r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1e997bec759570aa0db03e31bf013cc2
948fd8263ab0b40f75eaf9495f76a7f39f39d5f9
853f97990fe10ccb34066b1e73e93dac45794f42fb745b266b6a46b9e26d52e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "853F97990FE10CCB34066B1E73E93DAC45794F42FB745B266B6A46B9E26D52E9"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12951
Expires: Fri, 28 Oct 2022 19:20:57 GMT
Date: Fri, 28 Oct 2022 15:45:06 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 922281894182eba1fc67c2d8678e3238
e169209341b09bf4f14ebb3fc7c07b03f2121bf1
37516083f7655af68d7e426efca6f9f3709a80318ac7bb8cc492c183916141b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4883
Cache-Control: max-age=155244
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 15:45:06 GMT
Etag: "635ba15b-1d7"
Expires: Sun, 30 Oct 2022 10:52:30 GMT
Last-Modified: Fri, 28 Oct 2022 09:31:07 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 42d84e61e6aa4d3cce623adccfafc3e2
0dba69e98be53c153a6726ff934b2d55feb20d75
2f53662c68c9ea7be85837310861c8007fd039e5e4d8eb8f0d8948d5d1571a03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2F53662C68C9EA7BE85837310861C8007FD039E5E4D8EB8F0D8948D5D1571A03"
Last-Modified: Thu, 27 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14791
Expires: Fri, 28 Oct 2022 19:51:37 GMT
Date: Fri, 28 Oct 2022 15:45:06 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 1BrYNfWvM+SdTvtmqrkakRE+wpiu2h8YBNSqHT7p40GOSq03BRfG2XHetNte/SlFWNsLarz4jjkIGNVQJhWEew==
x-amz-request-id: G6D4EVGTGR055KYG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 28 Oct 2022 15:10:18 GMT
age: 2088
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
joseaguirremusic.com/uio/qakbot.zip
144.217.96.200301 Moved Permanently 0 B URL HTTP/1.1 joseaguirremusic.com/uio/qakbot.zip
IP 144.217.96.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uio/qakbot.zip HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 28 Oct 2022 15:45:07 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
x-powered-by: PHP/7.4.32
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://joseaguirremusic.com/uio/qakbot.zip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash eb7632b873752997354903f79cc11510
5417b21481fc9a7de52d9f2ae8107665be25d74b
071c79b3cf9758b758e02f353fd06424846fee87f2f5018e79be498a4d3659c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "071C79B3CF9758B758E02F353FD06424846FEE87F2F5018E79BE498A4D3659C3"
Last-Modified: Thu, 27 Oct 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21587
Expires: Fri, 28 Oct 2022 21:44:54 GMT
Date: Fri, 28 Oct 2022 15:45:07 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6b7c0ce49b8ebb90707ec439581bc979
1affe02f362f59f8acaaa2cc16185fc2942a82cf
99057099a66b378f0825443f175ad6f84a9f69c0abb8f8db546eb348de4facb4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3684
Cache-Control: max-age=148985
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 15:45:07 GMT
Etag: "635b8d98-1d7"
Expires: Sun, 30 Oct 2022 09:08:12 GMT
Last-Modified: Fri, 28 Oct 2022 08:06:48 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.88.220.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.220.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: I+LxaD4TKLwJ8INJaCoiuQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Hc8rtp5Nx5f/Suqnr2XjIG1g6SE=
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ebf576a8883ec7320a5abfe95c1d2abb
11da08de468be30e4cf71bdfa66b0f6d32516476
6366a880d911a4445e2cd2d935836583f84ac79385961c3d9c747484ba373e1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 15:45:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ebf576a8883ec7320a5abfe95c1d2abb
11da08de468be30e4cf71bdfa66b0f6d32516476
6366a880d911a4445e2cd2d935836583f84ac79385961c3d9c747484ba373e1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 15:45:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 30c5107c8f49f7471978d43d30847010
9f5c74e117f8cd972c5ca0983bc4023910601113
1c4451ea36f959819a5d50296603c2352c380ff89bf8812db857df6b8ac7bf69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 15:45:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
joseaguirremusic.com/wp-content/themes/astra/assets/css/minified/style.min.css?ver=3.6.9
144.217.96.200200 OK 11 kB URL HTTP/2 joseaguirremusic.com/wp-content/themes/astra/assets/css/minified/style.min.css?ver=3.6.9
IP 144.217.96.200:0
File type ASCII text, with very long lines (63086), with CRLF line terminators
Hash f054954c1e8a2d6d33bd145a39d91cb1
adf8848cc7cfdb1a8034c81f50462b4c8c56555d
5af29debed266950322abdaae59c5c821231608dfbfbfa6e9319fd876ae8ae59
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/astra/assets/css/minified/style.min.css?ver=3.6.9 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: text/css
content-length: 11139
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 07 Sep 2021 23:17:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-includes/css/dist/block-library/style.min.css?ver=2ef077a36af8dfdfdcd6e630a3a039b4
144.217.96.200200 OK 11 kB URL HTTP/2 joseaguirremusic.com/wp-includes/css/dist/block-library/style.min.css?ver=2ef077a36af8dfdfdcd6e630a3a039b4
IP 144.217.96.200:0
File type ASCII text, with very long lines (43771)
Hash d45207ee05c1f0c57dfa075e61405ccd
a8d35143a2d828a739ea0fdde75f97d33621e7ec
a9a4adbbcee31ec277f1bdd573eef97dc4341f29f2db3b5685a02dfe4d2fe9bb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=2ef077a36af8dfdfdcd6e630a3a039b4 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: text/css
content-length: 10946
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Fri, 19 Aug 2022 23:51:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/uio/qakbot.zip
144.217.96.200404 Not Found 25 kB URL HTTP/2 joseaguirremusic.com/uio/qakbot.zip
IP 144.217.96.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (27664), with CRLF, LF line terminators
Hash 7668da2896a163a1871d91bf0a2a15c8
fda391568ae90c19b9522e0040c53a5fbeb985b7
3fec3cf859650056c2654a007a89d9e9a555cc90339f2c803c1e97c840ca9197
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uio/qakbot.zip HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
server: nginx
date: Fri, 28 Oct 2022 15:45:07 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.32
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://joseaguirremusic.com/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-156280049-6
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-156280049-6
IP 142.250.74.168:0
File type ASCII text, with very long lines (1588)
Hash e4432ce868b0811452c1defda7b3bf67
104db6ba44e021c2a3713948f127855ae68c988e
03b2ebd45ddf0b00746eb1a7e424258d9962dcda1ac83b630bd97b4b75279d3c
GET /gtag/js?id=UA-156280049-6 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 28 Oct 2022 15:45:08 GMT
expires: Fri, 28 Oct 2022 15:45:08 GMT
cache-control: private, max-age=900
last-modified: Fri, 28 Oct 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43631
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css?ver=2.5.9
144.217.96.200200 OK 2.7 kB URL HTTP/2 joseaguirremusic.com/wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css?ver=2.5.9
IP 144.217.96.200:0
File type ASCII text, with very long lines (17381)
Hash 8e41c939e2ad1b9c38425a0467a6fa0c
d5161fa976cd90bfd7b62c6d944901ba00ad12c4
0d2cefe7b60fb36fa6c4a5df4d95019d834bfdabfb15ba0c8901ab3e5a5e8629
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css?ver=2.5.9 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: text/css
content-length: 2651
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 31 Aug 2021 02:55:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.12.0
144.217.96.200200 OK 3.4 kB URL HTTP/2 joseaguirremusic.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.12.0
IP 144.217.96.200:0
File type ASCII text, with very long lines (17633)
Hash 80f0e0e19feab011140c8ba9b08fc4ed
16aff641c49d27e541036cf59f7f58735e7ec992
97c3ccfcb1af7ff7f86d92d893b619054863f322b5687187f1366c6356bfc9d8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.12.0 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: text/css
content-length: 3386
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 14 Sep 2021 02:13:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ebf576a8883ec7320a5abfe95c1d2abb
11da08de468be30e4cf71bdfa66b0f6d32516476
6366a880d911a4445e2cd2d935836583f84ac79385961c3d9c747484ba373e1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 15:45:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 30c5107c8f49f7471978d43d30847010
9f5c74e117f8cd972c5ca0983bc4023910601113
1c4451ea36f959819a5d50296603c2352c380ff89bf8812db857df6b8ac7bf69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 15:45:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
joseaguirremusic.com/wp-content/plugins/jet-elements/assets/css/jet-elements.css?ver=2.5.9
144.217.96.200200 OK 21 kB URL HTTP/2 joseaguirremusic.com/wp-content/plugins/jet-elements/assets/css/jet-elements.css?ver=2.5.9
IP 144.217.96.200:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5caa77f63591ce2ef4ad7ddbcb04aa58
dc735359b3caedf0637910c2918a25d2e22b9d0f
b77167b7167af9d5dc7288c489db7df29bab9f150453eed7d492d9ea76ce456f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/jet-elements/assets/css/jet-elements.css?ver=2.5.9 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: text/css
content-length: 21082
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 31 Aug 2021 02:55:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.4.4
144.217.96.200200 OK 445 B URL HTTP/2 joseaguirremusic.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.4.4
IP 144.217.96.200:0
File type ASCII text, with very long lines (3815)
Hash 29eb5e0c72e5b3bfb4bebd2e33f27899
be61d9787178388ba514565a1a656070462d9c99
2a0b41793d0bbdb12e19f7db5e79c2ddad0897a024a5dd33b23fc2827d4ea953
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.4.4 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: text/css
content-length: 445
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 14 Sep 2021 02:13:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.4.4
144.217.96.200200 OK 16 kB URL HTTP/2 joseaguirremusic.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.4.4
IP 144.217.96.200:0
File type ASCII text, with very long lines (65497)
Hash ecb45c1be858c8711e2b8d54279e37a9
59242c2fa00bbaab6340de6054f5cd10f86fa6e0
f7c35e23e09a863f07a2616c86c194a4c8f053201b7403ff5c41466e2f2096bd
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.4.4 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: text/css
content-length: 16492
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 14 Sep 2021 02:13:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.4.1
144.217.96.200200 OK 27 kB URL HTTP/2 joseaguirremusic.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.4.1
IP 144.217.96.200:0
File type ASCII text, with very long lines (65493)
Hash 4982e24d8f9ba42c19924706b0f779c6
e080eb9ab3a29e363d45dbb1e35196a6b44b961a
bea5fd9fc68a9ba8546a2d80776ae4a6546fd4ca5f7679a8c8cfa5085f7be219
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.4.1 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: text/css
content-length: 26597
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 07 Sep 2021 22:43:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/uploads/elementor/css/post-8.css?ver=1631585816
144.217.96.200200 OK 313 B URL HTTP/2 joseaguirremusic.com/wp-content/uploads/elementor/css/post-8.css?ver=1631585816
IP 144.217.96.200:0
File type ASCII text, with very long lines (1021), with no line terminators
Hash 79412e65efcd2461753c70ab7835257a
027efffeb7b2364b9864af0ee2c6fa4db117f1f5
96c2775406e130c8aa9bf8b2b0f1fc50b81948f75da1f0adbc8107fb90bc6e88
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-8.css?ver=1631585816 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: text/css
content-length: 313
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 14 Sep 2021 02:16:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/uploads/elementor/css/post-7.css?ver=1631585816
144.217.96.200200 OK 884 B URL HTTP/2 joseaguirremusic.com/wp-content/uploads/elementor/css/post-7.css?ver=1631585816
IP 144.217.96.200:0
File type ASCII text, with very long lines (3218)
Hash 20e344efa6fbfb2e7d50589f9d9652a4
8a88104b3f229b3945f624bf3b95f41e1f5f51a7
830ceb24a7859f463dec1b1f2cbe44a3c851f9d3347f62b7b5ef35eef4bc3f1d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-7.css?ver=1631585816 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: text/css
content-length: 884
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 14 Sep 2021 02:16:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
144.217.96.200200 OK 286 B URL HTTP/2 joseaguirremusic.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 144.217.96.200:0
File type ASCII text, with very long lines (483)
Hash 8828fa3c5bdcfa66615714a2b8c9d807
4f556d0b005ac7754af607418df445f8cf98e8b1
16950dcce60bc3ee2613b60439c99e7ed74d10245f59fe6f68346b7e72dd95e7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: text/css
content-length: 286
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 14 Sep 2021 02:13:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/uploads/elementor/css/post-55.css?ver=1666824840
144.217.96.200200 OK 1.2 kB URL HTTP/2 joseaguirremusic.com/wp-content/uploads/elementor/css/post-55.css?ver=1666824840
IP 144.217.96.200:0
File type ASCII text, with very long lines (6505)
Hash 56aa935e45d2ca706b7e7fe9a8fc5e2a
63e41308ead19f2ba3e0822f53d238769c5fcea4
c34313cd25c18cc718e1eb3f13fecd773680587e45835814d41e7d74ea704276
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-55.css?ver=1666824840 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: text/css
content-length: 1249
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Wed, 26 Oct 2022 22:54:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
144.217.96.200200 OK 283 B URL HTTP/2 joseaguirremusic.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
IP 144.217.96.200:0
File type ASCII text, with very long lines (491)
Hash 453a93dc816be89f942ebb253ff199fb
01563d6019803e3ff2a94c5397e7e771ee6f440d
36beebcd3778e04c8973faa581d07c7e7dc0bac2a77f637379e7d110383ab5d7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: text/css
content-length: 283
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 14 Sep 2021 02:13:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
144.217.96.200200 OK 284 B URL HTTP/2 joseaguirremusic.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
IP 144.217.96.200:0
File type ASCII text, with very long lines (489)
Hash dc279c928e2924b07a4a7575f8070ee8
0196756cacdb61ef40483af7ea982b699b0933de
80b6d9e3f0304f4199350c6015fd96084646c2a0121332bcb5a46d3956b7df5c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: text/css
content-length: 284
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 14 Sep 2021 02:13:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/uploads/custom-css-js/224.css?v=9633
144.217.96.200200 OK 277 B URL HTTP/2 joseaguirremusic.com/wp-content/uploads/custom-css-js/224.css?v=9633
IP 144.217.96.200:0
File type ASCII text, with CRLF, LF line terminators
Hash dd725eb80561038ff2ff474a2d75d31c
8a05a718126f06eba2e9ebd35b7f5d91d213b4f5
575160a6052341932f5c33ea452344dd3d542e0b24cb6768bec9275b6d190b66
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/custom-css-js/224.css?v=9633 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: text/css
content-length: 277
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Fri, 17 Jul 2020 00:50:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/themes/joweb-child/style.css?ver=2.0
144.217.96.200200 OK 307 B URL HTTP/2 joseaguirremusic.com/wp-content/themes/joweb-child/style.css?ver=2.0
IP 144.217.96.200:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 40e5a72f13881ad97ddaa6f0568580fb
75dbe16db1cd9272e06e0a4d24fb3d52ed31003d
55a9bce23f5d5b8b8b9bd751034dc6c095ec6a23dab49eed4e992b6ecfa3013f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/joweb-child/style.css?ver=2.0 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: text/css
content-length: 307
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Thu, 21 May 2020 01:10:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
144.217.96.200200 OK 4.0 kB URL HTTP/2 joseaguirremusic.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 144.217.96.200:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: application/javascript
content-length: 3995
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 31 Aug 2021 01:57:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
144.217.96.200200 OK 30 kB URL HTTP/2 joseaguirremusic.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 144.217.96.200:0
File type ASCII text, with very long lines (65447)
Hash 34f918ada1fe4f01c5a4b90065bbc37a
a731f6ce2d413805e39ae45994012b1bd5ea1e2b
eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: application/javascript
content-length: 30273
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 31 Aug 2021 01:57:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/plugins/connect-polylang-elementor/assets/css/plsfe-frontend.min.css?ver=1.0.6
144.217.96.200200 OK 479 B URL HTTP/2 joseaguirremusic.com/wp-content/plugins/connect-polylang-elementor/assets/css/plsfe-frontend.min.css?ver=1.0.6
IP 144.217.96.200:0
File type ASCII text, with very long lines (4453), with no line terminators
Hash 5e0ef05570b95601dd0ac8f02a6ced4e
4b0b3b8fc389c75900e64a38baec7effceba88a3
1dcc2648a1533fab3c6f133b34d30ebd07f4fdbcdcbcfdf68476e0fb605f94af
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/connect-polylang-elementor/assets/css/plsfe-frontend.min.css?ver=1.0.6 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: text/css
content-length: 479
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 31 Aug 2021 02:56:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/plugins/flying-pages/flying-pages.min.js?ver=2.4.6
144.217.96.200200 OK 869 B URL HTTP/2 joseaguirremusic.com/wp-content/plugins/flying-pages/flying-pages.min.js?ver=2.4.6
IP 144.217.96.200:0
File type ASCII text, with very long lines (2476)
Hash b755879e9e32e4e54cd4f66afcd8fcc9
53e3a34e4a237e6914730d65e8207638597249d5
a192e21fa6986951f8fdd1ff30abcf3311ba3d8f80512e5332a446222b92d380
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/flying-pages/flying-pages.min.js?ver=2.4.6 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: application/javascript
content-length: 869
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Fri, 19 Aug 2022 23:59:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.4.4
144.217.96.200200 OK 2.4 kB URL HTTP/2 joseaguirremusic.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.4.4
IP 144.217.96.200:0
File type ASCII text, with very long lines (10019)
Hash d2db71c82a8f672aea59a3e050cd8cd7
af626566f94b3164e4310288cfb142431e8349a6
bcd2c9c2ba22a48a8fabf9fbe5e947deb6404367e4be24f48326e302aead1180
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.4.4 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: text/css
content-length: 2442
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 14 Sep 2021 02:13:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/themes/astra/assets/js/minified/style.min.js?ver=3.6.9
144.217.96.200200 OK 2.5 kB URL HTTP/2 joseaguirremusic.com/wp-content/themes/astra/assets/js/minified/style.min.js?ver=3.6.9
IP 144.217.96.200:0
File type ASCII text, with very long lines (10404), with no line terminators
Hash 02655274855c5c2c0dcab194d8f16206
6f0fc3b6e87815f72db9f41b15e269cb619eeaa6
ca3f36ac09104079b34eeccc2c3439988231c1395a8ba314b330e8081eee92d0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/astra/assets/js/minified/style.min.js?ver=3.6.9 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: application/javascript
content-length: 2534
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 07 Sep 2021 23:17:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/uploads/astra-addon/astra-addon-6137f33790aa48-89739682.js?ver=3.5.9
144.217.96.200200 OK 1.6 kB URL HTTP/2 joseaguirremusic.com/wp-content/uploads/astra-addon/astra-addon-6137f33790aa48-89739682.js?ver=3.5.9
IP 144.217.96.200:0
File type ASCII text, with very long lines (6163), with no line terminators
Hash 8b50946a68901ef26d61b40c7a103f4e
87c090fa7a3cbe7c32d0fd8f6c828247d85299fe
aed8b98ab4b5440828ef4ac900e826b9e4ee68e2906ff47df547d0df6da2a965
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/astra-addon/astra-addon-6137f33790aa48-89739682.js?ver=3.5.9 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: application/javascript
content-length: 1580
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 07 Sep 2021 23:18:15 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/plugins/polylang/flags/us.png
144.217.96.200200 OK 350 B URL HTTP/2 joseaguirremusic.com/wp-content/plugins/polylang/flags/us.png
IP 144.217.96.200:0
File type PNG image data, 16 x 11, 8-bit colormap, non-interlaced\012- data
Hash d090a14ba53d52439ad53c855e731246
8330526cdcb51bfaf1b5c196c00e4efeb5785eb1
7bdc4fd1b52f88617553782da88299fc8551f6921d5a30c5a29b96cb8b4c3eae
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/polylang/flags/us.png HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: image/png
content-length: 350
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 31 Aug 2021 02:56:00 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.4.1
144.217.96.200200 OK 2.0 kB URL HTTP/2 joseaguirremusic.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.4.1
IP 144.217.96.200:0
File type ASCII text, with very long lines (4659)
Hash 51c5c16dff1e5a0a926bdc5ecfb8fb43
b6c587be05dd6ccb0f68c59a45fe07f3ce863a06
351583d61d0832c782254e8f117d12d39460e3451c4885afbbc488fa283348d0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.4.1 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: application/javascript
content-length: 2012
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 07 Sep 2021 22:43:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
144.217.96.200200 OK 3.3 kB URL HTTP/2 joseaguirremusic.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
IP 144.217.96.200:0
File type ASCII text, with very long lines (10725)
Hash 8c5a95ea30259ea6dc50f9f1357dc31a
be1fd6dc96f6ba018bbfa49a058390700ead5bf0
914c938c132cd311967ed71676397704bf8d95abf2c51c79937f43be35030a70
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: application/javascript
content-length: 3331
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 14 Sep 2021 02:13:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
144.217.96.200200 OK 12 kB URL HTTP/2 joseaguirremusic.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 144.217.96.200:0
File type ASCII text, with very long lines (57726)
Hash f463afd8661ddc733305df1f0cbdaff2
77262f0209e75e340eb7014aba9cd8d69966032f
c4b6541be58a0ca61549cd4562850315077880c459c019f01e835cf2d7b764de
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: text/css
content-length: 12133
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 14 Sep 2021 02:13:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.4.4
144.217.96.200200 OK 4.4 kB URL HTTP/2 joseaguirremusic.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.4.4
IP 144.217.96.200:0
File type ASCII text, with very long lines (13963)
Hash 57d16fd8f8ebfdee4e4f86c9240ba0d0
669ef732d2b54c44449a3b23e8172db7a84faa96
7ef0c20d5e55cd922188cdec6ceea896ee0684c7fc2241da7079776eebfac8b4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.4.4 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: application/javascript
content-length: 4371
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 14 Sep 2021 02:13:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.4.1
144.217.96.200200 OK 1.8 kB URL HTTP/2 joseaguirremusic.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.4.1
IP 144.217.96.200:0
File type ASCII text, with very long lines (6595), with no line terminators
Hash bc7ad49bba8c6fece75cf20e318bde6d
329866570ac3995fb33f1f6b55e6ea3d3c85d25b
479c4099528678e6689805bc618a02c300d62a0f5b41800672c57fb1a458a50e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.4.1 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: application/javascript
content-length: 1767
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 07 Sep 2021 22:43:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.4.4
144.217.96.200200 OK 1.0 kB URL HTTP/2 joseaguirremusic.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.4.4
IP 144.217.96.200:0
File type ASCII text, with very long lines (2577)
Hash f5c8273175207966436fe071db580974
643680fc9a1703cb3bc469bfbb3dbcbf6425e38a
8b0897055f6baa5de94adb95e824af4afd1dced496711c905c8b7c09738aa4de
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.4.4 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: application/javascript
content-length: 1023
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 14 Sep 2021 02:13:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.4.4
144.217.96.200200 OK 2.0 kB URL HTTP/2 joseaguirremusic.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.4.4
IP 144.217.96.200:0
File type ASCII text, with very long lines (4840)
Hash 18d061de369b43424ef28e8a2a76cb38
d2deccbb4e39263cf0b44cb499f8d018f547e4e0
f47db7751a6e26459276d6182cb1efe00b22d92cf50b60ef59aa25b956f37e02
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.4.4 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: application/javascript
content-length: 2011
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 14 Sep 2021 02:13:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
144.217.96.200200 OK 2.9 kB URL HTTP/2 joseaguirremusic.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 144.217.96.200:0
File type ASCII text, with very long lines (12198), with no line terminators
Hash 869caa171b68cbec9fee5abbfb944ee8
f237e485e41f88b77384cfdb880f9d5a8f46eac8
25c2896e2790fb0e52f6b6ba1ce97bd87eb40463b4bb65ba16ad434c1d7a36dc
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: application/javascript
content-length: 2867
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 14 Sep 2021 02:13:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.4.4
144.217.96.200200 OK 10 kB URL HTTP/2 joseaguirremusic.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.4.4
IP 144.217.96.200:0
File type ASCII text, with very long lines (36518)
Hash a57746321a4afd04fe19aa299c1a49b7
875a1277028105b13bd7403f32aaba5b2142c677
63a60494a6e05de4037f64ed2e1014e77eeaa6d54d3d2565a7161eda8bc8eb36
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.4.4 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: application/javascript
content-length: 10286
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 14 Sep 2021 02:13:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.4.1
144.217.96.200200 OK 26 kB URL HTTP/2 joseaguirremusic.com/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.4.1
IP 144.217.96.200:0
File type ASCII text, with very long lines (65493)
Hash 2919202fff6749e71cff193ebf9b0bcf
34b744fc152dfa583a8a204bdbad5cd354c18fe5
8e8d8c295b36d7620ec2d57d2a9e224efd856c1474096e2eaa5b78860ee1a436
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.4.1 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: application/javascript
content-length: 26178
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 07 Sep 2021 22:43:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/plugins/jet-elements/assets/js/jet-elements.min.js?ver=2.5.9
144.217.96.200200 OK 20 kB URL HTTP/2 joseaguirremusic.com/wp-content/plugins/jet-elements/assets/js/jet-elements.min.js?ver=2.5.9
IP 144.217.96.200:0
File type ASCII text, with very long lines (65092), with no line terminators
Hash 87eafa070f982ae166fa38a9b64627c1
e350e8d308e59cbb80518ccb77434b44a112dc80
1544a7133ada6363edccabf137fdd04448bb0858807a81dce4c62908813ad12f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/jet-elements/assets/js/jet-elements.min.js?ver=2.5.9 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: application/javascript
content-length: 20359
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 31 Aug 2021 02:55:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.4.4
144.217.96.200200 OK 8.7 kB URL HTTP/2 joseaguirremusic.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.4.4
IP 144.217.96.200:0
File type ASCII text, with very long lines (32055)
Hash 3f18888d57ef439d09668e7e28568255
cb733135a7aee691314f4d6024b34a21e5f9cba8
b3c383898db5bd79c6943719243380ba139dec70436ed3b3fa35adcfb4518dab
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.4.4 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: application/javascript
content-length: 8711
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 14 Sep 2021 02:13:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-includes/js/wp-emoji-release.min.js?ver=2ef077a36af8dfdfdcd6e630a3a039b4
144.217.96.200200 OK 4.6 kB URL HTTP/2 joseaguirremusic.com/wp-includes/js/wp-emoji-release.min.js?ver=2ef077a36af8dfdfdcd6e630a3a039b4
IP 144.217.96.200:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=2ef077a36af8dfdfdcd6e630a3a039b4 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: application/javascript
content-length: 4619
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Fri, 19 Aug 2022 23:52:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
144.217.96.200200 OK 6.6 kB URL HTTP/2 joseaguirremusic.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 144.217.96.200:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 139a41f01d192d239e7dce15ca307983
62a3e7c0c77209832dc649bc5583e5e0b4918bf5
d796462a5d212cd93b315b43dafb6e77dbe1c3aa567964dc40c1ab0e2c28f405
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: application/javascript
content-length: 6637
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Fri, 19 Aug 2022 23:52:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
144.217.96.200200 OK 34 kB URL HTTP/2 joseaguirremusic.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP 144.217.96.200:0
File type ASCII text, with very long lines (65280)
Hash 83a90323ac82b98062b4b2c8ac8c5051
d7d376677e3546b756b4fec6219be72b85c4f8f5
7fd68e9ea0ebd35958da46d7373113d1a3646a671217cf2cf471c65c3d710613
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: application/javascript
content-length: 34004
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 14 Sep 2021 02:13:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
144.217.96.200200 OK 6.9 kB URL HTTP/2 joseaguirremusic.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
IP 144.217.96.200:0
File type ASCII text, with very long lines (25115)
Hash e8d8c6e4997a420abc51e5fa8c1caa8b
39ae930f057de725cff8549eed82f31f8d0816c1
730b8265b47a7f9bf014b64fb5c27f9f1cff1051dbf53e60ceb3cc16def732cc
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: application/javascript
content-length: 6935
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 07 Sep 2021 22:43:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
joseaguirremusic.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.4.1
144.217.96.200200 OK 5.1 kB URL HTTP/2 joseaguirremusic.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.4.1
IP 144.217.96.200:0
File type ASCII text, with very long lines (19857)
Hash 0d666fe2be352b2aec89ff0365355457
5f36f1815ed1b1d75d5e672f34520f4fcf7234b7
53ae46ab018391173b6845c991d5dfaeefbb1caef9231661e6ba661b2fd66097
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.4.1 HTTP/1.1
Host: joseaguirremusic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/uio/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 15:45:08 GMT
content-type: application/javascript
content-length: 5118
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 15:45:08 GMT
last-modified: Tue, 07 Sep 2021 22:43:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e63a6e99afc26edeaa6e0ec14ea98868
6909f81a74cb2479794f87397c2c9f7bbe759721
af5090a668f3b5293473c111761ca086d6e77a40cd9b5022d669327736034a4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 15:45:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e63a6e99afc26edeaa6e0ec14ea98868
6909f81a74cb2479794f87397c2c9f7bbe759721
af5090a668f3b5293473c111761ca086d6e77a40cd9b5022d669327736034a4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 15:45:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://joseaguirremusic.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Oct 2022 16:40:18 GMT
expires: Fri, 27 Oct 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 83090
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e63a6e99afc26edeaa6e0ec14ea98868
6909f81a74cb2479794f87397c2c9f7bbe759721
af5090a668f3b5293473c111761ca086d6e77a40cd9b5022d669327736034a4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 15:45:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 262ee317a7d41424cef3f541f6e538d3
1c298c901f93a95e99bdc63259f415ab84a13783
c263ddf8d0a398b0b7e11f7efa9cb901bf877d939f388eb6089a236bbbdc2be4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C263DDF8D0A398B0B7E11F7EFA9CB901BF877D939F388EB6089A236BBBDC2BE4"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2723
Expires: Fri, 28 Oct 2022 16:30:32 GMT
Date: Fri, 28 Oct 2022 15:45:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 262ee317a7d41424cef3f541f6e538d3
1c298c901f93a95e99bdc63259f415ab84a13783
c263ddf8d0a398b0b7e11f7efa9cb901bf877d939f388eb6089a236bbbdc2be4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C263DDF8D0A398B0B7E11F7EFA9CB901BF877D939F388EB6089A236BBBDC2BE4"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2723
Expires: Fri, 28 Oct 2022 16:30:32 GMT
Date: Fri, 28 Oct 2022 15:45:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 262ee317a7d41424cef3f541f6e538d3
1c298c901f93a95e99bdc63259f415ab84a13783
c263ddf8d0a398b0b7e11f7efa9cb901bf877d939f388eb6089a236bbbdc2be4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C263DDF8D0A398B0B7E11F7EFA9CB901BF877D939F388EB6089A236BBBDC2BE4"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2723
Expires: Fri, 28 Oct 2022 16:30:32 GMT
Date: Fri, 28 Oct 2022 15:45:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 262ee317a7d41424cef3f541f6e538d3
1c298c901f93a95e99bdc63259f415ab84a13783
c263ddf8d0a398b0b7e11f7efa9cb901bf877d939f388eb6089a236bbbdc2be4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C263DDF8D0A398B0B7E11F7EFA9CB901BF877D939F388EB6089A236BBBDC2BE4"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2723
Expires: Fri, 28 Oct 2022 16:30:32 GMT
Date: Fri, 28 Oct 2022 15:45:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b6e2a26-e87a-4329-8df1-ba2276a57eba.webp
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b6e2a26-e87a-4329-8df1-ba2276a57eba.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13bafc15fa2fe97e27115e17bce8b22f
9d0fc7b50cbb96a3e85ccb501ed1d60a39a164d3
734419d9f9c28185501c25db3e0df01f2dc901a1a87bcdd066028392c8c82cf5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b6e2a26-e87a-4329-8df1-ba2276a57eba.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14602
x-amzn-requestid: f3e186c6-4734-4c1b-a432-aa799a12ed4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: arv9yGaMoAMFZ4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635af9f1-05c8bdc2153acd8915e04826;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 21:36:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -LtByCyKdn883A5CbwMzP1WXAsdL1X8sDa8qyRWuDmYGUNS-u9xTJA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 22:28:50 GMT
age: 62179
etag: "9d0fc7b50cbb96a3e85ccb501ed1d60a39a164d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4510a3cc-dfbb-45ed-b8d6-9bb45a47cad9.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4510a3cc-dfbb-45ed-b8d6-9bb45a47cad9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 64dc32b98b1b728bf4324c6ddb8bfc21
88e5606d51d034ff9865bfd363c6a1721ccc9904
ea02af9d94c82fee1fa1f1086c6241fa4995ed4d2389fa5d5258d920c18cdb51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4510a3cc-dfbb-45ed-b8d6-9bb45a47cad9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11395
x-amzn-requestid: 74d92b9c-c8c2-43d3-b084-4a0503a2ce2c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: arxL5H2mIAMFfFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635afbe5-396fc42b1c1365791d6889bf;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 21:45:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4ZkIg3rnrulTnmOI3xoz0pnx5rjM8SyOXHof9LkbtfNKUWPc6Yo1FA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 22:25:49 GMT
age: 62360
etag: "88e5606d51d034ff9865bfd363c6a1721ccc9904"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92343b1e-4025-42d0-b907-d6a162cd1d33.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92343b1e-4025-42d0-b907-d6a162cd1d33.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 01e61cd2e01a587b5adb8c5eaf3c7768
44e406cc47c723ad73aa36f22d24d6ef46c481b6
980d91fcd2493b85c4285bfad0102309afe2f65a4b39cca06ab71801be146d7c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92343b1e-4025-42d0-b907-d6a162cd1d33.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5271
x-amzn-requestid: 1fbe226c-b232-4d58-bf3c-fdcd635cae9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: arw1rFHHoAMFWhg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635afb57-09d6264c4001434303a50531;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 21:42:47 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ls6vh54DEJ_FN1Y0hCCjp2rXofgLT0CYALsne_-GDl2JpUZetYfHZA==
via: 1.1 1002c05e647d0804e83147cdd205d14a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 22:45:49 GMT
age: 61160
etag: "44e406cc47c723ad73aa36f22d24d6ef46c481b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91ee720c15dc69de45080d0c951353af
5292b31a99d90bcb7071f327b93d52034bdf9dcb
7fbe9f0f6db08fd539f2e8d4ac22e3b4d5ca14f7cde69f8424cce8b361d026e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4524
x-amzn-requestid: a493efe7-11c7-4032-b36b-7f838f8180bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aljicH_6IAMFqpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63587fa9-0f15eae7680ea7b15e5e47ec;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 00:30:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: X2yIbylXM6iNJmvNHN8m0S70NeEPPCDafwWHfZto550QwEWKOAdl-A==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 00:46:12 GMT
age: 53937
etag: "5292b31a99d90bcb7071f327b93d52034bdf9dcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c17e2f3-4edf-44ae-9b49-0a83b2498309.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c17e2f3-4edf-44ae-9b49-0a83b2498309.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ec53913f994b99340024aa1958102a2
8a2e935e59efbe8a6b4f4fad1ef0b87241731dec
7a17e72f6767e8d129ce43ec41aa535827fbc90b085898f5a764166c7600b48b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c17e2f3-4edf-44ae-9b49-0a83b2498309.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10330
x-amzn-requestid: d1306110-4c96-44f6-86c9-542354fb5f26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: arw3DHedoAMFegg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635afb60-236067d573debd7b248a3579;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 21:42:56 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FEgc1gYGoQvntxdOiUoXrDNK6irThtVu-E1iztiw5Zry4zyLE3V9eQ==
via: 1.1 a4479a6315f90864adc6175b280f8f44.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 22:02:13 GMT
age: 63776
etag: "8a2e935e59efbe8a6b4f4fad1ef0b87241731dec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a3beb47-d762-472b-9658-8a33fd7da5b8.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a3beb47-d762-472b-9658-8a33fd7da5b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 67ab2d52efde23610013edaacf8ba485
16580f7f378eede68f6f8c5361f942d6a33b862e
35ef1400e311bc04c5e48d5e9e80060a377c6a8570cc2e76ca2e25f6395f80cb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a3beb47-d762-472b-9658-8a33fd7da5b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14637
x-amzn-requestid: d2b22c2f-a677-4d97-aa1e-98e93c988c7f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aV_IjEibIAMF_DQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63524569-746ac9cf1df9428b60e84817;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 07:08:25 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5-u7YiYuiCnVhe-UeDWcQzxKeTuYH07SxlNfwz8atV9ZCF8ecCrP0g==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 09:21:23 GMT
age: 23026
etag: "16580f7f378eede68f6f8c5361f942d6a33b862e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 28 Oct 2022 14:41:09 GMT
expires: Fri, 28 Oct 2022 16:41:09 GMT
cache-control: public, max-age=7200
age: 3840
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=886711618&t=pageview&_s=1&dl=https%3A%2F%2Fjoseaguirremusic.com%2Fuio%2Fqakbot.zip&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20no%20encontrada%20-%20Jos%C3%A9%20Aguirre&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YGBACUABBAAAACAAI~&jid=353130481&gjid=2121391325&cid=309549885.1666971908&tid=UA-156280049-6&_gid=1938437126.1666971908&_r=1>m=2ouaq0&did=dZTNiMT&gdid=dZTNiMT&z=256441830
142.250.74.174200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=886711618&t=pageview&_s=1&dl=https%3A%2F%2Fjoseaguirremusic.com%2Fuio%2Fqakbot.zip&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20no%20encontrada%20-%20Jos%C3%A9%20Aguirre&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YGBACUABBAAAACAAI~&jid=353130481&gjid=2121391325&cid=309549885.1666971908&tid=UA-156280049-6&_gid=1938437126.1666971908&_r=1>m=2ouaq0&did=dZTNiMT&gdid=dZTNiMT&z=256441830
IP 142.250.74.174:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&aip=1&a=886711618&t=pageview&_s=1&dl=https%3A%2F%2Fjoseaguirremusic.com%2Fuio%2Fqakbot.zip&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20no%20encontrada%20-%20Jos%C3%A9%20Aguirre&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YGBACUABBAAAACAAI~&jid=353130481&gjid=2121391325&cid=309549885.1666971908&tid=UA-156280049-6&_gid=1938437126.1666971908&_r=1>m=2ouaq0&did=dZTNiMT&gdid=dZTNiMT&z=256441830 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://joseaguirremusic.com
Connection: keep-alive
Referer: https://joseaguirremusic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://joseaguirremusic.com
date: Fri, 28 Oct 2022 15:45:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=2ef077a36af8dfdfdcd6e630a3a039b4
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=2ef077a36af8dfdfdcd6e630a3a039b4
IP 142.250.74.10:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=2ef077a36af8dfdfdcd6e630a3a039b4 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 28 Oct 2022 15:45:08 GMT
date: Fri, 28 Oct 2022 15:45:08 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat%3A400%2C%2C700&display=fallback&ver=3.6.9
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat%3A400%2C%2C700&display=fallback&ver=3.6.9
IP 142.250.74.10:0
GET /css?family=Montserrat%3A400%2C%2C700&display=fallback&ver=3.6.9 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://joseaguirremusic.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 28 Oct 2022 15:45:08 GMT
date: Fri, 28 Oct 2022 15:45:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2