higos.info/home_iro/enterpassword.php
172.96.184.205301 Moved Permanently 707 B URL HTTP/1.1 higos.info/home_iro/enterpassword.php
IP 172.96.184.205:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET /home_iro/enterpassword.php HTTP/1.1
Host: higos.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Wed, 05 Oct 2022 15:01:27 GMT
server: LiteSpeed
location: https://higos.info/home_iro/enterpassword.php
firefox.settings.services.mozilla.com/v1/
54.230.111.65200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.65:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 14:47:16 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IeeYSsMvgGoQPhWFXYIz4x8T_T-UCuRV7wlxLytMBaWjn1zLRFm0Tg==
Age: 851
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8007
Expires: Wed, 05 Oct 2022 17:14:54 GMT
Date: Wed, 05 Oct 2022 15:01:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
54.230.111.7200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 54.230.111.7:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 04:02:33 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0hGwde05jrYi7Fq7OhDXY_PxfDfQu_aJWbai3DCrBBz4ATuwMysJvg==
age: 39535
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 15:01:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.65200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.65:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 05 Oct 2022 14:29:33 GMT
Expires: Wed, 05 Oct 2022 14:35:32 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: T5YxvuvcC-Xsu4x2KzdMEg4jLLPKpJ-bWpBvgJQ7WP5HHkjgOuqRrg==
Age: 1914
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1561c6be7c89d1357a80d12de47b6e74
9a705277922ecca583c867af58b3efce099f83bd
e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6432
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 15:01:28 GMT
Last-Modified: Wed, 05 Oct 2022 13:14:16 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.189.157.130101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.157.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TaanE/6c7niYx4oFIrct3g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vumLb7QbLsJxpYllFUl59H/xpv0=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6986
Expires: Wed, 05 Oct 2022 16:57:55 GMT
Date: Wed, 05 Oct 2022 15:01:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6986
Expires: Wed, 05 Oct 2022 16:57:55 GMT
Date: Wed, 05 Oct 2022 15:01:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6986
Expires: Wed, 05 Oct 2022 16:57:55 GMT
Date: Wed, 05 Oct 2022 15:01:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6986
Expires: Wed, 05 Oct 2022 16:57:55 GMT
Date: Wed, 05 Oct 2022 15:01:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8857940-5ca2-44ba-8a66-f396a605d5b4.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8857940-5ca2-44ba-8a66-f396a605d5b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 229c99cfb655a8c9f1a22de69fdff73c
6b5db8fbfb56f083d54b13e7660d0e4bc866aa00
f4099e9153c3dc481add95b0f24dbb8f6d65cc74ad5631d9cb6c6f2a0351843d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8857940-5ca2-44ba-8a66-f396a605d5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7021
x-amzn-requestid: 2e30bdac-360e-4d0a-8bb7-c3144e074abe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8ucHb1oAMFjYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7f5-18ba6bc50cb32b1e14c882bd;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: UPEhTwAYEIRy-Cnb0ITefEotLyg3rFe_NaGy92xwWe_7hrdo6UQLwQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:56:53 GMT
age: 61476
etag: "6b5db8fbfb56f083d54b13e7660d0e4bc866aa00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78bf691d-76e8-4176-884d-dbc06604dded.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78bf691d-76e8-4176-884d-dbc06604dded.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 100559d746bedd7c3802661c875c35ee
5261a6c2ee6d6cc87e91ee82e32d8be234db393e
ff06f31267ddcc9a0d84ddc68932872bfed29d072783c3a1dd3790d41c280aec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78bf691d-76e8-4176-884d-dbc06604dded.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8816
x-amzn-requestid: b9f3ec8a-f478-4405-b275-e21f2d7d89d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZKK7gFPJIAMF-7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333f1e3-250348e6140f3c74762263ea;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 07:04:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8f83Wv7OrO7NOd1y1LXjfphRmJjdwrkcAxrxUN4A4qSgsEzIQMq81g==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 22:38:40 GMT
age: 58969
etag: "5261a6c2ee6d6cc87e91ee82e32d8be234db393e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aeOU8fGkf5uHuYZ79k17EzxiFnwm0_z7SeZJElgwECzRyhR2N_SYJA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:06:09 GMT
age: 39320
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d7d7df8d4c440f9db445c3d99e818d6
612b6dbd4ba895c167964ff7e6d9263013b52b0a
bf527a814c78f9e010cce4ba593c9146d54a2137d1f147f7a6250fbad81956ac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3585
x-amzn-requestid: 43c510d4-d87c-4665-a132-d798b836d415
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaJbLHEOoAMFfxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a55e0-614faff31425ff183b7ca4dd;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 03:24:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: d1LCc44Gj_0Je8adu7Iv3I9MwkaDPgWqlNHI96UAtZub22l210J65A==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:53:07 GMT
age: 36502
etag: "612b6dbd4ba895c167964ff7e6d9263013b52b0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3257b782efae9b64e6e18a547866ec50
4daf0c001e86af8477fb097e8ca932edb8e5f981
899f9692e86405aa288d88dd285a6fe26bedab1a2ca4693212476063890b01a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5832
x-amzn-requestid: c4427edd-3d71-47d0-a2d3-b3bfed089535
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1FuUoAMFhBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-46ddff150da4141d23fc0d8a;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iR82CJ6A06dpqy_nm6JrmjeUJT-uhI5rr0dr6ZnhrQQo9Jqxh10qRQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:43:43 GMT
age: 62266
etag: "4daf0c001e86af8477fb097e8ca932edb8e5f981"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1de7c17a0ba9295135e7f8b490b6a8d3
70e8d1589f3daf71378965dd197934e220fb6aa4
ee559ce3166479e2b930be7d18525f5c2d164aed8ca005302ddaf3bfe37eec24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8926
x-amzn-requestid: 27fc8976-af8d-40a3-b701-0642fa135ec4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1GSbIAMFTiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-4d4c7837576e0fdb5828fe3b;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YzVofPSJC-YVU1Q1V9AnjNeQTa1BQEh6ZiH2HjSeeX5RygysFP7oAA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:43:25 GMT
age: 62284
etag: "70e8d1589f3daf71378965dd197934e220fb6aa4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
higos.info/wp-includes/css/dist/block-library/style.min.css?ver=5.5.10
172.96.184.205200 OK 7.5 kB URL HTTP/2 higos.info/wp-includes/css/dist/block-library/style.min.css?ver=5.5.10
IP 172.96.184.205:0
File type ASCII text, with very long lines (27100)
Hash bd31b2b1085f1595b77592174490b5e6
f11b8bd4d75033ed07ef0288c9177dc614d9e214
43cd7e52a79bbc27b1d70717ccf5a7c73cb4b04f3837c7dd8af45d05a47aea0d
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.5.10 HTTP/1.1
Host: higos.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higos.info/home_iro/enterpassword.php
Cookie: PHPSESSID=tbmqkrhusaclobko0d2e6srkl2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 15:01:30 GMT
content-type: text/css
last-modified: Sat, 31 Oct 2020 10:47:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7455
date: Wed, 05 Oct 2022 15:01:30 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
higos.info/wp-content/plugins/fruitful-shortcodes/fruitful-shortcodes-2.0.0//assets/shared/fruitful_alert/css/styles.css?ver=071120180241
172.96.184.205200 OK 453 B URL HTTP/2 higos.info/wp-content/plugins/fruitful-shortcodes/fruitful-shortcodes-2.0.0//assets/shared/fruitful_alert/css/styles.css?ver=071120180241
IP 172.96.184.205:0
File type ASCII text, with very long lines (1807), with no line terminators
Hash cf85d8c1ba76c2cfd38c0da614ad289b
3dfc8b81bdbc9dce0218f85c178e215cf156fda8
bb07b361ce74a6adc550ddc344f5fc84a515e86f1cb2ec6bb187893e64390118
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/fruitful-shortcodes/fruitful-shortcodes-2.0.0//assets/shared/fruitful_alert/css/styles.css?ver=071120180241 HTTP/1.1
Host: higos.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higos.info/home_iro/enterpassword.php
Cookie: PHPSESSID=tbmqkrhusaclobko0d2e6srkl2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 15:01:30 GMT
content-type: text/css
last-modified: Tue, 23 Jul 2019 15:52:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 453
date: Wed, 05 Oct 2022 15:01:30 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
higos.info/wp-content/plugins/fruitful-shortcodes/fruitful-shortcodes-2.0.0/assets/css/front.css?ver=071120180241
172.96.184.205200 OK 433 B URL HTTP/2 higos.info/wp-content/plugins/fruitful-shortcodes/fruitful-shortcodes-2.0.0/assets/css/front.css?ver=071120180241
IP 172.96.184.205:0
File type ASCII text, with very long lines (1437), with no line terminators
Hash 750660e63ca5f543ca4709780ee5e672
8bb0f92e31c932b7b8af766ec1878eb6fd77a0ad
1a96ce9dbaa8bb07207f6ad83457fba0e2e28fbabf259110222c3fd085b0b15f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/fruitful-shortcodes/fruitful-shortcodes-2.0.0/assets/css/front.css?ver=071120180241 HTTP/1.1
Host: higos.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higos.info/home_iro/enterpassword.php
Cookie: PHPSESSID=tbmqkrhusaclobko0d2e6srkl2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 15:01:30 GMT
content-type: text/css
last-modified: Tue, 23 Jul 2019 15:52:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 433
date: Wed, 05 Oct 2022 15:01:30 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
higos.info/wp-content/plugins/fruitful-shortcodes/fruitful-shortcodes-2.0.0//assets/shared/fruitful_dbox/css/styles.css?ver=071120180241
172.96.184.205200 OK 426 B URL HTTP/2 higos.info/wp-content/plugins/fruitful-shortcodes/fruitful-shortcodes-2.0.0//assets/shared/fruitful_dbox/css/styles.css?ver=071120180241
IP 172.96.184.205:0
File type ASCII text, with very long lines (1471), with no line terminators
Hash dc99b182d7d85feb6db415ab2b554d1c
a2bb1e70759617d163aee3788b3039c62a806d58
f5286cb1c40ba3707d47a0eea95daaa4556f0479dca8ec21337ba23e11983b4c
GET /wp-content/plugins/fruitful-shortcodes/fruitful-shortcodes-2.0.0//assets/shared/fruitful_dbox/css/styles.css?ver=071120180241 HTTP/1.1
Host: higos.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higos.info/home_iro/enterpassword.php
Cookie: PHPSESSID=tbmqkrhusaclobko0d2e6srkl2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 15:01:30 GMT
content-type: text/css
last-modified: Tue, 23 Jul 2019 15:52:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 426
date: Wed, 05 Oct 2022 15:01:30 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4d6b344f7e5123552495c56971708cef
efcf4bd4bdb6964b29ce0bc239ea32ab573dac3a
8092e24c3c24d08ffebca3781af0ec9574604e1ae4bd40d2c21865c3297f44bc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 15:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4d6b344f7e5123552495c56971708cef
efcf4bd4bdb6964b29ce0bc239ea32ab573dac3a
8092e24c3c24d08ffebca3781af0ec9574604e1ae4bd40d2c21865c3297f44bc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 15:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
higos.info/wp-content/plugins/fruitful-shortcodes/fruitful-shortcodes-2.0.0//assets/shared/fruitful_btn/css/styles.css?ver=071120180241
172.96.184.205200 OK 1.1 kB URL HTTP/2 higos.info/wp-content/plugins/fruitful-shortcodes/fruitful-shortcodes-2.0.0//assets/shared/fruitful_btn/css/styles.css?ver=071120180241
IP 172.96.184.205:0
File type ASCII text, with very long lines (10638), with no line terminators
Hash 259a2863b37f4ef69a0d032515601fbc
0efb49399c930b413a633420487be3636a9242b1
7b24bd1b29b4848767d139b2593a7a0f9e58c45b136eb2491c64bf2db406523d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/fruitful-shortcodes/fruitful-shortcodes-2.0.0//assets/shared/fruitful_btn/css/styles.css?ver=071120180241 HTTP/1.1
Host: higos.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higos.info/home_iro/enterpassword.php
Cookie: PHPSESSID=tbmqkrhusaclobko0d2e6srkl2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 15:01:30 GMT
content-type: text/css
last-modified: Tue, 23 Jul 2019 15:52:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1103
date: Wed, 05 Oct 2022 15:01:30 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
higos.info/wp-content/plugins/fruitful-shortcodes/fruitful-shortcodes-2.0.0//assets/shared/fruitful_pbar/css/styles.css?ver=071120180241
172.96.184.205200 OK 409 B URL HTTP/2 higos.info/wp-content/plugins/fruitful-shortcodes/fruitful-shortcodes-2.0.0//assets/shared/fruitful_pbar/css/styles.css?ver=071120180241
IP 172.96.184.205:0
File type ASCII text, with very long lines (1811), with no line terminators
Hash 65e5ace088e89d997f57630daeac07f7
50bed7ab12f2d86131c24169d1436773b922b42b
51129faaa6f68a931f034769e12394f7f2b55843f049f761a19fb08b05d11ca2
GET /wp-content/plugins/fruitful-shortcodes/fruitful-shortcodes-2.0.0//assets/shared/fruitful_pbar/css/styles.css?ver=071120180241 HTTP/1.1
Host: higos.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higos.info/home_iro/enterpassword.php
Cookie: PHPSESSID=tbmqkrhusaclobko0d2e6srkl2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 15:01:30 GMT
content-type: text/css
last-modified: Tue, 23 Jul 2019 15:52:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 409
date: Wed, 05 Oct 2022 15:01:30 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
higos.info/wp-content/plugins/fruitful-shortcodes/fruitful-shortcodes-2.0.0/assets/libs/bootstrap/bootstrap-grid.min.css?ver=071120180241
172.96.184.205200 OK 2.9 kB URL HTTP/2 higos.info/wp-content/plugins/fruitful-shortcodes/fruitful-shortcodes-2.0.0/assets/libs/bootstrap/bootstrap-grid.min.css?ver=071120180241
IP 172.96.184.205:0
File type ASCII text, with very long lines (35459)
Hash d9b28b01d0e945c65be423bad0116fd6
2dc42de4ffd18c23277af0c1ac249522d3acdb1d
fcfa831fbe1749dfb76564de0166e91c56b0ab2f45a5037e464de2d0a3dc1e9d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/fruitful-shortcodes/fruitful-shortcodes-2.0.0/assets/libs/bootstrap/bootstrap-grid.min.css?ver=071120180241 HTTP/1.1
Host: higos.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higos.info/home_iro/enterpassword.php
Cookie: PHPSESSID=tbmqkrhusaclobko0d2e6srkl2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 15:01:30 GMT
content-type: text/css
last-modified: Tue, 23 Jul 2019 15:52:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2854
date: Wed, 05 Oct 2022 15:01:30 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
higos.info/wp-content/plugins/fruitful-shortcodes/fruitful-shortcodes-2.0.0//assets/shared/fruitful_recent_posts/css/styles.css?ver=071120180241
172.96.184.205200 OK 742 B URL HTTP/2 higos.info/wp-content/plugins/fruitful-shortcodes/fruitful-shortcodes-2.0.0//assets/shared/fruitful_recent_posts/css/styles.css?ver=071120180241
IP 172.96.184.205:0
File type ASCII text, with very long lines (3148), with no line terminators
Hash f9614ffde908e576370b2d4cf8002c84
1df9ae35cd89651a02759c192f82b88201461559
1bb8d461f28ea097807aed918a3a43eb16705823904054457f640becbd1763db
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/fruitful-shortcodes/fruitful-shortcodes-2.0.0//assets/shared/fruitful_recent_posts/css/styles.css?ver=071120180241 HTTP/1.1
Host: higos.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higos.info/home_iro/enterpassword.php
Cookie: PHPSESSID=tbmqkrhusaclobko0d2e6srkl2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 15:01:30 GMT
content-type: text/css
last-modified: Tue, 23 Jul 2019 15:52:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 742
date: Wed, 05 Oct 2022 15:01:30 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
higos.info/wp-content/plugins/fruitful-shortcodes/fruitful-shortcodes-2.0.0/assets/libs/slick/slick.css?ver=071120180241
172.96.184.205200 OK 982 B URL HTTP/2 higos.info/wp-content/plugins/fruitful-shortcodes/fruitful-shortcodes-2.0.0/assets/libs/slick/slick.css?ver=071120180241
IP 172.96.184.205:0
Hash e591a7d10372a1b71258994d46dad35b
30aa0be7df308c41e60827ca10880fccc820de67
76753647ae06843166196c09e1567619116ca7160a400ed2c72960d7fe37d13b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/fruitful-shortcodes/fruitful-shortcodes-2.0.0/assets/libs/slick/slick.css?ver=071120180241 HTTP/1.1
Host: higos.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higos.info/home_iro/enterpassword.php
Cookie: PHPSESSID=tbmqkrhusaclobko0d2e6srkl2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 15:01:30 GMT
content-type: text/css
last-modified: Tue, 23 Jul 2019 15:52:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 982
date: Wed, 05 Oct 2022 15:01:30 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
higos.info/wp-content/plugins/fruitful-shortcodes/fruitful-shortcodes-2.0.0//assets/shared/fruitful_recent_posts_slider/css/styles.css?ver=071120180241
172.96.184.205200 OK 334 B URL HTTP/2 higos.info/wp-content/plugins/fruitful-shortcodes/fruitful-shortcodes-2.0.0//assets/shared/fruitful_recent_posts_slider/css/styles.css?ver=071120180241
IP 172.96.184.205:0
File type ASCII text, with very long lines (1096), with no line terminators
Hash 7e9f8ee281973cc7b5f36addd9597f0d
1cddbf957eb78705debd066a977708d67d33ab79
ded7f47fa5d0182e4e0ab30c10377d8a14ecc44e7f214d46e984bda46cc51b5f
GET /wp-content/plugins/fruitful-shortcodes/fruitful-shortcodes-2.0.0//assets/shared/fruitful_recent_posts_slider/css/styles.css?ver=071120180241 HTTP/1.1
Host: higos.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higos.info/home_iro/enterpassword.php
Cookie: PHPSESSID=tbmqkrhusaclobko0d2e6srkl2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 15:01:30 GMT
content-type: text/css
last-modified: Tue, 23 Jul 2019 15:52:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 334
date: Wed, 05 Oct 2022 15:01:30 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
higos.info/wp-content/themes/fruitful/woocommerce/ie.css?ver=5.5.10
172.96.184.205200 OK 3.0 kB URL HTTP/2 higos.info/wp-content/themes/fruitful/woocommerce/ie.css?ver=5.5.10
IP 172.96.184.205:0
File type ASCII text, with CR line terminators
Hash 4a31866e56200c3694a8b32c136bdead
f3d2a821c1a5428c5cd13676272b12736fbfe1f6
f23b404bee2ffe8fad4503efee7ca51781e94195a05c484262dfa9bcca9898a6
GET /wp-content/themes/fruitful/woocommerce/ie.css?ver=5.5.10 HTTP/1.1
Host: higos.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higos.info/home_iro/enterpassword.php
Cookie: PHPSESSID=tbmqkrhusaclobko0d2e6srkl2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 15:01:30 GMT
content-type: text/css
last-modified: Tue, 23 Jul 2019 15:57:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2990
date: Wed, 05 Oct 2022 15:01:30 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
higos.info/wp-content/themes/fruitful/css/fancySelect.css?ver=5.5.10
172.96.184.205200 OK 793 B URL HTTP/2 higos.info/wp-content/themes/fruitful/css/fancySelect.css?ver=5.5.10
IP 172.96.184.205:0
Hash 57adb67028bb16840c1951ecefe92ade
f0ffff7dfd2cad046bba788273487ea4686e767a
1a9587d80995bed9fdf902fb794401e7dd598abc55d4353a107b042b9699b6df
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/fruitful/css/fancySelect.css?ver=5.5.10 HTTP/1.1
Host: higos.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higos.info/home_iro/enterpassword.php
Cookie: PHPSESSID=tbmqkrhusaclobko0d2e6srkl2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 15:01:30 GMT
content-type: text/css
last-modified: Tue, 23 Jul 2019 15:57:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 793
date: Wed, 05 Oct 2022 15:01:30 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
higos.info/wp-content/themes/fruitful/style.css?ver=5.5.10
172.96.184.205200 OK 14 kB URL HTTP/2 higos.info/wp-content/themes/fruitful/style.css?ver=5.5.10
IP 172.96.184.205:0
File type Unicode text, UTF-8 text, with very long lines (719)
Hash 40535b746b171cd2a98f953571d42d8e
9fd0b2ac860272bbbe81f3111c857d09838f22a4
73d07f26fd61f6d8ec5029fb3e25fc6fae6ed9065f273672b621fed388c1d569
GET /wp-content/themes/fruitful/style.css?ver=5.5.10 HTTP/1.1
Host: higos.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higos.info/home_iro/enterpassword.php
Cookie: PHPSESSID=tbmqkrhusaclobko0d2e6srkl2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 15:01:30 GMT
content-type: text/css
last-modified: Tue, 23 Jul 2019 15:57:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13508
date: Wed, 05 Oct 2022 15:01:30 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
higos.info/wp-content/plugins/google-analytics-dashboard-for-wp/assets/css/frontend.min.css?ver=6.4.0
172.96.184.205200 OK 718 B URL HTTP/2 higos.info/wp-content/plugins/google-analytics-dashboard-for-wp/assets/css/frontend.min.css?ver=6.4.0
IP 172.96.184.205:0
File type ASCII text, with very long lines (7272), with no line terminators
Hash 6bae8382fb63d19d7e4e96ce64a4b6f8
dea3e0ddd11aa4b2d7b51c7b0896d559cda9b466
364fe4576f1f6168a4287e4d20c9d45db834b3bdfc3221dd778dc0877e69fd7f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/google-analytics-dashboard-for-wp/assets/css/frontend.min.css?ver=6.4.0 HTTP/1.1
Host: higos.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higos.info/home_iro/enterpassword.php
Cookie: PHPSESSID=tbmqkrhusaclobko0d2e6srkl2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 15:01:30 GMT
content-type: text/css
last-modified: Sat, 09 Jan 2021 20:56:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 718
date: Wed, 05 Oct 2022 15:01:30 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
higos.info/wp-content/plugins/fruitful-shortcodes/fruitful-shortcodes-2.0.0//assets/shared/fruitful_tabs/css/styles.css?ver=071120180241
172.96.184.205200 OK 782 B URL HTTP/2 higos.info/wp-content/plugins/fruitful-shortcodes/fruitful-shortcodes-2.0.0//assets/shared/fruitful_tabs/css/styles.css?ver=071120180241
IP 172.96.184.205:0
File type ASCII text, with very long lines (4310), with no line terminators
Hash d7058be0b4028d3b265ae48958dea82c
755910ff92801609334c0fb1e3b904acf6fdc1d0
3dfd65229dda7c89dedb56732ea5d0a9256192e791eecea2ad750e0c054cfb22
GET /wp-content/plugins/fruitful-shortcodes/fruitful-shortcodes-2.0.0//assets/shared/fruitful_tabs/css/styles.css?ver=071120180241 HTTP/1.1
Host: higos.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higos.info/home_iro/enterpassword.php
Cookie: PHPSESSID=tbmqkrhusaclobko0d2e6srkl2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 15:01:30 GMT
content-type: text/css
last-modified: Tue, 23 Jul 2019 15:52:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 782
date: Wed, 05 Oct 2022 15:01:30 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
higos.info/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend.min.js?ver=6.4.0
172.96.184.205200 OK 2.6 kB URL HTTP/2 higos.info/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend.min.js?ver=6.4.0
IP 172.96.184.205:0
File type ASCII text, with very long lines (1019)
Hash 14701f5b1e5ed3e40d44a5934582f3fc
d0ac9ef28d21449a12bfdebdc1449cd8c4a5ca1e
429d6734328fe70af1a52d9e1251008e61b23c73615e0c2c7d819aba87ad2d17
GET /wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend.min.js?ver=6.4.0 HTTP/1.1
Host: higos.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higos.info/home_iro/enterpassword.php
Cookie: PHPSESSID=tbmqkrhusaclobko0d2e6srkl2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 15:01:30 GMT
content-type: application/javascript
last-modified: Sat, 09 Jan 2021 20:56:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2556
date: Wed, 05 Oct 2022 15:01:30 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
higos.info/wp-content/themes/fruitful/js/fnBox/jquery.fancybox.css?ver=5.5.10
172.96.184.205200 OK 1.3 kB URL HTTP/2 higos.info/wp-content/themes/fruitful/js/fnBox/jquery.fancybox.css?ver=5.5.10
IP 172.96.184.205:0
Hash 4cc99d60634b4af95c55055c0a19402c
71c60af1f5d7a8f8d2c30ccb8dcefc0434819b2a
b2a65b626e4b96df9b09f0455473ea1e5b62dba9450e3255651e0ec2c76cfbdb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/fruitful/js/fnBox/jquery.fancybox.css?ver=5.5.10 HTTP/1.1
Host: higos.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higos.info/home_iro/enterpassword.php
Cookie: PHPSESSID=tbmqkrhusaclobko0d2e6srkl2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 15:01:30 GMT
content-type: text/css
last-modified: Tue, 23 Jul 2019 15:57:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1258
date: Wed, 05 Oct 2022 15:01:30 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
higos.info/wp-content/themes/fruitful/css/font-awesome.min.css?ver=5.5.10
172.96.184.205200 OK 5.9 kB URL HTTP/2 higos.info/wp-content/themes/fruitful/css/font-awesome.min.css?ver=5.5.10
IP 172.96.184.205:0
File type ASCII text, with very long lines (27285)
Hash 43246aa1aa1e66776ab3d65c25e17803
c447fe1405ce92b91c61717ae8e90f4073a21ecf
e6a4284aa0665e358d04a82b564c6aa5e70e925ab28e62bdb96016e3a7435aee
GET /wp-content/themes/fruitful/css/font-awesome.min.css?ver=5.5.10 HTTP/1.1
Host: higos.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higos.info/home_iro/enterpassword.php
Cookie: PHPSESSID=tbmqkrhusaclobko0d2e6srkl2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 15:01:30 GMT
content-type: text/css
last-modified: Tue, 23 Jul 2019 15:57:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5875
date: Wed, 05 Oct 2022 15:01:30 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
higos.info/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
172.96.184.205200 OK 33 kB URL HTTP/2 higos.info/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP 172.96.184.205:0
File type ASCII text, with very long lines (31997)
Hash a95303ca3b1a9372809d72ffa31bca40
65130bca144d3b49d5f97387173c423b9b4abfe3
c5d914b6693616fcf2c61bc363660dcc5f6ea7de5a25b1d6a5a2a95f39846565
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: higos.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higos.info/home_iro/enterpassword.php
Cookie: PHPSESSID=tbmqkrhusaclobko0d2e6srkl2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 15:01:30 GMT
content-type: application/javascript
last-modified: Tue, 23 Jul 2019 16:13:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 32853
date: Wed, 05 Oct 2022 15:01:30 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4d6b344f7e5123552495c56971708cef
efcf4bd4bdb6964b29ce0bc239ea32ab573dac3a
8092e24c3c24d08ffebca3781af0ec9574604e1ae4bd40d2c21865c3297f44bc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 15:01:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 195d162678034c3ab84daffa4c4a5723
85fab036e8ab318c51b5c05ff33f2388e5716acd
03e8ce6aa80a44c5f2abf860c3bbf25d8e56fc49458a3f8c11fbe2130b71bb6c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 15:01:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 195d162678034c3ab84daffa4c4a5723
85fab036e8ab318c51b5c05ff33f2388e5716acd
03e8ce6aa80a44c5f2abf860c3bbf25d8e56fc49458a3f8c11fbe2130b71bb6c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 15:01:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 15:01:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://higos.info
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 03:08:55 GMT
expires: Sun, 01 Oct 2023 03:08:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 388356
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 15:01:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 60dea52abe2437132a0387ad8becc0ac
61e9fb41f1fc795ef7204b8948621d4dbc6d3052
ac998fb48810aeb183ec2d19cfd58b81f2243207add4c553e1e87f00fa6d5f3f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 15:01:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higos.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 05 Oct 2022 14:41:09 GMT
expires: Wed, 05 Oct 2022 16:41:09 GMT
cache-control: public, max-age=7200
age: 1222
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 60dea52abe2437132a0387ad8becc0ac
61e9fb41f1fc795ef7204b8948621d4dbc6d3052
ac998fb48810aeb183ec2d19cfd58b81f2243207add4c553e1e87f00fa6d5f3f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 15:01:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j98&a=903490509&t=pageview&_s=1&dl=https%3A%2F%2Fhigos.info%2Fhome_iro%2Fenterpassword.php&dp=%2F404.html%3Fpage%3D%2Fhome_iro%2Fenterpassword.php%26from%3D&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20-%20Toda%20la%20informaci%C3%B3n%20sobre%20Higos&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABCAAAACAAI~&jid=1694769969&gjid=1219290307&cid=706217328.1664982091&tid=UA-38131854-21&_gid=141740926.1664982091&_r=1&_slc=1&did=dNDMyYj&z=2026435525
142.250.74.174200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=903490509&t=pageview&_s=1&dl=https%3A%2F%2Fhigos.info%2Fhome_iro%2Fenterpassword.php&dp=%2F404.html%3Fpage%3D%2Fhome_iro%2Fenterpassword.php%26from%3D&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20-%20Toda%20la%20informaci%C3%B3n%20sobre%20Higos&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABCAAAACAAI~&jid=1694769969&gjid=1219290307&cid=706217328.1664982091&tid=UA-38131854-21&_gid=141740926.1664982091&_r=1&_slc=1&did=dNDMyYj&z=2026435525
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j98&a=903490509&t=pageview&_s=1&dl=https%3A%2F%2Fhigos.info%2Fhome_iro%2Fenterpassword.php&dp=%2F404.html%3Fpage%3D%2Fhome_iro%2Fenterpassword.php%26from%3D&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20-%20Toda%20la%20informaci%C3%B3n%20sobre%20Higos&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABCAAAACAAI~&jid=1694769969&gjid=1219290307&cid=706217328.1664982091&tid=UA-38131854-21&_gid=141740926.1664982091&_r=1&_slc=1&did=dNDMyYj&z=2026435525 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://higos.info
Connection: keep-alive
Referer: https://higos.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://higos.info
date: Wed, 05 Oct 2022 15:01:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
higos.info/home_iro/enterpassword.php
172.96.184.205404 Not Found 0 B URL HTTP/2 higos.info/home_iro/enterpassword.php
IP 172.96.184.205:0
Analyzer Verdict Alert fortinet Phishing
GET /home_iro/enterpassword.php HTTP/1.1
Host: higos.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
x-powered-by: PHP/5.6.40
set-cookie: PHPSESSID=tbmqkrhusaclobko0d2e6srkl2; path=/; secure
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://higos.info/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: 113_HTTP.404,113_404,113_URL.6cbf827797a720c909f8365dca386d1c,113_
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Wed, 05 Oct 2022 15:01:30 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway%3A400%2C500%2C700&ver=071120180241
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Raleway%3A400%2C500%2C700&ver=071120180241
IP 142.250.74.10:0
GET /css?family=Raleway%3A400%2C500%2C700&ver=071120180241 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higos.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 05 Oct 2022 15:01:31 GMT
date: Wed, 05 Oct 2022 15:01:31 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C700italic%2C800italic%2C400%2C800%2C700%2C600%2C300&subset=latin%2Clatin-ext&ver=5.5.10
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C700italic%2C800italic%2C400%2C800%2C700%2C600%2C300&subset=latin%2Clatin-ext&ver=5.5.10
IP 142.250.74.10:0
GET /css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C700italic%2C800italic%2C400%2C800%2C700%2C600%2C300&subset=latin%2Clatin-ext&ver=5.5.10 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higos.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 05 Oct 2022 15:01:31 GMT
date: Wed, 05 Oct 2022 15:01:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2