII text, with very long lines (47529)
Hash a90a88620f0674bd9f3513bc08163837
51fbb6809692541a3b2022048f0f509ff26d1b6b
87389a63f1fa87832527f41bc873850d689b9c1da632b18315483100f654ed68
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dashicons.min.css?ver=5.4.11 HTTP/1.1
Host: www.luzyflama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.luzyflama.com/wp-login.php
Cookie: wordpress_test_cookie=WP+Cookie+check
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 15:29:09 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 15 Apr 2021 19:33:23 GMT
ETag: "b9cc-5c007efbd06c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 28487
Keep-Alive: timeout=2, max=100
Content-Type: text/css
www.luzyflama.com/wp-admin/css/login.min.css?ver=5.4.11
72.249.55.80200 OK 1.9 kB URL HTTP/1.1 www.luzyflama.com/wp-admin/css/login.min.css?ver=5.4.11
IP 72.249.55.80:0
File type ASCII text, with very long lines (5277)
Hash 61cdc98646da27d6da132810735bc9ab
3af94383f5eb69491c5478d6c03faafe162b934b
53631d406375fca29c2cc17fe0dcd2ab2ee50798d3b87faacfa19b1e132226c9
GET /wp-admin/css/login.min.css?ver=5.4.11 HTTP/1.1
Host: www.luzyflama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.luzyflama.com/wp-login.php
Cookie: wordpress_test_cookie=WP+Cookie+check
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 15:29:09 GMT
Server: Apache/2
Last-Modified: Fri, 10 Jul 2020 05:56:29 GMT
ETag: "14c0-5aa10008d1d40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1898
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: text/css
www.luzyflama.com/wp-admin/css/l10n.min.css?ver=5.4.11
72.249.55.80200 OK 686 B URL HTTP/1.1 www.luzyflama.com/wp-admin/css/l10n.min.css?ver=5.4.11
IP 72.249.55.80:0
File type ASCII text, with very long lines (2442)
Hash 7ac6c77db433ffc31de8d63fba49761c
748f01ee0a540174a2927d6a7f4cff3aeaea43a3
de881f840898837d4cf98fd781a48b96f6b0e87080d5e8c3a3dcaf1f5181d995
Analyzer Verdict Alert fortinet Malware
GET /wp-admin/css/l10n.min.css?ver=5.4.11 HTTP/1.1
Host: www.luzyflama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.luzyflama.com/wp-login.php
Cookie: wordpress_test_cookie=WP+Cookie+check
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 15:29:09 GMT
Server: Apache/2
Last-Modified: Fri, 10 Jul 2020 05:56:29 GMT
ETag: "9ad-5aa10008d1d40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 686
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/css
push.services.mozilla.com/
52.89.17.198101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.17.198:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JWe0JcX1qBTBdR60eboNUA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kDXfMfG+tgAtrOJuUhAnAn2iT04=
www.luzyflama.com/wp-includes/js/zxcvbn-async.min.js?ver=1.0
72.249.55.80200 OK 256 B URL HTTP/1.1 www.luzyflama.com/wp-includes/js/zxcvbn-async.min.js?ver=1.0
IP 72.249.55.80:0
File type ASCII text, with very long lines (316)
Hash 0f489595323807d5ba17b35e2a404142
5a4f9c8416f5989fb9394ee59d818a8f3d20bdfe
50581316aa4c1054f4e404bb8c19b99cc8c040af3d0e6f82a313445edf188e01
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/zxcvbn-async.min.js?ver=1.0 HTTP/1.1
Host: www.luzyflama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.luzyflama.com/wp-login.php
Connection: keep-alive
Cookie: wordpress_test_cookie=WP+Cookie+check
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 15:29:10 GMT
Server: Apache/2
Last-Modified: Thu, 15 Apr 2021 19:33:23 GMT
ETag: "15f-5c007efbd06c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 256
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.luzyflama.com/wp-admin/js/password-strength-meter.min.js?ver=5.4.11
72.249.55.80200 OK 478 B URL HTTP/1.1 www.luzyflama.com/wp-admin/js/password-strength-meter.min.js?ver=5.4.11
IP 72.249.55.80:0
File type ASCII text, with very long lines (731)
Hash 4f577575b2d38b04f29bb308208003f6
ba965277c2c33b9c30f1e3268ce6a6b6b69a655e
0479f3f8f7349534f7fa52f42692601257fffb7f889cb573f67e63fe67d4434c
Analyzer Verdict Alert fortinet Malware
GET /wp-admin/js/password-strength-meter.min.js?ver=5.4.11 HTTP/1.1
Host: www.luzyflama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.luzyflama.com/wp-login.php
Connection: keep-alive
Cookie: wordpress_test_cookie=WP+Cookie+check
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 15:29:10 GMT
Server: Apache/2
Last-Modified: Fri, 10 Jul 2020 05:56:29 GMT
ETag: "2fe-5aa10008d1d40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 478
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.luzyflama.com/wp-includes/js/underscore.min.js?ver=1.8.3
72.249.55.80200 OK 5.7 kB URL HTTP/1.1 www.luzyflama.com/wp-includes/js/underscore.min.js?ver=1.8.3
IP 72.249.55.80:0
File type ASCII text, with very long lines (16010)
Hash 5c9683ce4b5ae14e78aef6e91a2f772d
e8bb47e8c3fd3987413dd1ab355005ac04e69795
408cb00c398acae2090af546d72302f728ab7391436c08e69340e211370a7d07
GET /wp-includes/js/underscore.min.js?ver=1.8.3 HTTP/1.1
Host: www.luzyflama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.luzyflama.com/wp-login.php
Connection: keep-alive
Cookie: wordpress_test_cookie=WP+Cookie+check
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 15:29:10 GMT
Server: Apache/2
Last-Modified: Thu, 15 Apr 2021 19:33:23 GMT
ETag: "3ead-5c007efbd06c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5663
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.luzyflama.com/wp-includes/js/wp-util.min.js?ver=5.4.11
72.249.55.80200 OK 589 B URL HTTP/1.1 www.luzyflama.com/wp-includes/js/wp-util.min.js?ver=5.4.11
IP 72.249.55.80:0
File type ASCII text, with very long lines (1042)
Hash 6cf861f0004fb0eec67ecf29af799c7d
67349791569360d3b957db5442620756cc4ae4b3
5131bec1dbf9e65e1da378e6414adc86d792f725acdcc3922ee3207876f5dd7c
GET /wp-includes/js/wp-util.min.js?ver=5.4.11 HTTP/1.1
Host: www.luzyflama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.luzyflama.com/wp-login.php
Connection: keep-alive
Cookie: wordpress_test_cookie=WP+Cookie+check
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 15:29:10 GMT
Server: Apache/2
Last-Modified: Thu, 15 Apr 2021 19:33:23 GMT
ETag: "435-5c007efbd06c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 589
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.luzyflama.com/wp-admin/js/user-profile.min.js?ver=5.4.11
72.249.55.80200 OK 2.1 kB URL HTTP/1.1 www.luzyflama.com/wp-admin/js/user-profile.min.js?ver=5.4.11
IP 72.249.55.80:0
File type ASCII text, with very long lines (5541)
Hash be8a7afb1b650afb5a58be423eb53ded
0eb9e38204df361bc6b5b2195b2cae28a03ea919
01d8dbf4daff6ab8c3c876b1f8182f20e413c6c14116570f52492699fefdebae
Analyzer Verdict Alert fortinet Malware
GET /wp-admin/js/user-profile.min.js?ver=5.4.11 HTTP/1.1
Host: www.luzyflama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.luzyflama.com/wp-login.php
Connection: keep-alive
Cookie: wordpress_test_cookie=WP+Cookie+check
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 15:29:10 GMT
Server: Apache/2
Last-Modified: Thu, 15 Apr 2021 19:33:23 GMT
ETag: "15c8-5c007efbd06c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2102
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.luzyflama.com/wp-content/themes/magup/scripts/jquery.prettyPhoto.js?ver=5.4.11
72.249.55.80200 OK 5.5 kB URL HTTP/1.1 www.luzyflama.com/wp-content/themes/magup/scripts/jquery.prettyPhoto.js?ver=5.4.11
IP 72.249.55.80:0
File type HTML document, ASCII text, with very long lines (4808)
Hash 4eb11ff608519e6a173ea4c003777dd1
1e0fea360f730b5e706eae5f5e683919ee2215f8
5c9c2e115fe8e823adece36e0ced42e50353cc813e0471afe65d7a6ec6068c12
GET /wp-content/themes/magup/scripts/jquery.prettyPhoto.js?ver=5.4.11 HTTP/1.1
Host: www.luzyflama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.luzyflama.com/wp-login.php
Cookie: wordpress_test_cookie=WP+Cookie+check
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 15:29:10 GMT
Server: Apache/2
Last-Modified: Fri, 10 Jul 2020 05:50:32 GMT
ETag: "5532-5aa0feb45ba00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5466
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.luzyflama.com/wp-content/themes/magup/scripts/jquery.li-scroller.1.0.js?ver=5.4.11
72.249.55.80404 Not Found 7.2 kB URL HTTP/1.1 www.luzyflama.com/wp-content/themes/magup/scripts/jquery.li-scroller.1.0.js?ver=5.4.11
IP 72.249.55.80:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1902), with CRLF, LF line terminators
Hash bf13495c10ca67ec2bac0cc389a854aa
79de569f1f688bdcd18d14dd76efe579dbd918e6
a03fe746331d8f2d914da768fa32423e35aaae37739ef7fb0957f1c34f2fbbd6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/magup/scripts/jquery.li-scroller.1.0.js?ver=5.4.11 HTTP/1.1
Host: www.luzyflama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.luzyflama.com/wp-login.php
Cookie: wordpress_test_cookie=WP+Cookie+check
HTTP/1.1 404 Not Found
Date: Thu, 22 Sep 2022 15:29:09 GMT
Server: Apache/2
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://www.luzyflama.com/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7152
Keep-Alive: timeout=2, max=100
Content-Type: text/html; charset=UTF-8
www.luzyflama.com/wp-admin/images/wordpress-logo.svg?ver=20131107
72.249.55.80200 OK 818 B URL HTTP/1.1 www.luzyflama.com/wp-admin/images/wordpress-logo.svg?ver=20131107
IP 72.249.55.80:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1521), with no line terminators
Hash 3d767b484b976b6aca8198d1f3ee68e0
15fafbffa6b035452c9711df3f42ec7740e4f745
241122651f87eeca94170b265d436c3d2943a34781cef8f3b108fbbd94de9e9d
Analyzer Verdict Alert fortinet Malware
GET /wp-admin/images/wordpress-logo.svg?ver=20131107 HTTP/1.1
Host: www.luzyflama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.luzyflama.com/wp-admin/css/login.min.css?ver=5.4.11
Cookie: wordpress_test_cookie=WP+Cookie+check
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 15:29:10 GMT
Server: Apache/2
Last-Modified: Fri, 10 Jul 2020 05:44:04 GMT
ETag: "5f1-5aa0fd4255100-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 818
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml
www.luzyflama.com/wp-includes/js/zxcvbn.min.js
72.249.55.80200 OK 400 kB URL HTTP/1.1 www.luzyflama.com/wp-includes/js/zxcvbn.min.js
IP 72.249.55.80:0
File type ASCII text, with very long lines (53869)
Size 400 kB (399661 bytes)
Hash 179a51fde63fb20d3ed5fc0e705a350a
2e221775a4f3be78509899a337f065335f24604a
86af9905d0ae6f2b77be040ac812e7c912ab918e2023242c12ffa7910b7ba538
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/zxcvbn.min.js HTTP/1.1
Host: www.luzyflama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.luzyflama.com/wp-login.php
Connection: keep-alive
Cookie: wordpress_test_cookie=WP+Cookie+check
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 15:29:10 GMT
Server: Apache/2
Last-Modified: Fri, 10 Jul 2020 05:56:28 GMT
ETag: "c8bdd-5aa10007ddb00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4793
Expires: Thu, 22 Sep 2022 16:49:04 GMT
Date: Thu, 22 Sep 2022 15:29:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4793
Expires: Thu, 22 Sep 2022 16:49:04 GMT
Date: Thu, 22 Sep 2022 15:29:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4793
Expires: Thu, 22 Sep 2022 16:49:04 GMT
Date: Thu, 22 Sep 2022 15:29:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4793
Expires: Thu, 22 Sep 2022 16:49:04 GMT
Date: Thu, 22 Sep 2022 15:29:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4793
Expires: Thu, 22 Sep 2022 16:49:04 GMT
Date: Thu, 22 Sep 2022 15:29:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2922a3a3-ae10-495b-ac9a-220b799dc3d4.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2922a3a3-ae10-495b-ac9a-220b799dc3d4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 29912dedc89a817a56f47d9e4efa9e76
a092fbc76b84bda659d7ae0b0d9aedd476927f9b
090f90c3bdffdd666ff1dca07aadb1147b315d6e37e4d6ac1b320730b772657f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2922a3a3-ae10-495b-ac9a-220b799dc3d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7920
x-amzn-requestid: 9532b1cd-deb5-4886-b57c-acd7bbd83dc9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrODcHgCoAMFtiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6327907c-763d15bb1bc85124029187f9;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:41:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: czfTVKVsVVojtjK5CHmoRkgcJyZ_3l-AomR74mkuLL6LDsy5wabHFw==
via: 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 14:36:12 GMT
age: 3179
etag: "a092fbc76b84bda659d7ae0b0d9aedd476927f9b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25c92e76-c63f-4c49-a4f1-56d030e97e10.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25c92e76-c63f-4c49-a4f1-56d030e97e10.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 37687ec8382ef481897d1e65bf14010a
6ce495268093b256875ec1c4d6a05fc1f3d25446
24cc6f8715bb5b0b8a27a3f40831f9fed6cc4c5a882622633e1865dca6e50531
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25c92e76-c63f-4c49-a4f1-56d030e97e10.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3372
x-amzn-requestid: 10d24c22-0b3d-402b-9a10-6cbfc9a699a3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YzG5QHJRoAMFaPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ab83b-37ba740c7eba56b30e2ea528;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 07:07:39 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: HGsqwxMmVX7VxodarcMjEsguuw20r6NIWS76MCixRztKziDsR8rVCA==
via: 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 02:13:50 GMT
age: 47721
etag: "6ce495268093b256875ec1c4d6a05fc1f3d25446"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5453bf0-e297-4ace-a174-b28be2bb7e8d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5453bf0-e297-4ace-a174-b28be2bb7e8d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 298be26294efc965abc5707a84df8a0a
5ee6c32afd92810ae61a791c059928e33148bb0c
d9b5fe88c8e03f6a6a64e360015080bca00f7fb147515a137447832bacc2e6e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5453bf0-e297-4ace-a174-b28be2bb7e8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11645
x-amzn-requestid: 0ae5c056-6d78-4c37-8e18-b9abfe1e1f47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YzG34FKIIAMF6Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ab832-59fbd91527ea400d333ddc41;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 07:07:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Q7rg9YqHScSwWXfS96bSI5Mb0mSYQ-jbShb7wddPcG51nhn0_8DIJA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 07:14:13 GMT
age: 29698
etag: "5ee6c32afd92810ae61a791c059928e33148bb0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91c56f0b9810bfdd84e10a626b89e389
15d83e44d568938b6c9c87201e898cedb3edec0a
942de9764e1c408f7512759774aab0479db201e6fae15ccc39e653adae4cb86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8678
x-amzn-requestid: c671a9ab-c5d0-4743-b13e-cc9a47e3d2fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vEThIAMFSwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-17ed13811d3833ea00a34423;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hp-WIGb9M8tEmNGOVjx6UQKx9E4-1oJmka0a6seG7inahqYByPmRAg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:22 GMT
age: 64489
etag: "15d83e44d568938b6c9c87201e898cedb3edec0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5edcd9aee78a6cacc9241b47cbce598
f95b843029e84dbb188427a8c2ff8c9f32740465
6a56c3d0eb1d641e565d3d7d31b42be03bdad30beb20b994ffc9a6f2aaceee1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5650
x-amzn-requestid: 41ceb886-c038-4ba0-9e3a-a27879cf48ce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwjFVjoAMFWNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84d0-3f4f6a367c893c7a0669dffe;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: d8Kelwi2OY0jt17q80szh8-ErN3ZQM1hhl3HZeNQvlKijygQIJtNww==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:16:00 GMT
etag: "f95b843029e84dbb188427a8c2ff8c9f32740465"
content-type: image/jpeg
age: 61991
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af5773255351157d72c28a670a355c60
c803e5866edbe6c9baec14e93677f610bdf09bff
3229b4aa1c698647ad96d114174782549ad240f1b2c4ba8c268165a16afc84f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10754
x-amzn-requestid: 2d03531d-6055-477f-9cb6-9ea9fa27eeb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vHJ4IAMF42Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-692620e80d5b2efe1d0e3a82;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -3bQG5Av1EDxj7_3i8MktwjlPSEU8WDdxt5M6TsrWaodLWgSf3vdEA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:22 GMT
age: 64489
etag: "c803e5866edbe6c9baec14e93677f610bdf09bff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.luzyflama.com/favicon.ico
72.249.55.80302 Found 0 B URL HTTP/1.1 www.luzyflama.com/favicon.ico
IP 72.249.55.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.luzyflama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.luzyflama.com/wp-login.php
Connection: keep-alive
Cookie: wordpress_test_cookie=WP+Cookie+check
HTTP/1.1 302 Found
Date: Thu, 22 Sep 2022 15:29:10 GMT
Server: Apache/2
Link: <http://www.luzyflama.com/wp-json/>; rel="https://api.w.org/"
X-Redirect-By: WordPress
Location: http://www.luzyflama.com/wp-includes/images/w-logo-blue-white-bg.png
Vary: User-Agent
Content-Length: 0
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.luzyflama.com/wp-includes/images/w-logo-blue-white-bg.png
72.249.55.80200 OK 4.1 kB URL HTTP/1.1 www.luzyflama.com/wp-includes/images/w-logo-blue-white-bg.png
IP 72.249.55.80:0
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: www.luzyflama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.luzyflama.com/wp-login.php
Connection: keep-alive
Cookie: wordpress_test_cookie=WP+Cookie+check
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 15:29:11 GMT
Server: Apache/2
Last-Modified: Fri, 10 Jul 2020 05:56:28 GMT
ETag: "1017-5aa10007ddb00"
Accept-Ranges: bytes
Content-Length: 4119
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: image/png