r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d27590a1d3cbe1e9632b8ae92aaae3f4
202b34e8a0c3b88c8826fd56c6227b34f2cd6f46
6bcfa518476658128c1fb4ea2435c4e58531454cf97138dce7ece9def589aead
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BCFA518476658128C1FB4EA2435C4E58531454CF97138DCE7ECE9DEF589AEAD"
Last-Modified: Wed, 16 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2437
Expires: Fri, 18 Nov 2022 00:06:14 GMT
Date: Thu, 17 Nov 2022 23:25:37 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash be1be806b5dca7facbb45a6c3db44652
7ae9380a2f3eca959fe6ff6b3832a17cffd12cf4
1f3338058f8e9cae5c9fdd733c74564312726b01c6efdcd628d851d0c99876b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6184
Cache-Control: max-age=132530
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:25:37 GMT
Etag: "63760d7b-1d7"
Expires: Sat, 19 Nov 2022 12:14:27 GMT
Last-Modified: Thu, 17 Nov 2022 10:31:23 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3a38b6dd8a4cc335c026aebf2ed348b6
8a386e0ccb0ca4dc502746c45b2ebc3aa3f83cf8
8b4040a645cec1841a00a22765eb3a74978559daf15c54bd4b41b6b48aab7f95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B4040A645CEC1841A00A22765EB3A74978559DAF15C54BD4B41B6B48AAB7F95"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3954
Expires: Fri, 18 Nov 2022 00:31:31 GMT
Date: Thu, 17 Nov 2022 23:25:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 17 Nov 2022 22:44:57 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2440
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: gnAKPSp3kJoo/KNXVn6GLJvJobqzT4oKM6KoRcDipEA6AKISRiijjXwCOWNJcV6zaaMCmv4oCqE=
x-amz-request-id: QEPBHGRWBZ5EVYN0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 17 Nov 2022 23:15:20 GMT
age: 617
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 17 Nov 2022 23:25:37 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 17 Nov 2022 23:25:01 GMT
cache-control: public,max-age=3600
age: 36
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
162.0.209.21301 Moved Permanently 0 B URL HTTP/1.1 www.anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
IP 162.0.209.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4 HTTP/1.1
Host: www.anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
x-litespeed-cache: miss
content-length: 0
date: Thu, 17 Nov 2022 23:25:37 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c10055ce87434f700ff8b20e3be1f919
477b3c9f1da0c464282bb54572737e76b6e346da
4d78eb296876122e5ff40fcd7667adf1bf8a4b1ee4c8203c88a63ce8d7910a57
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1849
Cache-Control: max-age=123127
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:25:37 GMT
Etag: "6375f9af-1d7"
Expires: Sat, 19 Nov 2022 09:37:44 GMT
Last-Modified: Thu, 17 Nov 2022 09:06:55 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.237.51.86101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.51.86:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vltmQonf57HpGuQybvBUzQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TOxu5vdt+hXUD9L3hl7PfCru3Mc=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6702
Expires: Fri, 18 Nov 2022 01:17:20 GMT
Date: Thu, 17 Nov 2022 23:25:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6702
Expires: Fri, 18 Nov 2022 01:17:20 GMT
Date: Thu, 17 Nov 2022 23:25:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6702
Expires: Fri, 18 Nov 2022 01:17:20 GMT
Date: Thu, 17 Nov 2022 23:25:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6702
Expires: Fri, 18 Nov 2022 01:17:20 GMT
Date: Thu, 17 Nov 2022 23:25:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6702
Expires: Fri, 18 Nov 2022 01:17:20 GMT
Date: Thu, 17 Nov 2022 23:25:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ba71d8-c0f3-4d43-a49a-3576bdcfb322.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ba71d8-c0f3-4d43-a49a-3576bdcfb322.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 292dc2edef978e128f70b96ee4b2b3e2
1530f860e2b54b7b382f59654db63eaed59c5f95
f74b08f1bdd35ea7ebb6e2887fc6c02abc76f9e276cd30d1d7d6475e667b5624
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ba71d8-c0f3-4d43-a49a-3576bdcfb322.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4310
x-amzn-requestid: 6452483a-f96e-4f27-a18e-55e9206e7be6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-78FiToAMFQag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7f-4e366d3612f39c5c421e864e;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0biXrpW2TGcLKgAOqLdsgFkZ5lKewM0VFGeNTTrmHX7QEcuNzuwnvQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:14:32 GMT
age: 4266
etag: "1530f860e2b54b7b382f59654db63eaed59c5f95"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 032386e5c9dffff1ba1ee5e8a322d438
dd4fd6c803a9b333bace9a541c6bd183d0c56bb9
0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: ae092a0a-1709-4497-9f07-0348a28d2491
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqZOIEN7oAMFlaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637408c0-5ac595df302a8f1d3703ad8d;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:46:40 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: c_SJMaV3uYSUysTSOFV--jQqDUxw-fBp8cXWWUZw9vUjt0d6PsOpxA==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 02:49:36 GMT
age: 74162
etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84053cb2-edec-465e-8700-6af61bae8236.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84053cb2-edec-465e-8700-6af61bae8236.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 676b1603008690786aa36dc3113b7581
cbdc425467a5d41aba5e8e5c54354b4f03cd194a
7e5e7bf695ff31df6c97e502a44f4fa9197c6579b0c7a7c590457ea067d1cf1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84053cb2-edec-465e-8700-6af61bae8236.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8155
x-amzn-requestid: 5650af50-eb93-47d9-8322-8a2e263e12ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-7vFU5IAMFYGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7e-759bbd5b5a22e07c1c181c0a;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VikBDm5_Bqbs0gLFkhbT6H3i6t57bnC0Xq-gkiJBILQ8Ynw_7RqWNA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:55:43 GMT
etag: "cbdc425467a5d41aba5e8e5c54354b4f03cd194a"
content-type: image/jpeg
age: 5395
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F484ffe7b-1073-4220-bf53-ccbfc7e9654e.webp
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F484ffe7b-1073-4220-bf53-ccbfc7e9654e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14649d486602810c1b218b96b27b2cc4
96c6cbfe31e7247c64dfa8c3759967627f8c6286
80f5d7573fd2bf4e6a6038ebf1335d159ad37c391ee539918455963d6ee88654
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F484ffe7b-1073-4220-bf53-ccbfc7e9654e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8884
x-amzn-requestid: 3739b8f5-bb0c-4798-a931-e955dd6df81d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-MiGFxoAMFlxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa50-74c24a2f737634b655a5b47c;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:32 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: d_bLYyZzi1phYwQ2e5uvUmzO0GuvNu9Ubi2PQ0ChilQJegKr3uUiRw==
via: 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:55:53 GMT
etag: "96c6cbfe31e7247c64dfa8c3759967627f8c6286"
content-type: image/jpeg
age: 5385
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9672fb80-baaa-4ab8-b080-dc8c1ce94400.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9672fb80-baaa-4ab8-b080-dc8c1ce94400.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05289172c1455c4134e496c6f4606efd
ce1bb33256b0754f9acc01e7e9f3e5dc85f89244
a8b4411a0310cc376efe2aec7c0830b8d3b63b8827631b0ff43ec092f1f80f82
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9672fb80-baaa-4ab8-b080-dc8c1ce94400.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12065
x-amzn-requestid: 45c97153-71c7-4985-a1ad-fc21a509d153
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-K5FyVIAMFtDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa45-0f9d22dd544a4580570f3089;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dxT2WJB7m5tUhgBn2PwTIN4Zskzm3X7CW-29hl1nCyNPbKt5j6q5iA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:55:27 GMT
age: 5411
etag: "ce1bb33256b0754f9acc01e7e9f3e5dc85f89244"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b2b393e36ee2c9649d90db136aa49542
e88c5832ff0c49bab181d948c3a510d88343bb6f
8b524701df43bff56ac52a021ff0fbd964e06f00e84b4861aa557ec6ae6b4ffd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7631
x-amzn-requestid: b47e545d-1fb6-4a62-ab45-28cdb9d3f0b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-vQE0XoAMFS3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab2e-56365eed3d4c082c53b172b3;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qpoQa1Lhe-h27dGooXDCtujesSTg7Tb0Ov-PNLnUP0288ZofwHxkhQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:52:40 GMT
age: 5578
etag: "e88c5832ff0c49bab181d948c3a510d88343bb6f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
162.0.209.21404 Not Found 16 kB URL HTTP/1.1 anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
IP 162.0.209.21:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12043), with CRLF, LF line terminators
Hash dbc17b6d4fb11f952e4ecbbb5ebff55a
9da8f5161acf4505dab8b01d489f67425711e82d
7ab5257703a672c11538f1aae5b4850d4374a264367a91c06c311b9ddd92e2e1
GET /ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
keep-alive: timeout=5, max=100
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://anovl.xyz/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: f82_HTTP.404,f82_404,f82_URL.87d9f441f8ed0d811b10c224b259bf06,f82_
x-litespeed-cache: miss
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Thu, 17 Nov 2022 23:25:38 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9e20a99f56d244cd43bd10781eb8e1d8
000f6ecfc6a9412d2e062028ee553801f573fd92
17cae43cd454fc69beff944925994d2810f859261cd40bfa58d573163a40b23c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:25:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d6ec8dee2a1996c177b49398a45a4267
24de47e193eeba292a97cec6bca644c8188083b5
d371e3106f15dc34c50c96383c339653902a797faeeb4685c51eaaa506d59003
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:25:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-242160399-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-242160399-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 9bc410ec2d204488c2b68aedadcc933f
1d0df981215d9f5eb4d6f1ec9d7947c76199e01e
a19b755d88af00601ccc40d7c958fd9f9d4de33a4dc0de16e8fbc5203a3982a5
GET /gtag/js?id=UA-242160399-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://anovl.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 17 Nov 2022 23:25:38 GMT
expires: Thu, 17 Nov 2022 23:25:38 GMT
cache-control: private, max-age=900
last-modified: Thu, 17 Nov 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43680
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
anovl.xyz/wp-content/themes/phox/assets/css/all.min.css?ver=2.1.8
162.0.209.21200 OK 15 kB URL HTTP/1.1 anovl.xyz/wp-content/themes/phox/assets/css/all.min.css?ver=2.1.8
IP 162.0.209.21:0
File type ASCII text, with very long lines (59158)
Hash eb86b5c74cfcf1df30c3e1c931bc2280
f8b2bde1c0aa3e2e53ea14515911d0bf138373d4
0e5d3ab5773c4b5220b450d2b6d5400f352785cb0651c0bc8272a646dd072cd6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/phox/assets/css/all.min.css?ver=2.1.8 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:39 GMT
content-type: text/css
last-modified: Wed, 21 Sep 2022 19:30:27 GMT
etag: "e7d0-632b6653-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 14767
date: Thu, 17 Nov 2022 23:25:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/themes/phox/assets/css/pages/dist/error.css?ver=2.1.8
162.0.209.21200 OK 427 B URL HTTP/1.1 anovl.xyz/wp-content/themes/phox/assets/css/pages/dist/error.css?ver=2.1.8
IP 162.0.209.21:0
File type ASCII text, with very long lines (1019), with no line terminators
Hash 5764f33bdfd633c37f646cd6188bc866
d90d846cce0994e4931dd65528bc11d28c1c9a08
c6e24617e7ee16ffa4d6770f23c652f6d4f4340fcbcdb16173bec3d0665bd86f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/phox/assets/css/pages/dist/error.css?ver=2.1.8 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:39 GMT
content-type: text/css
last-modified: Wed, 21 Sep 2022 19:30:27 GMT
etag: "3fb-632b6653-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 427
date: Thu, 17 Nov 2022 23:25:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/themes/phox/assets/css/responsive.css?ver=2.1.8
162.0.209.21200 OK 5.1 kB URL HTTP/1.1 anovl.xyz/wp-content/themes/phox/assets/css/responsive.css?ver=2.1.8
IP 162.0.209.21:0
Hash 1b2c18ef153d1e098b9eb36a967f8c5b
957082e6497f051d0154315d26df85ad585c14bc
3af0c36d93e46a0a3c4360059970dcd519b944ba53a141c5b4d543411be91624
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/phox/assets/css/responsive.css?ver=2.1.8 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:39 GMT
content-type: text/css
last-modified: Wed, 21 Sep 2022 19:30:27 GMT
etag: "4f69-632b6653-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 5106
date: Thu, 17 Nov 2022 23:25:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/plugins/phox-host//assets/css/wp-widgets.css?ver=6.1.1
162.0.209.21200 OK 936 B URL HTTP/1.1 anovl.xyz/wp-content/plugins/phox-host//assets/css/wp-widgets.css?ver=6.1.1
IP 162.0.209.21:0
Hash 2dac94a72260dd24d9432014ceb50e98
27407b1b721e427380541ddc6264c71eb468f81c
04bc9624adbf91f77ced4b8066514c51cd10a5f9f837f52ceedac50d733d0484
GET /wp-content/plugins/phox-host//assets/css/wp-widgets.css?ver=6.1.1 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:39 GMT
content-type: text/css
last-modified: Wed, 21 Sep 2022 19:32:00 GMT
etag: "c43-632b66b0-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 936
date: Thu, 17 Nov 2022 23:25:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
162.0.209.21200 OK 4.6 kB URL HTTP/1.1 anovl.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 162.0.209.21:0
File type ASCII text, with very long lines (11126)
Hash a5ffc5f13084a2c13c864ba30fea34aa
0ddd15b8c844e0a39734a45668f772907913901a
18846359c368facb0a297df866b58c9d9c1ac2cb6c4bb1222e8b9b195b2c201e
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:39 GMT
content-type: application/x-javascript
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
etag: "2bd8-5fb577a6-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4564
date: Thu, 17 Nov 2022 23:25:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/themes/phox/assets/css/style.css?ver=2.1.8
162.0.209.21200 OK 24 kB URL HTTP/1.1 anovl.xyz/wp-content/themes/phox/assets/css/style.css?ver=2.1.8
IP 162.0.209.21:0
Hash 17de6a6a53083149b29dc356a16fe098
d2587142cac27970050694e49ea0d4f0492e3b79
0d140989a9214dd877a4a427db2b0120e53e5077224d408febd8f7b596f3fcaf
GET /wp-content/themes/phox/assets/css/style.css?ver=2.1.8 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:39 GMT
content-type: text/css
last-modified: Wed, 21 Sep 2022 19:30:27 GMT
etag: "1ae88-632b6653-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 23559
date: Thu, 17 Nov 2022 23:25:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash feaeba711c7421b074e726f89ff34e0b
c590c0b76a7a78ab51a4dabcd8f20a1b172b02fb
ebe6e312ea7116713547fbd756805843b1c242ad22269158a79305f1819fa990
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:25:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
anovl.xyz/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
162.0.209.21200 OK 1.3 kB URL HTTP/1.1 anovl.xyz/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
IP 162.0.209.21:0
File type ASCII text, with very long lines (11736)
Hash 41e4d3462ad7e9931807c4fadc3e4d58
ac395bbba03e96d3b0bb1f897eb6cdd16d343b4a
8818c7f240cb77206c451e5022320a0bd1dffd765da1e62e65dad5b3a7442dc2
GET /wp-content/plugins/elementor/assets/css/widget-icon-list.min.css HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:39 GMT
content-type: text/css
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
etag: "2dff-63713ea6-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1315
date: Thu, 17 Nov 2022 23:25:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
142.250.74.10200 OK 2.6 kB URL HTTP/2 fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP 142.250.74.10:0
Hash 87d437f3af72934880451294990d78e9
aee65067c352720f986f65cc0855752e6389b585
a39970cfd315d79e69cce7667f06f1b63dfe723b6d2353cf2b208e5629d325a2
GET /css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://anovl.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 17 Nov 2022 23:25:38 GMT
date: Thu, 17 Nov 2022 23:25:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
anovl.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
162.0.209.21200 OK 5.8 kB URL HTTP/1.1 anovl.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 162.0.209.21:0
File type ASCII text, with very long lines (15660)
Hash 8d1ea9267894d63ba4c9ba45b845bf75
d42e28a1369c0c3e3d4eff65f21b8c72960cee0a
3be43ab5ea0a6131c8bc5b7a4207eff0516ac5c37fabddd5d879784bcbb299ba
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:39 GMT
content-type: application/x-javascript
last-modified: Tue, 12 Apr 2022 15:26:24 GMT
etag: "48b9-62559a20-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 5806
date: Thu, 17 Nov 2022 23:25:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-includes/css/classic-themes.min.css?ver=1
162.0.209.21200 OK 217 B URL HTTP/1.1 anovl.xyz/wp-includes/css/classic-themes.min.css?ver=1
IP 162.0.209.21:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:39 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 06:44:03 GMT
etag: "d9-636211b3-0;;;"
accept-ranges: bytes
content-length: 217
date: Thu, 17 Nov 2022 23:25:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
162.0.209.21200 OK 1.0 kB URL HTTP/1.1 anovl.xyz/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP 162.0.209.21:0
Hash 2878b78cee4f1d95757df322afd6c523
affc237aefe4a37614fc20e35bd2c3cdba9a44f7
29a929599c21ebff1c78bf6161c341a6705abbcf41f576dfc1ff220a26c355a9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:39 GMT
content-type: text/css
last-modified: Mon, 11 Oct 2021 13:40:30 GMT
etag: "aab-61643ece-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1048
date: Thu, 17 Nov 2022 23:25:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/themes/phox/assets/css/pages/dist/cf7.css?ver=2.1.8
162.0.209.21200 OK 908 B URL HTTP/1.1 anovl.xyz/wp-content/themes/phox/assets/css/pages/dist/cf7.css?ver=2.1.8
IP 162.0.209.21:0
File type ASCII text, with very long lines (3437), with no line terminators
Hash eaea24d9364ac959166871950900cb96
0fb205dc49d62d284a8d967932cd6b31a0e935e2
483424c10c75057ac7c2521ff4b3448f9f353344aed88a1e274ca012c7c0232a
GET /wp-content/themes/phox/assets/css/pages/dist/cf7.css?ver=2.1.8 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:39 GMT
content-type: text/css
last-modified: Wed, 21 Sep 2022 19:30:27 GMT
etag: "d6d-632b6653-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 908
date: Thu, 17 Nov 2022 23:25:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
162.0.209.21200 OK 36 kB URL HTTP/1.1 anovl.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 162.0.209.21:0
File type ASCII text, with very long lines (65447)
Hash 3fefa18e3cbe3acddd34a143490f3568
fb58024ffc3f0776f8deb6690930aaa8d0846599
850052eb84c33764aa1ea684fe1448bf6e6eb65d9bb16fa8e30cd472a53fe28c
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:39 GMT
content-type: application/x-javascript
last-modified: Wed, 02 Nov 2022 06:44:03 GMT
etag: "15e54-636211b3-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 36096
date: Thu, 17 Nov 2022 23:25:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
162.0.209.21200 OK 16 kB URL HTTP/1.1 anovl.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 162.0.209.21:0
File type ASCII text, with very long lines (47826)
Hash f900baa20a50cc986670a1acfed3c04a
ee2ca8a3fc0287cddf2a5546b747a68b60738950
ca674f5479ab55e973bea867cf11312f726bd00fee6669855bf404acd179e758
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:39 GMT
content-type: text/css
last-modified: Wed, 16 Nov 2022 06:32:39 GMT
etag: "172a9-63748407-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 16113
date: Thu, 17 Nov 2022 23:25:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1
162.0.209.21200 OK 17 kB URL HTTP/1.1 anovl.xyz/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1
IP 162.0.209.21:0
File type ASCII text, with very long lines (65497)
Hash e79b795baa812649bc50a93fa1bc7122
a9017a4234f3b578de1e99ff82213d3643dfefbb
7b02bed15954059e6ae7f066d5352367efec80d612223192286a0f08e4d8ec6b
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:39 GMT
content-type: text/css
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
etag: "19538-63713ea6-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 17370
date: Thu, 17 Nov 2022 23:25:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/uploads/elementor/css/post-48.css?ver=1668398023
162.0.209.21200 OK 794 B URL HTTP/1.1 anovl.xyz/wp-content/uploads/elementor/css/post-48.css?ver=1668398023
IP 162.0.209.21:0
File type ASCII text, with very long lines (6014), with no line terminators
Hash 6f1dd41c9bc6d0c2993a58d422b828da
edbcc9becdd1189a758b83c365e07441ce6df1a5
54b0284402c723c01bfe784e2ccf1e7d773d996057558b4332e1299b9918611b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-48.css?ver=1668398023 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:39 GMT
content-type: text/css
last-modified: Mon, 14 Nov 2022 03:53:43 GMT
etag: "177e-6371bbc7-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 794
date: Thu, 17 Nov 2022 23:25:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/plugins/phox-host//assets/css/libs/animate.css?ver=3.7.0
162.0.209.21200 OK 7.1 kB URL HTTP/1.1 anovl.xyz/wp-content/plugins/phox-host//assets/css/libs/animate.css?ver=3.7.0
IP 162.0.209.21:0
Hash 8dcc46b81885ac1b9971c96704b30a25
0271972cb7d888c4de2202778a516aa0d3dac4c1
993936295a0e51963ba68334e532bb958bbf1558a911779e1f0fa0c22e660726
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/phox-host//assets/css/libs/animate.css?ver=3.7.0 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:39 GMT
content-type: text/css
last-modified: Wed, 21 Sep 2022 19:32:00 GMT
etag: "14df1-632b66b0-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 7081
date: Thu, 17 Nov 2022 23:25:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/themes/phox/assets/css/bootstrap.min.css?ver=2.1.8
162.0.209.21200 OK 31 kB URL HTTP/1.1 anovl.xyz/wp-content/themes/phox/assets/css/bootstrap.min.css?ver=2.1.8
IP 162.0.209.21:0
File type ASCII text, with very long lines (65324)
Hash 09807732f1df93f1019316622dd27d07
60685ce8d3419ca006c9a21beb8f6746be2ff0bf
f4dc9c8d976f66a87478e2abac927ea916331b6db105d2c0db1d3e22f79cbeaa
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/phox/assets/css/bootstrap.min.css?ver=2.1.8 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:39 GMT
content-type: text/css
last-modified: Wed, 21 Sep 2022 19:30:27 GMT
etag: "2565e-632b6653-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 30792
date: Thu, 17 Nov 2022 23:25:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
162.0.209.21200 OK 4.3 kB URL HTTP/1.1 anovl.xyz/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP 162.0.209.21:0
File type ASCII text, with very long lines (19233)
Hash 2c899b28ea30d44ac481e75bbb3ba28c
47765178108ebf0fed055040a107f5349b776cc8
e9bbce46e4aca94ab15044242db629d8bd3e6bf3ef3fba32f05e8f62f4a0e992
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:39 GMT
content-type: text/css
last-modified: Mon, 01 Aug 2022 04:11:38 GMT
etag: "4b4f-62e7527a-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4313
date: Thu, 17 Nov 2022 23:25:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/uploads/elementor/css/post-344.css?ver=1668398023
162.0.209.21200 OK 366 B URL HTTP/1.1 anovl.xyz/wp-content/uploads/elementor/css/post-344.css?ver=1668398023
IP 162.0.209.21:0
File type ASCII text, with very long lines (1101), with no line terminators
Hash 46daaa3712b209603690766c9deae062
3417eb179edcefb92a502a7243fc6a601ef427eb
3e0bee6faaf812d9c2779da0ad91f954527046fa0825249ee337fba2c22205b3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-344.css?ver=1668398023 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:39 GMT
content-type: text/css
last-modified: Mon, 14 Nov 2022 03:53:43 GMT
etag: "44d-6371bbc7-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 366
date: Thu, 17 Nov 2022 23:25:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/plugins/phox-host//assets/css/elementor-widgets.css?ver=6.1.1
162.0.209.21200 OK 21 kB URL HTTP/1.1 anovl.xyz/wp-content/plugins/phox-host//assets/css/elementor-widgets.css?ver=6.1.1
IP 162.0.209.21:0
Hash 97c7789d920088129ec4cd490f3213da
737e1d73dada2fec659e3a37654137dfecb96f67
4aa0b3a5efc2fa4e91701b33d44a43f6f69ba5599a6437004bb4db0497723e03
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/phox-host//assets/css/elementor-widgets.css?ver=6.1.1 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:39 GMT
content-type: text/css
last-modified: Wed, 21 Sep 2022 19:32:00 GMT
etag: "259ef-632b66b0-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 21354
date: Thu, 17 Nov 2022 23:25:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/themes/phox/assets/css/elementor-custom.css?ver=2.1.8
162.0.209.21200 OK 249 B URL HTTP/1.1 anovl.xyz/wp-content/themes/phox/assets/css/elementor-custom.css?ver=2.1.8
IP 162.0.209.21:0
Hash 6e01c12f8e1a0399475333b719e241e0
06cf82204e04c76858c6c24ef4174f5f0eccfc0b
d8053f381982ee757354197a7c49982bd4d8d1d7dbfcc21486f57acab3c7d7be
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/phox/assets/css/elementor-custom.css?ver=2.1.8 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:39 GMT
content-type: text/css
last-modified: Wed, 21 Sep 2022 19:30:27 GMT
etag: "26c-632b6653-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 249
date: Thu, 17 Nov 2022 23:25:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:25:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 759d55a9f00851e8653847413a8a3db5
2424e3d7aae0972c57bee3a60a50b3b8a82bba23
5d07bc72f8be0bc42f91b8cb202f4cdc83fb4e5f5f360998066dad08a7fef6ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:25:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 759d55a9f00851e8653847413a8a3db5
2424e3d7aae0972c57bee3a60a50b3b8a82bba23
5d07bc72f8be0bc42f91b8cb202f4cdc83fb4e5f5f360998066dad08a7fef6ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:25:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:25:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 759d55a9f00851e8653847413a8a3db5
2424e3d7aae0972c57bee3a60a50b3b8a82bba23
5d07bc72f8be0bc42f91b8cb202f4cdc83fb4e5f5f360998066dad08a7fef6ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:25:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
anovl.xyz/wp-content/uploads/elementor/css/global.css?ver=1668398024
162.0.209.21200 OK 2.7 kB URL HTTP/1.1 anovl.xyz/wp-content/uploads/elementor/css/global.css?ver=1668398024
IP 162.0.209.21:0
File type ASCII text, with very long lines (24960)
Hash 38fe10b7cb5ae6404b2a4084bcc18073
4c9128b360c4d016697359e968ec56c7ce208fa1
cf7fbed05037fd16378e2f9b92163bcb56989473831aef4c91a3405ecb7b8feb
GET /wp-content/uploads/elementor/css/global.css?ver=1668398024 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:39 GMT
content-type: text/css
last-modified: Mon, 14 Nov 2022 03:53:44 GMT
etag: "7baa-6371bbc8-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2707
date: Thu, 17 Nov 2022 23:25:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://anovl.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 16:40:18 GMT
expires: Fri, 17 Nov 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 24321
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.195200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://anovl.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 21:48:50 GMT
expires: Thu, 16 Nov 2023 21:48:50 GMT
cache-control: public, max-age=31536000
age: 92209
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
216.58.207.195200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://anovl.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:30:59 GMT
expires: Thu, 16 Nov 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 100480
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://anovl.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:34:08 GMT
expires: Thu, 16 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 100291
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
anovl.xyz/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
162.0.209.21200 OK 14 kB URL HTTP/1.1 anovl.xyz/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 162.0.209.21:0
File type ASCII text, with very long lines (57726)
Hash e3aba6109dbfd3331483849228eb4af7
093a383ccc2af9d177862d36a95f2265c19796b8
e8f4d500ba196ba3408dc2da1f1c4084ad5c619998214057e707622276b1fccd
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:39 GMT
content-type: text/css
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
etag: "e238-60cb571c-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 14457
date: Thu, 17 Nov 2022 23:25:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
162.0.209.21200 OK 316 B URL HTTP/1.1 anovl.xyz/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 162.0.209.21:0
File type ASCII text, with very long lines (483)
Hash fd3a45718e33ca1591aa9933244c8924
4536d4512acf9e7477fc191c3ad8b345312e86de
3ac96dec409838069d77a6e9d4f6bac167f5db030a8ae2bbc4f4ec09f0fb4f77
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:39 GMT
content-type: text/css
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
etag: "29d-60cb571c-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 316
date: Thu, 17 Nov 2022 23:25:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 759d55a9f00851e8653847413a8a3db5
2424e3d7aae0972c57bee3a60a50b3b8a82bba23
5d07bc72f8be0bc42f91b8cb202f4cdc83fb4e5f5f360998066dad08a7fef6ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:25:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
anovl.xyz/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.31
162.0.209.21200 OK 15 kB URL HTTP/1.1 anovl.xyz/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.31
IP 162.0.209.21:0
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash a2f76dd48ae3c79571107c47bc53ede1
d975b34a43e26b4d8f2df7cfe874bed4591d991f
9efdf8d484344cc066f3702b3440ddece9276adb73486111a06db4bd674a5c1a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.31 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:39 GMT
content-type: text/css
last-modified: Wed, 21 Sep 2022 19:32:03 GMT
etag: "e8bd-632b66b3-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 15312
date: Thu, 17 Nov 2022 23:25:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
162.0.209.21200 OK 3.2 kB URL HTTP/1.1 anovl.xyz/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 162.0.209.21:0
File type ASCII text, with very long lines (9937), with no line terminators
Hash c656ef0bc45466d8d70c48170dfba5e6
2bcb45cf1ccf2c02e4d8a8198d380f5ac6cce3f3
fc6c04eb9db98ef94c0837b8177d5518225ed38614cfa084bbb46061999d25dc
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:39 GMT
content-type: application/x-javascript
last-modified: Wed, 19 Oct 2022 13:16:48 GMT
etag: "26d1-634ff8c0-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3233
date: Thu, 17 Nov 2022 23:25:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
162.0.209.21200 OK 4.4 kB URL HTTP/1.1 anovl.xyz/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 162.0.209.21:0
File type HTML document, ASCII text, with very long lines (12310), with no line terminators
Hash 9df8f1fd651bbe27c01093ac84e3db78
d14ad03675de2377096546e4148bcc2e877ec776
5ba22255e1ed2b732455c913cae86d1d9116c1efac71eb86782e70b5ade798ea
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:39 GMT
content-type: application/x-javascript
last-modified: Wed, 19 Oct 2022 13:16:48 GMT
etag: "3016-634ff8c0-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4395
date: Thu, 17 Nov 2022 23:25:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/themes/phox/assets/js/popper.min.js?ver=2.1.8
162.0.209.21200 OK 7.7 kB URL HTTP/1.1 anovl.xyz/wp-content/themes/phox/assets/js/popper.min.js?ver=2.1.8
IP 162.0.209.21:0
File type ASCII text, with very long lines (19015)
Hash d842ff3f508772a556ad17a6cc0856e7
648dc64033ce1d295444cc85506deb04472cbaad
39e2fd7873d42ab5c9d0601bfb14748f3ddb0a4ad67f654cea2e18913e0eeb0a
GET /wp-content/themes/phox/assets/js/popper.min.js?ver=2.1.8 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:40 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Sep 2022 19:30:27 GMT
etag: "4af4-632b6653-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 7699
date: Thu, 17 Nov 2022 23:25:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/themes/phox/assets/js/jquery.plugin.js?ver=2.1.8
162.0.209.21200 OK 4.1 kB URL HTTP/1.1 anovl.xyz/wp-content/themes/phox/assets/js/jquery.plugin.js?ver=2.1.8
IP 162.0.209.21:0
Hash fa7befee2480211d23c7ee0f05cafd61
7f9acc20255c6fe2049c3787078339a223852221
7fcb1f33cbd2695d80f210aac9eea74298059722817f8587b8c690cd14267196
GET /wp-content/themes/phox/assets/js/jquery.plugin.js?ver=2.1.8 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:40 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Sep 2022 19:30:27 GMT
etag: "2ba2-632b6653-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4145
date: Thu, 17 Nov 2022 23:25:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18
162.0.209.21200 OK 55 kB URL HTTP/1.1 anovl.xyz/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18
IP 162.0.209.21:0
File type ASCII text, with very long lines (45108), with CRLF line terminators
Hash 57fe11750ce5b38183484101743294b3
f12830cb059d2419135e5ae75662976b0799c471
48db8863709dc1416286420a1055d4481cac41b515c789f9a6480bec3cef0196
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:39 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Sep 2022 19:32:03 GMT
etag: "1f725-632b66b3-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 55423
date: Thu, 17 Nov 2022 23:25:39 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/themes/phox/assets/js/jquery.countdown.js?ver=2.1.8
162.0.209.21200 OK 11 kB URL HTTP/1.1 anovl.xyz/wp-content/themes/phox/assets/js/jquery.countdown.js?ver=2.1.8
IP 162.0.209.21:0
Hash 64b2f714ec153d0d68240647c7087294
b8c1266346c85a6af36bb77482d0b2f041781cc5
d60da618fcfdea4e5dcae859c7431621a4b245f517511155ef59599660a0552f
GET /wp-content/themes/phox/assets/js/jquery.countdown.js?ver=2.1.8 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:40 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Sep 2022 19:30:27 GMT
etag: "8c19-632b6653-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 11039
date: Thu, 17 Nov 2022 23:25:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/themes/phox/assets/js/bootstrap.min.js?ver=2.1.8
162.0.209.21200 OK 18 kB URL HTTP/1.1 anovl.xyz/wp-content/themes/phox/assets/js/bootstrap.min.js?ver=2.1.8
IP 162.0.209.21:0
File type ASCII text, with very long lines (55494)
Hash 85540745967e78dc36b6a5df9eaa0f3e
57b63470d8178a67a71a09433efc838a22de9001
278ce22300b76c2617b1447dfcd07499bde34f19d1199e486bbb41634af9c0dd
GET /wp-content/themes/phox/assets/js/bootstrap.min.js?ver=2.1.8 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:40 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Sep 2022 19:30:27 GMT
etag: "d9df-632b6653-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 17902
date: Thu, 17 Nov 2022 23:25:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash eac7b12c1603fe5027ad59a58c70a31b
9ba5dea7ade4b47f45a63fe55a28b0acd43ea28d
c4546b2694d885635855377119d95532483362aa7ce497d39d125091b5fa3df8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 17 Nov 2022 23:25:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 15:31:15 GMT
Expires: Mon, 21 Nov 2022 15:31:14 GMT
Etag: "9ba5dea7ade4b47f45a63fe55a28b0acd43ea28d"
Cache-Control: max-age=316533,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76bc3a170faeb521-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash eac7b12c1603fe5027ad59a58c70a31b
9ba5dea7ade4b47f45a63fe55a28b0acd43ea28d
c4546b2694d885635855377119d95532483362aa7ce497d39d125091b5fa3df8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 17 Nov 2022 23:25:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 15:31:15 GMT
Expires: Mon, 21 Nov 2022 15:31:14 GMT
Etag: "9ba5dea7ade4b47f45a63fe55a28b0acd43ea28d"
Cache-Control: max-age=316533,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76bc3a171891b506-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash eac7b12c1603fe5027ad59a58c70a31b
9ba5dea7ade4b47f45a63fe55a28b0acd43ea28d
c4546b2694d885635855377119d95532483362aa7ce497d39d125091b5fa3df8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 17 Nov 2022 23:25:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 15:31:15 GMT
Expires: Mon, 21 Nov 2022 15:31:14 GMT
Etag: "9ba5dea7ade4b47f45a63fe55a28b0acd43ea28d"
Cache-Control: max-age=316533,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76bc3a171f830afa-OSL
anovl.xyz/wp-content/themes/phox/assets/js/custom-script.js?ver=2.1.8
162.0.209.21200 OK 2.9 kB URL HTTP/1.1 anovl.xyz/wp-content/themes/phox/assets/js/custom-script.js?ver=2.1.8
IP 162.0.209.21:0
Hash 182c5418d205978ae794eac64297bd7a
53e4ac4ea035113a74df1c9879244b007ed7e1a1
1757faa56ffa70f320e8b4776d4225027b2af13a3ea2300d89dbc62bc04a1af3
GET /wp-content/themes/phox/assets/js/custom-script.js?ver=2.1.8 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:40 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Sep 2022 19:30:27 GMT
etag: "29b0-632b6653-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2918
date: Thu, 17 Nov 2022 23:25:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/themes/phox/assets/js/plugins.js?ver=2.1.8
162.0.209.21200 OK 1.5 kB URL HTTP/1.1 anovl.xyz/wp-content/themes/phox/assets/js/plugins.js?ver=2.1.8
IP 162.0.209.21:0
Hash f60863401c2907c331f97459b752660f
906992ba0dc3dd4f9c4bfb848f237bd70c15b1d7
85e8bb481b8603d38633fbd4dcd6d5122c95924e43506682d7095eda1b651b96
GET /wp-content/themes/phox/assets/js/plugins.js?ver=2.1.8 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:40 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Sep 2022 19:30:27 GMT
etag: "fb8-632b6653-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1521
date: Thu, 17 Nov 2022 23:25:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/themes/phox/assets/js/ammap.js?ver=2.1.8
162.0.209.21200 OK 68 kB URL HTTP/1.1 anovl.xyz/wp-content/themes/phox/assets/js/ammap.js?ver=2.1.8
IP 162.0.209.21:0
File type ASCII text, with very long lines (1193)
Hash cd10cec47e9f058e67f63f4d8aab0197
26a1a4c67b3a60ec9682e98dde3f26ef4de5f107
b459b2c327ef3ed7542a224310cb35e5aafd6273ab6777ef301861672d50167a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/phox/assets/js/ammap.js?ver=2.1.8 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:40 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Sep 2022 19:30:27 GMT
etag: "34ccc-632b6653-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 67812
date: Thu, 17 Nov 2022 23:25:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash eac7b12c1603fe5027ad59a58c70a31b
9ba5dea7ade4b47f45a63fe55a28b0acd43ea28d
c4546b2694d885635855377119d95532483362aa7ce497d39d125091b5fa3df8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 17 Nov 2022 23:25:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 15:31:15 GMT
Expires: Mon, 21 Nov 2022 15:31:14 GMT
Etag: "9ba5dea7ade4b47f45a63fe55a28b0acd43ea28d"
Cache-Control: max-age=316533,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76bc3a170b8eb4ed-OSL
anovl.xyz/wp-content/themes/phox/assets/js/worldLow.js?ver=2.1.8
162.0.209.21200 OK 59 kB URL HTTP/1.1 anovl.xyz/wp-content/themes/phox/assets/js/worldLow.js?ver=2.1.8
IP 162.0.209.21:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash b1b2d5674985c56fcd48749b76e57082
6fea8e394058cc3c973238ed90c01496e09ab58c
a2b0623ec4c2f2afa6524f7e4ff697425a0e828971317d94ccb2edbe6266d450
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/phox/assets/js/worldLow.js?ver=2.1.8 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:40 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Sep 2022 19:30:27 GMT
etag: "1fee4-632b6653-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 58994
date: Thu, 17 Nov 2022 23:25:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1
162.0.209.21200 OK 12 kB URL HTTP/1.1 anovl.xyz/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1
IP 162.0.209.21:0
File type Unicode text, UTF-8 text, with very long lines (32907)
Hash 7dfc58a7415cd7b31fc0e2fe1e03c8eb
a4e2ca5ab6bc32fda5ee768f12ee3759e855aa6a
bb9ed748e92d792389a911772c1334f85a6c9927a4978cbfbf7ccf48f226daf9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:40 GMT
content-type: application/x-javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
etag: "80b3-63713ea6-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 12177
date: Thu, 17 Nov 2022 23:25:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.31
162.0.209.21200 OK 123 kB URL HTTP/1.1 anovl.xyz/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.31
IP 162.0.209.21:0
File type ASCII text, with very long lines (64288)
Size 123 kB (122926 bytes)
Hash be59d26469392f4419654beb14e30902
d0298aa7a69e31053c245128383075a740cdd7d1
e9c9aa46e41cd91c901a70b7c42535407582b219d1c199affebfb5ff019a951c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.31 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:40 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Sep 2022 19:32:03 GMT
etag: "5fa2e-632b66b3-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 122926
date: Thu, 17 Nov 2022 23:25:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
162.0.209.21200 OK 7.9 kB URL HTTP/1.1 anovl.xyz/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 162.0.209.21:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 36466ab85b8acbda978998a870271e69
b42db7d6dd114b7f5ae2e1459754460aae404c7c
6c19cdcb49d31830b795b83c351e579c24c56478cc6d968e3b8c6bf56ec4d9a2
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:40 GMT
content-type: application/x-javascript
last-modified: Wed, 02 Nov 2022 06:44:03 GMT
etag: "53c0-636211b3-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 7933
date: Thu, 17 Nov 2022 23:25:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1
162.0.209.21200 OK 14 kB URL HTTP/1.1 anovl.xyz/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1
IP 162.0.209.21:0
File type ASCII text, with very long lines (40474)
Hash 80ea5e6364819060d3ff0eb352c659b7
f0be9c1c7847452e72308179235c6174c996233b
adb011166bf2c942b960995ea4fc1c74a7981c5d025164ee8935db98ddb07b19
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:40 GMT
content-type: application/x-javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
etag: "9e41-63713ea6-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 14013
date: Thu, 17 Nov 2022 23:25:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-includes/js/underscore.min.js?ver=1.13.4
162.0.209.21200 OK 8.1 kB URL HTTP/1.1 anovl.xyz/wp-includes/js/underscore.min.js?ver=1.13.4
IP 162.0.209.21:0
File type ASCII text, with very long lines (18798)
Hash 561af8d77d2375e1d1e26e8002ec283a
d6515451d87708407c42682e40883eb12a439095
4201c65895f1d19417323b8e84d6c172a20d7b2e55ad94c00ee32a4f01570200
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:40 GMT
content-type: application/x-javascript
last-modified: Wed, 02 Nov 2022 06:44:03 GMT
etag: "4991-636211b3-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 8067
date: Thu, 17 Nov 2022 23:25:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-includes/js/backbone.min.js?ver=1.4.1
162.0.209.21200 OK 9.1 kB URL HTTP/1.1 anovl.xyz/wp-includes/js/backbone.min.js?ver=1.4.1
IP 162.0.209.21:0
File type ASCII text, with very long lines (23813)
Hash 4a5639aeb1e1f3fcf9d63ee0ee5fee04
14742aa6871bdeff840211f3c6e895a5bc3fdc47
19dbf3b2f97f9f6f55ceeeedd275dd22396218bce3478e0f6eac5f72c3212cb9
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/backbone.min.js?ver=1.4.1 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:40 GMT
content-type: application/x-javascript
last-modified: Wed, 02 Nov 2022 06:44:04 GMT
etag: "5d28-636211b4-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 9083
date: Thu, 17 Nov 2022 23:25:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/plugins/phox-host//assets/js/elementor-widgets.js?ver=1.8.0
162.0.209.21200 OK 17 kB URL HTTP/1.1 anovl.xyz/wp-content/plugins/phox-host//assets/js/elementor-widgets.js?ver=1.8.0
IP 162.0.209.21:0
Hash 2369a692e3bd7edf98b400674408315a
316f16dffd09389c3238ca0c2a325e7c33e00776
76378536d39b3f54be03979027e92e2241997bf114d77512d9049b974bbd8399
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/phox-host//assets/js/elementor-widgets.js?ver=1.8.0 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:40 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Sep 2022 19:32:00 GMT
etag: "11877-632b66b0-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 16775
date: Thu, 17 Nov 2022 23:25:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/themes/phox/assets/fonts/icomoon.ttf?gm7fsa
162.0.209.21200 OK 1.6 kB URL HTTP/1.1 anovl.xyz/wp-content/themes/phox/assets/fonts/icomoon.ttf?gm7fsa
IP 162.0.209.21:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Hash 8dd765bee52be1a0e8fff44c67121a50
22d64dae748a25b5028e6adcda3e388fb04de440
193a7c193378ecb0e9f9eb61a4bb45630539f542e6174cc3940715304d8fbef3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/phox/assets/fonts/icomoon.ttf?gm7fsa HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/wp-content/themes/phox/assets/css/style.css?ver=2.1.8
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:40 GMT
content-type: application/x-font-ttf
last-modified: Wed, 21 Sep 2022 19:30:27 GMT
etag: "65c-632b6653-0;;;"
accept-ranges: bytes
content-length: 1628
date: Thu, 17 Nov 2022 23:25:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 95d3d654014df633bc231e7d537b8633
7ac79b7a469d9ac50633fb92062ca4ce48c9cdee
1ebb72c177b2452abb4b674d2edf9d195053bcb024f24224b29bc080075af036
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:25:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-F8N2SK79KZ>m=2oeb90&_p=505426078&gdid=dZTNiMT&cid=1639215327.1668727539&ul=en-us&sr=1280x1024&_s=1&sid=1668727538&sct=1&seg=0&dl=http%3A%2F%2Fanovl.xyz%2Fermr%2F%3FNjx0rZ0%3D7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6%2FVL38v%2BQqfcYjh9FbiPG%2FT%2FHLWQiMahky0Plg%3D%3D%26bBZ%3DGJB82pU8vhQ4&dt=Page%20Not%20Found%20-%20ANOVL&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-F8N2SK79KZ>m=2oeb90&_p=505426078&gdid=dZTNiMT&cid=1639215327.1668727539&ul=en-us&sr=1280x1024&_s=1&sid=1668727538&sct=1&seg=0&dl=http%3A%2F%2Fanovl.xyz%2Fermr%2F%3FNjx0rZ0%3D7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6%2FVL38v%2BQqfcYjh9FbiPG%2FT%2FHLWQiMahky0Plg%3D%3D%26bBZ%3DGJB82pU8vhQ4&dt=Page%20Not%20Found%20-%20ANOVL&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-F8N2SK79KZ>m=2oeb90&_p=505426078&gdid=dZTNiMT&cid=1639215327.1668727539&ul=en-us&sr=1280x1024&_s=1&sid=1668727538&sct=1&seg=0&dl=http%3A%2F%2Fanovl.xyz%2Fermr%2F%3FNjx0rZ0%3D7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6%2FVL38v%2BQqfcYjh9FbiPG%2FT%2FHLWQiMahky0Plg%3D%3D%26bBZ%3DGJB82pU8vhQ4&dt=Page%20Not%20Found%20-%20ANOVL&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://anovl.xyz
Connection: keep-alive
Referer: http://anovl.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://anovl.xyz
date: Thu, 17 Nov 2022 23:25:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
anovl.xyz/wp-content/uploads/2021/02/pricing.png
162.0.209.21200 OK 41 kB URL HTTP/2 anovl.xyz/wp-content/uploads/2021/02/pricing.png
IP 162.0.209.21:0
File type PNG image data, 568 x 518, 8-bit/color RGBA, non-interlaced\012- data
Hash 217952db8f54dba8ccfec93e5e9cd55c
996e7f4a8429ce7ac4fd97e995f990566eeab6ee
29d5dc7afe3cf8c3793a3b5db7fde44026cc2f6570e0d02e9e85cd7c7bdc292f
GET /wp-content/uploads/2021/02/pricing.png HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:40 GMT
content-type: image/png
last-modified: Wed, 21 Sep 2022 19:37:17 GMT
etag: "a1e6-632b67ed-0;;;"
accept-ranges: bytes
content-length: 41446
date: Thu, 17 Nov 2022 23:25:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
anovl.xyz/wp-content/themes/phox/assets/webfonts/fa-regular-400.woff2
162.0.209.21200 OK 14 kB URL HTTP/1.1 anovl.xyz/wp-content/themes/phox/assets/webfonts/fa-regular-400.woff2
IP 162.0.209.21:0
File type Web Open Font Format (Version 2), TrueType, length 13548, version 331.-31392\012- data
Hash 4a74738e7728e93c4394b8604081da62
fb9648469530a05fa9aac80e47d4d6960472a242
ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/phox/assets/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: http://anovl.xyz/wp-content/themes/phox/assets/css/all.min.css?ver=2.1.8
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:40 GMT
content-type: application/font-woff2
last-modified: Wed, 21 Sep 2022 19:30:26 GMT
etag: "34ec-632b6652-0;;;"
accept-ranges: bytes
content-length: 13548
date: Thu, 17 Nov 2022 23:25:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/themes/phox/assets/webfonts/fa-brands-400.woff2
162.0.209.21200 OK 78 kB URL HTTP/1.1 anovl.xyz/wp-content/themes/phox/assets/webfonts/fa-brands-400.woff2
IP 162.0.209.21:0
File type Web Open Font Format (Version 2), TrueType, length 78460, version 331.-31392\012- data
Hash f075c50f89795e4cdb4d45b51f1a6800
f726c4275bb494a045fde059175f072de06c01df
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/phox/assets/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: http://anovl.xyz/wp-content/themes/phox/assets/css/all.min.css?ver=2.1.8
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:40 GMT
content-type: application/font-woff2
last-modified: Wed, 21 Sep 2022 19:30:26 GMT
etag: "1327c-632b6652-0;;;"
accept-ranges: bytes
content-length: 78460
date: Thu, 17 Nov 2022 23:25:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/uploads/2021/02/logo-sm.png
162.0.209.21200 OK 8.7 kB URL HTTP/2 anovl.xyz/wp-content/uploads/2021/02/logo-sm.png
IP 162.0.209.21:0
File type PNG image data, 96 x 88, 8-bit/color RGBA, non-interlaced\012- data
Hash 79974cb0531812010ded64a3c236a03e
e2d06070f372e17b84f23efe99b79c8b06c42e10
172d3dd91f550947c679f41c61ab20392cd7d1abbbc0956dba804c243c8e5f2c
GET /wp-content/uploads/2021/02/logo-sm.png HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:40 GMT
content-type: image/png
last-modified: Wed, 21 Sep 2022 19:37:21 GMT
etag: "21dd-632b67f1-0;;;"
accept-ranges: bytes
content-length: 8669
date: Thu, 17 Nov 2022 23:25:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
anovl.xyz/wp-content/themes/phox/assets/webfonts/fa-solid-900.woff2
162.0.209.21200 OK 80 kB URL HTTP/1.1 anovl.xyz/wp-content/themes/phox/assets/webfonts/fa-solid-900.woff2
IP 162.0.209.21:0
File type Web Open Font Format (Version 2), TrueType, length 80300, version 331.-31392\012- data
Hash 8e1ed89b6ccb8ce41faf5cb672677105
9b592048b9062b00f0b2dd782d70a95b7dc69b83
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/phox/assets/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: http://anovl.xyz/wp-content/themes/phox/assets/css/all.min.css?ver=2.1.8
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:40 GMT
content-type: application/font-woff2
last-modified: Wed, 21 Sep 2022 19:30:26 GMT
etag: "139ac-632b6652-0;;;"
accept-ranges: bytes
content-length: 80300
date: Thu, 17 Nov 2022 23:25:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
anovl.xyz/wp-content/uploads/2021/02/logo.png
162.0.209.21200 OK 13 kB URL HTTP/2 anovl.xyz/wp-content/uploads/2021/02/logo.png
IP 162.0.209.21:0
File type PNG image data, 281 x 88, 8-bit/color RGBA, non-interlaced\012- data
Hash 1c10f2ab8f508cf342d8e9d5a9306e3b
821f20501c4543d245bc6cec1214a167f2edf801
9bb8e1db5eb401090b7a68f5145df39deafa53620055dd73d9779fc5c1830eeb
GET /wp-content/uploads/2021/02/logo.png HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:40 GMT
content-type: image/png
last-modified: Wed, 21 Sep 2022 19:37:21 GMT
etag: "32ab-632b67f1-0;;;"
accept-ranges: bytes
content-length: 12971
date: Thu, 17 Nov 2022 23:25:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
anovl.xyz/wp-content/uploads/2021/02/file.png
162.0.209.21200 OK 67 kB URL HTTP/2 anovl.xyz/wp-content/uploads/2021/02/file.png
IP 162.0.209.21:0
File type PNG image data, 805 x 611, 8-bit/color RGBA, non-interlaced\012- data
Hash d2b765dcac855fcaadd63950611c6882
5552b3cdf3a913dd5007608a551971c294d1b7e6
93cd1d8ebc579020ce4d34bd1521a8bf88b3873625cb8179d20c52f5156ba998
GET /wp-content/uploads/2021/02/file.png HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:40 GMT
content-type: image/png
last-modified: Wed, 21 Sep 2022 19:37:18 GMT
etag: "105f0-632b67ee-0;;;"
accept-ranges: bytes
content-length: 67056
date: Thu, 17 Nov 2022 23:25:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
anovl.xyz/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
162.0.209.21200 OK 78 kB URL HTTP/1.1 anovl.xyz/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 162.0.209.21:0
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: http://anovl.xyz/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Connection: keep-alive
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:40 GMT
content-type: application/font-woff2
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
etag: "13174-60cb571c-0;;;"
accept-ranges: bytes
content-length: 78196
date: Thu, 17 Nov 2022 23:25:40 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 95d38fabca722a84f17dd933a225c9eb
57162b6ce750cb4d572671e857704bddddb7db7b
a9df628bebc2ede321f9140681d93792903dafa2f9d9f5d19b05e5baf47a14fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:25:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://anovl.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 17 Nov 2022 22:41:09 GMT
expires: Fri, 18 Nov 2022 00:41:09 GMT
cache-control: public, max-age=7200
age: 2672
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 95d38fabca722a84f17dd933a225c9eb
57162b6ce750cb4d572671e857704bddddb7db7b
a9df628bebc2ede321f9140681d93792903dafa2f9d9f5d19b05e5baf47a14fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:25:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 95d38fabca722a84f17dd933a225c9eb
57162b6ce750cb4d572671e857704bddddb7db7b
a9df628bebc2ede321f9140681d93792903dafa2f9d9f5d19b05e5baf47a14fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:25:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5327879763242953
142.250.74.162200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5327879763242953
IP 142.250.74.162:0
File type ASCII text, with very long lines (4885)
Hash 551ed15a01a3dd99dc09324590d75022
50e1a5a5ee19364e42f7354f51967d4193f676dd
a98d455e9e0e25d552dfbee9ce3d28fd2ad2b1f8c3ff7f99ef322d45c369045e
GET /pagead/js/adsbygoogle.js?client=ca-pub-5327879763242953 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://anovl.xyz
Connection: keep-alive
Referer: http://anovl.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 17 Nov 2022 23:25:41 GMT
expires: Thu, 17 Nov 2022 23:25:41 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 5661997897170860802
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49143
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 95d38fabca722a84f17dd933a225c9eb
57162b6ce750cb4d572671e857704bddddb7db7b
a9df628bebc2ede321f9140681d93792903dafa2f9d9f5d19b05e5baf47a14fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:25:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
anovl.xyz/wp-content/themes/phox/favicon.ico
162.0.209.21200 OK 1.2 kB URL HTTP/1.1 anovl.xyz/wp-content/themes/phox/favicon.ico
IP 162.0.209.21:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 192e3b10d2330f9c151048e2df237560
1f1891777cf69dd7ddc68268234760d49313e408
966cec14d00723f53edaa2be04b4d2c12aecbe35d4caee48f021d527ad0e1be4
GET /wp-content/themes/phox/favicon.ico HTTP/1.1
Host: anovl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anovl.xyz/ermr/?Njx0rZ0=7Fv73y1siw7yd1dB1mWAaBxpWU8lmkXGLu1vifNeT2RDteAROU0QXWbxqeQD6/VL38v+QqfcYjh9FbiPG/T/HLWQiMahky0Plg==&bBZ=GJB82pU8vhQ4
Connection: keep-alive
Cookie: _ga_F8N2SK79KZ=GS1.1.1668727538.1.0.1668727538.0.0.0; _ga=GA1.1.1639215327.1668727539
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Fri, 17 Nov 2023 23:25:41 GMT
content-type: image/x-icon
last-modified: Wed, 21 Sep 2022 19:30:26 GMT
etag: "47e-632b6652-0;;;"
accept-ranges: bytes
content-length: 1150
date: Thu, 17 Nov 2022 23:25:41 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 5d0f26aabc1e6822799c7b2a0088c7c8
1fe0c1482425fd80388943a097e4bedd549cba84
2f946e377939664b21778a7453b114262582cca8484d148a16c24ca1710370fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:25:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
142.250.74.98200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221110/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://anovl.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Thu, 17 Nov 2022 06:29:02 GMT
expires: Thu, 01 Dec 2022 06:29:02 GMT
cache-control: public, max-age=1209600
age: 60999
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 5d0f26aabc1e6822799c7b2a0088c7c8
1fe0c1482425fd80388943a097e4bedd549cba84
2f946e377939664b21778a7453b114262582cca8484d148a16c24ca1710370fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:25:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 2763bec344cb95973157cf6c9cf07ee4
ce65e30fd5b73cb79d01fab7072d53aa60b873a2
6856e1f453e9660a823ccd084229268b257c8f86af7c0962ed751e8b175afc6c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:25:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4867bbb88730b6b7c4ce63d01131b13d
13205cb9c213ebb2915cedc56c64c65dccd3b8c4
f6df6058ca9dd6ce5e9034a5996d6e22ddbc9e5be85a245c55efb2bfbccbf99a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:25:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 8bd74b7ad2725f15396907ce2070e9a9
c624c31552aeb494b5a630db33054ad03cbd5a0e
a20baa5c9be0ccc20d8bcd78680101f96dc0f6a69427bd9f56436982288b72f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:25:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=anovl.xyz&callback=_gfp_s_&client=ca-pub-5327879763242953&gpid_exp=1
172.217.21.162200 OK 251 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=anovl.xyz&callback=_gfp_s_&client=ca-pub-5327879763242953&gpid_exp=1
IP 172.217.21.162:0
File type ASCII text, with very long lines (385), with no line terminators
Hash 3c6c605eeb9755972d19f4eb12807472
988565f595c21f1534286825d5865bf9f5f3b71f
bb5cab68511e6c303b5a7297377a6f93af15f23ddb9d1ce4f84a3670723ac75d
GET /gampad/cookie.js?domain=anovl.xyz&callback=_gfp_s_&client=ca-pub-5327879763242953&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://anovl.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 17 Nov 2022 23:25:41 GMT
server: cafe
cache-control: private
content-length: 251
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=anovl.xyz
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=anovl.xyz
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=anovl.xyz HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://anovl.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 17 Nov 2022 23:25:41 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=anovl.xyz
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=anovl.xyz
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=anovl.xyz HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://anovl.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 17 Nov 2022 23:25:41 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f597aa17a4d26018bf1ad1591cda3a8c
6da511661cc1b274d9003c70b1f3a02d4c892a9e
fec0b5daf3e144d99f60100ce28b3e607a8908742002eeab5af289d512d5e3f5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:25:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4867bbb88730b6b7c4ce63d01131b13d
13205cb9c213ebb2915cedc56c64c65dccd3b8c4
f6df6058ca9dd6ce5e9034a5996d6e22ddbc9e5be85a245c55efb2bfbccbf99a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:25:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 8bd74b7ad2725f15396907ce2070e9a9
c624c31552aeb494b5a630db33054ad03cbd5a0e
a20baa5c9be0ccc20d8bcd78680101f96dc0f6a69427bd9f56436982288b72f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:25:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3dfa5c59213820271e21911d9dfb5e81
d89f3f254f1306e21361edc5e8dc693cd3dff939
95e971e2a1fe5e6783e774639e553d89a39b68ba9be08b0d1b3be3517764ced4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:25:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://anovl.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Thu, 17 Nov 2022 23:25:41 GMT
expires: Thu, 17 Nov 2022 23:25:41 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://anovl.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Nov 2022 17:59:25 GMT
expires: Wed, 15 Nov 2023 17:59:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 192377
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 05bf67082a248863ee104c4f16e7ae7a
51bc71674f0e51788118bd4826dec7896d6bd03e
3664a7f4bc06fcb7bab2f6b270e74570536d947f8d3fa2fe586dd0de713844e8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:25:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 95ed8c1dae348a6f0f0ce08eb4ae3833
edb0abf7a764999d716fc6448777d87db8e82ba8
77f8ec76e1066839a25b1c0832247feaa0cda97eedf1b9fbf50c4647aa59915c
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://anovl.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 17 Nov 2022 23:25:42 GMT
date: Thu, 17 Nov 2022 23:25:42 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-NDx13Vye8M3VwbYEyRUJSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffad6fa40-abda-4ea3-b899-aef6906a01e1.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffad6fa40-abda-4ea3-b899-aef6906a01e1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 93b326374b3808d0af42e295643cdc14
dd691328acf190c745465208f18a41a75878df18
224ac3995e2e78ee5fcc6c5c3d5fb1f4b0ceca1c42b7a1a493c756aa199bf75f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffad6fa40-abda-4ea3-b899-aef6906a01e1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5198
x-amzn-requestid: ba4e00c8-a996-41f3-b15a-1e304907ca2a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw9UpH1ioAMF6ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376a8ea-2f9f794c4de03f8b212e072f;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LPflGHjoeNg1X5EszKAaziaZsKFf5hT6LeNPpZQriZ5H1z7Zhh86Ow==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:55:57 GMT
age: 5388
etag: "dd691328acf190c745465208f18a41a75878df18"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Open%20Sans:wght@300;400;600;700&family=Poppins:wght@200;400;600;700&family=Tajawal:wght@200;400;500;700;800;900&family=Montserrat:wght@600&family=Montserrat:wght@400&family=Poppins:wght@600&family=Poppins:wght@700&family=Roboto:wght@400&family=Roboto:wght@600&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Open%20Sans:wght@300;400;600;700&family=Poppins:wght@200;400;600;700&family=Tajawal:wght@200;400;500;700;800;900&family=Montserrat:wght@600&family=Montserrat:wght@400&family=Poppins:wght@600&family=Poppins:wght@700&family=Roboto:wght@400&family=Roboto:wght@600&display=swap
IP 142.250.74.10:0
GET /css2?family=Open%20Sans:wght@300;400;600;700&family=Poppins:wght@200;400;600;700&family=Tajawal:wght@200;400;500;700;800;900&family=Montserrat:wght@600&family=Montserrat:wght@400&family=Poppins:wght@600&family=Poppins:wght@700&family=Roboto:wght@400&family=Roboto:wght@600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://anovl.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 17 Nov 2022 23:25:38 GMT
date: Thu, 17 Nov 2022 23:25:38 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2