r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3902
Expires: Sun, 04 Dec 2022 23:43:05 GMT
Date: Sun, 04 Dec 2022 22:38:03 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2162
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:38:03 GMT
Last-Modified: Sun, 04 Dec 2022 22:02:01 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4421
Expires: Sun, 04 Dec 2022 23:51:44 GMT
Date: Sun, 04 Dec 2022 22:38:03 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 22:20:09 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1074
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nDGNjqzSP47A3vsOoa84vD2cBsu+bpzFevxx/VAciBfV8ziJcTDmdvQlbLojY56zn5G6eMC4G9w=
x-amz-request-id: KEV89HDX6VG07XD1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 21:47:43 GMT
age: 3020
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:38:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 22:11:19 GMT
cache-control: public,max-age=3600
age: 1604
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2154
Cache-Control: max-age=126282
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:38:03 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:42:45 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.161.230.192101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.230.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nbVml/293Nim0iuiuyrCzg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: m4zwdXjXohfdspf8z2Z304nBJqQ=
ksudesapemogan.com/
88.99.30.244301 Moved Permanently 0 B IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Dec 2022 22:38:03 GMT
Server: Apache/2
X-Powered-By: PHP/7.3.21
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://ksudesapemogan.com/
Vary: User-Agent
Content-Length: 0
Keep-Alive: timeout=2, max=100
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7d8fcacdfd8e99e59edb658b8971df55
6bef5f668c776d6d9cb4f590663042b6c2499c8b
4e7285d8ba586db2b30d36a69d910eaf7c46e3f866212d4b25732bbc257fc710
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4E7285D8BA586DB2B30D36A69D910EAF7C46E3F866212D4B25732BBC257FC710"
Last-Modified: Sun, 04 Dec 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21596
Expires: Mon, 05 Dec 2022 04:38:01 GMT
Date: Sun, 04 Dec 2022 22:38:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9134
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Sun, 04 Dec 2022 22:38:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9134
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Sun, 04 Dec 2022 22:38:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9134
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Sun, 04 Dec 2022 22:38:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9134
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Sun, 04 Dec 2022 22:38:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3130c86c084c4c925fb9179dfa5c145d
203f27660f3885d5c1bc68a535baef4e48ff6582
faf2c48c2286fe2149908947de9037640007d32e13694c1261f610250caf3f8f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6173
x-amzn-requestid: dc73ee0d-b1ec-407f-8e98-3ba264725ee3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqHqwIAMFwqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-56d74e8d45baa9e87136708f;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZjAfnCIfBIkjjk0E62TZ7bHsCTUhJk9Wm_wIyhnUNvhgXja5ELfC4g==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 2990
etag: "203f27660f3885d5c1bc68a535baef4e48ff6582"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33bab20-1689-4962-985e-15e304482bee.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33bab20-1689-4962-985e-15e304482bee.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 37b58bb09c00b591c2819c89e371d927
aa487f4a7767cb4591fe620592da65bde90c0aa2
9b7791d79d1e9702c23e63450d556e7f1f287f4d02788fc147822c1d90f64657
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33bab20-1689-4962-985e-15e304482bee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9825
x-amzn-requestid: 1ab366f4-78f2-4aaa-af7b-aa203c2d8234
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_1ZE23IAMFnhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1355-35c7b5bb6e4623e93900810c;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:38:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qJYTPoArDEx6lR34nZ3DPCAtuWr2lW5qybqaGAu1gSQVdfRq8zlhOg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:57:03 GMT
age: 2462
etag: "aa487f4a7767cb4591fe620592da65bde90c0aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a349d02cce160f72cc93f6fb6e45fa46
a6f82481ea0a820da0f199e8f9051a4aa4013c82
ab320118577a2dcb6ab7ad904d6350e187501a94b39b71fdd70b31cbc8853b24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6826
x-amzn-requestid: f0abdba6-14c8-4aae-ba3b-37ba0af2ff08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_t2FsLIAMFekA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1325-3452be066acddb554f528cc3;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GS4yLzXiIZt-eL9T7gjbf2-vMu8i30WKPDmc2EQDxv0CELjdW1gMVA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:46:51 GMT
age: 3074
etag: "a6f82481ea0a820da0f199e8f9051a4aa4013c82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8d76ec668361348eb17d54001fd2e6c6
534299a20a76ea6e3250f0fb35fe772cac04ef51
22676fae3909acf18e6cd4f505ec718fdac156990edb20926afdae2a359a2859
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5209
x-amzn-requestid: 682056d5-7815-4fd1-b05b-723619128d8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUXF5eoAMFRvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-6df5d866267739212832ee66;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pFKMx6_a5Ml_dBK1dafOt4KFMeC5SwUqNlNpc8sO4DVj0Ocb2Yksrw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:45:46 GMT
age: 67939
etag: "534299a20a76ea6e3250f0fb35fe772cac04ef51"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d72fb8d20c29763234c2817b119d11b
d4924ec714f5157bcb2fddcb5f768188a3dd37dc
e9aa59142e0673ed3f58b36beaca48213c678dbe4655f9c4b64581cb0f6f22f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12830
x-amzn-requestid: 66f5f2fa-8472-4484-bbea-20ece7e98b1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcsxGDyIAMFX4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e51-146167697890d9312ce3dbac;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2jx-M9MgKrJXU4yYsJzWqNXwruIGhFNWkD7GcPdqddnEzcNgFw2luw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:27:17 GMT
age: 69048
etag: "d4924ec714f5157bcb2fddcb5f768188a3dd37dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f60a6490f38a772dcd50a1132e98e1b
ff254a1df087d2c157d88a6ef04e395dc49efe5e
653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqFSjoAMFQ6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Og6pnDOmEW5oc9EtvKD8BtBojepI-ZSde8xxYGThfF6QNl-ZTQWqQQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:45:46 GMT
age: 3139
etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ksudesapemogan.com/
88.99.30.244200 OK 8.8 kB IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (9381), with CRLF, LF line terminators
Hash 527c6a6146c133dc3571a3ae86bd909e
171e0d5c9225c068edb57a71e798667d2c26d352
1bed1c7b4c5cdc33e4a6f6a9e2792b88e37b5223cbdb8bb11a4b20b47eb88e0f
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.3.21
link: <https://ksudesapemogan.com/wp-json/>; rel="https://api.w.org/", <https://ksudesapemogan.com/wp-json/wp/v2/pages/26>; rel="alternate"; type="application/json", <https://ksudesapemogan.com/>; rel=shortlink
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 8825
content-type: text/html; charset=UTF-8
date: Sun, 04 Dec 2022 22:38:05 GMT
server: Apache/2
X-Firefox-Spdy: h2
ksudesapemogan.com/wp-includes/css/classic-themes.min.css?ver=1
88.99.30.244200 OK 189 B URL HTTP/2 ksudesapemogan.com/wp-includes/css/classic-themes.min.css?ver=1
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 25 Oct 2022 23:15:16 GMT
etag: "d9-5ebe414b48900-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 189
content-type: text/css
date: Sun, 04 Dec 2022 22:38:06 GMT
server: Apache/2
X-Firefox-Spdy: h2
ksudesapemogan.com/wp-content/themes/onepress/assets/css/lightgallery.css?ver=6.1.1
88.99.30.244200 OK 4.0 kB URL HTTP/2 ksudesapemogan.com/wp-content/themes/onepress/assets/css/lightgallery.css?ver=6.1.1
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
Hash 8b34ed260343b1823bff90c2b807697e
d9bf7ccb448b4cebf03a0cdd8ca8de18c4264eb0
4425f3a7a528993a9402eecf3dbee469a433ff6ad944fee133fa4ba24b5f0e91
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/onepress/assets/css/lightgallery.css?ver=6.1.1 HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Nov 2022 12:32:39 GMT
etag: "5970-5edfa404317d8-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3962
content-type: text/css
date: Sun, 04 Dec 2022 22:38:06 GMT
server: Apache/2
X-Firefox-Spdy: h2
ksudesapemogan.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
88.99.30.244200 OK 4.2 kB URL HTTP/2 ksudesapemogan.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
etag: "2bd8-5b466b8f0b580-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4169
content-type: application/javascript
date: Sun, 04 Dec 2022 22:38:06 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:38:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ksudesapemogan.com/wp-content/themes/onepress/assets/css/animate.min.css?ver=2.3.3
88.99.30.244200 OK 3.9 kB URL HTTP/2 ksudesapemogan.com/wp-content/themes/onepress/assets/css/animate.min.css?ver=2.3.3
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (55156)
Hash da4dc279a79bad1094a8615f4041f954
9647ecdba9e12809dbe1a97a69f5a370f57df8ea
924ab5e4de3696651a854112d1eb9095f6e932c3cfbaca66fafa9a68a313d4fc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/onepress/assets/css/animate.min.css?ver=2.3.3 HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Nov 2022 12:32:39 GMT
etag: "d815-5edfa404313f0-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3868
content-type: text/css
date: Sun, 04 Dec 2022 22:38:06 GMT
server: Apache/2
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway%3A400%2C500%2C600%2C700%2C300%2C100%2C800%2C900%7COpen+Sans%3A400%2C300%2C300italic%2C400italic%2C600%2C600italic%2C700%2C700italic&subset=latin%2Clatin-ext&display=swap&ver=2.3.3
142.250.74.106200 OK 1.7 kB URL HTTP/2 fonts.googleapis.com/css?family=Raleway%3A400%2C500%2C600%2C700%2C300%2C100%2C800%2C900%7COpen+Sans%3A400%2C300%2C300italic%2C400italic%2C600%2C600italic%2C700%2C700italic&subset=latin%2Clatin-ext&display=swap&ver=2.3.3
IP 142.250.74.106:0
Hash 7efc3dda9de5a9363bed36cc72716c0d
821e663253c643c59f10fe2dac6282e66c1bca58
0155f9b947c6a84ef224d6179cabcce3bbbb44983ab5e1dac1b12ef28b4f63c5
GET /css?family=Raleway%3A400%2C500%2C600%2C700%2C300%2C100%2C800%2C900%7COpen+Sans%3A400%2C300%2C300italic%2C400italic%2C600%2C600italic%2C700%2C700italic&subset=latin%2Clatin-ext&display=swap&ver=2.3.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Dec 2022 22:38:06 GMT
date: Sun, 04 Dec 2022 22:38:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ksudesapemogan.com/wp-content/themes/onepress/style.css?ver=6.1.1
88.99.30.244200 OK 18 kB URL HTTP/2 ksudesapemogan.com/wp-content/themes/onepress/style.css?ver=6.1.1
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (429)
Hash 371a74a927e31a9ab8ddf8e4c4d90aa0
3bb162eff27d4d853144f59dbd3aa12b8a09c5b2
b5d5473f80d492efc5abb589694cac4150201a2d1afbebd77c396088b028fb6d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/onepress/style.css?ver=6.1.1 HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Nov 2022 12:32:40 GMT
etag: "19619-5edfa405261e9-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 17973
content-type: text/css
date: Sun, 04 Dec 2022 22:38:06 GMT
server: Apache/2
X-Firefox-Spdy: h2
ksudesapemogan.com/wp-content/themes/onepress/assets/css/font-awesome.min.css?ver=4.7.0
88.99.30.244200 OK 7.1 kB URL HTTP/2 ksudesapemogan.com/wp-content/themes/onepress/assets/css/font-awesome.min.css?ver=4.7.0
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (30857)
Hash d68c01b10f19ea19ea85c112fbeca567
204b5a2fcd344a9a27d189415c4683ee7b5baaef
5870597f726db0cf519906241c1a8f74d09bdbe9a16095acb9790f441538cad4
GET /wp-content/themes/onepress/assets/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Nov 2022 12:32:39 GMT
etag: "792c-5edfa404317d8-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7061
content-type: text/css
date: Sun, 04 Dec 2022 22:38:06 GMT
server: Apache/2
X-Firefox-Spdy: h2
ksudesapemogan.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
88.99.30.244200 OK 12 kB URL HTTP/2 ksudesapemogan.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (47826)
Hash 8fa87dd23394a22621248ec378d2af59
9305bc637a89b1700d7f56a19a80bd32b0feb2f7
c162f7de24fa2d4e93e0da254ef287ff72f4a3e03f42443265097968351388dc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 12 Nov 2022 01:26:46 GMT
etag: "172a9-5ed3be649c180-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 12518
content-type: text/css
date: Sun, 04 Dec 2022 22:38:06 GMT
server: Apache/2
X-Firefox-Spdy: h2
ksudesapemogan.com/wp-content/themes/onepress/assets/css/bootstrap.min.css?ver=2.3.3
88.99.30.244200 OK 19 kB URL HTTP/2 ksudesapemogan.com/wp-content/themes/onepress/assets/css/bootstrap.min.css?ver=2.3.3
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65317)
Hash 30a1ffea23dbe4547e4af60b40eed1b0
f29114d157eb1bd301b228bcc4549f1855a3ff9b
3672862f57adfafa64d2d773925692503d7d67c119c9a96c1105cfcf5151b39c
GET /wp-content/themes/onepress/assets/css/bootstrap.min.css?ver=2.3.3 HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Nov 2022 12:32:39 GMT
etag: "1f915-5edfa40430450-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 19169
content-type: text/css
date: Sun, 04 Dec 2022 22:38:06 GMT
server: Apache/2
X-Firefox-Spdy: h2
ksudesapemogan.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
88.99.30.244200 OK 31 kB URL HTTP/2 ksudesapemogan.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65447)
Hash 1b5264c989379b828aff60f65a518a24
98641237f14ccb33ac114f54329a33bd0aa17eb7
6c8e7b78c6dbc13426810c905572db7589cf3e00264e30ce797fddb0b1092237
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 19 Sep 2022 23:46:24 GMT
etag: "15e54-5e91051c27400-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 30995
content-type: application/javascript
date: Sun, 04 Dec 2022 22:38:06 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7c9e0bb25e8c28e8b10038806b0a7190
9fa6097aeb8eacde8ba7c9ab80a7a7d2405ae2bc
f4864000960be2f888ed7d2467f74130231fed6f56ad48ff15861f5769e95a58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:38:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ksudesapemogan.com/wp-content/uploads/2022/11/slide-ksu-02-1400x475-1.jpg
88.99.30.244200 OK 209 kB URL HTTP/2 ksudesapemogan.com/wp-content/uploads/2022/11/slide-ksu-02-1400x475-1.jpg
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1400x475, components 3\012- data
Size 209 kB (209431 bytes)
Hash f3482fdbdcf964152f240581dca63996
284ab5329b7f9884d583cb4ac7078f9633726b83
d8492a75ddb41e854e7a07e698acde7f690538a8ce1789ed8112b28323032f70
GET /wp-content/uploads/2022/11/slide-ksu-02-1400x475-1.jpg HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 25 Nov 2022 06:35:25 GMT
etag: "33217-5ee45ba0c3d7a"
accept-ranges: bytes
content-length: 209431
content-type: image/jpeg
date: Sun, 04 Dec 2022 22:38:06 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:38:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ksudesapemogan.com/wp-content/plugins/ml-slider/assets/sliders/flexslider/flexslider.css?ver=3.27.14
88.99.30.244200 OK 1.2 kB URL HTTP/2 ksudesapemogan.com/wp-content/plugins/ml-slider/assets/sliders/flexslider/flexslider.css?ver=3.27.14
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (3746)
Hash 7e7c479295621f2ad41b2ac4c0ba3689
67eb4f4b8c031036eaa9b530bf237326ac18d625
e4056513f67e01acda33699c8b7730d62e0df7385f6436ef78482ef31e2e4c02
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ml-slider/assets/sliders/flexslider/flexslider.css?ver=3.27.14 HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 25 Nov 2022 06:48:18 GMT
etag: "ea3-5ee45e81eb558-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1166
content-type: text/css
date: Sun, 04 Dec 2022 22:38:06 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:38:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ksudesapemogan.com/wp-content/plugins/ml-slider/assets/metaslider/public.css?ver=3.27.14
88.99.30.244200 OK 1.7 kB URL HTTP/2 ksudesapemogan.com/wp-content/plugins/ml-slider/assets/metaslider/public.css?ver=3.27.14
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
Hash 4d7281faea736f6d0c5aa236554a05d3
fe84854faed4438ae659e292cbc27b9b4cde6e3a
16bbc7c8e8ec044c1299b24f3505dab8819f164f7f4d0eacd48e18ebc1879c03
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ml-slider/assets/metaslider/public.css?ver=3.27.14 HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 25 Nov 2022 06:48:18 GMT
etag: "1a3e-5ee45e82072a8-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1711
content-type: text/css
date: Sun, 04 Dec 2022 22:38:06 GMT
server: Apache/2
X-Firefox-Spdy: h2
ksudesapemogan.com/wp-content/plugins/ml-slider/themes/bubble/v1.0.0/script.js?ver=1.0.0
88.99.30.244200 OK 231 B URL HTTP/2 ksudesapemogan.com/wp-content/plugins/ml-slider/themes/bubble/v1.0.0/script.js?ver=1.0.0
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
Hash f7211fd0a08f04210ae32717d441fbd9
f90b7d0d4b610537f4ff528d473c901a904d1ae9
208920f8f4b2f1fa6ea7938ae0a973404c1bdba86770ba66730741f31aba78e8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ml-slider/themes/bubble/v1.0.0/script.js?ver=1.0.0 HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 25 Nov 2022 06:48:14 GMT
etag: "168-5ee45e7e52ec7-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 231
content-type: application/javascript
date: Sun, 04 Dec 2022 22:38:06 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:38:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:38:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.35200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ksudesapemogan.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:41 GMT
expires: Tue, 28 Nov 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 531926
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
142.250.74.35200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ksudesapemogan.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 21:08:51 GMT
expires: Tue, 28 Nov 2023 21:08:51 GMT
cache-control: public, max-age=31536000
age: 523756
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ksudesapemogan.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
88.99.30.244200 OK 5.0 kB URL HTTP/2 ksudesapemogan.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (15660)
Hash e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Apr 2022 15:26:24 GMT
etag: "48b9-5dc76af02c800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5009
content-type: application/javascript
date: Sun, 04 Dec 2022 22:38:06 GMT
server: Apache/2
X-Firefox-Spdy: h2
ksudesapemogan.com/wp-content/plugins/ml-slider/themes/bubble/v1.0.0/style.min.css?ver=1.0.0
88.99.30.244200 OK 1.7 kB URL HTTP/2 ksudesapemogan.com/wp-content/plugins/ml-slider/themes/bubble/v1.0.0/style.min.css?ver=1.0.0
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (10689), with no line terminators
Hash 19857742f2d03305cddcb47c0e8ca0a0
f1e28c0d1581e1c75335d0df1d26a6f8a30d4da4
6ece172583d282a2d97856bd020268b8086eb84c2013cf9079c75f08363ea446
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ml-slider/themes/bubble/v1.0.0/style.min.css?ver=1.0.0 HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 25 Nov 2022 06:48:14 GMT
etag: "29c1-5ee45e7e53e67-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1655
content-type: text/css
date: Sun, 04 Dec 2022 22:38:06 GMT
server: Apache/2
X-Firefox-Spdy: h2
ksudesapemogan.com/wp-content/themes/onepress/assets/js/theme.js?ver=2.3.3
88.99.30.244200 OK 7.7 kB URL HTTP/2 ksudesapemogan.com/wp-content/themes/onepress/assets/js/theme.js?ver=2.3.3
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
Hash a783409230fdaa010d41765e8cdd6135
4a22647a9fb92804d142f9a48c1f154b100bcce1
b85315770bc77e614c0b21528fce5c6cec50afd5dcb3d6fc59c67326eca17300
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/onepress/assets/js/theme.js?ver=2.3.3 HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Nov 2022 12:32:39 GMT
etag: "6a09-5edfa4042dd40-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7721
content-type: application/javascript
date: Sun, 04 Dec 2022 22:38:06 GMT
server: Apache/2
X-Firefox-Spdy: h2
ksudesapemogan.com/wp-content/plugins/ml-slider/assets/sliders/flexslider/jquery.flexslider.min.js?ver=3.27.14
88.99.30.244200 OK 6.7 kB URL HTTP/2 ksudesapemogan.com/wp-content/plugins/ml-slider/assets/sliders/flexslider/jquery.flexslider.min.js?ver=3.27.14
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (23852)
Hash c385258cdf49c6f6b208a43b791f55d2
a04c2df00c2975a6ce35edcb8eb2fbb048a37d35
1142f3956e1f67f67a0da6741ea1449d24184e654f33e12cde26e7e85d02b450
GET /wp-content/plugins/ml-slider/assets/sliders/flexslider/jquery.flexslider.min.js?ver=3.27.14 HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 25 Nov 2022 06:48:18 GMT
etag: "5d2d-5ee45e81eb940-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6671
content-type: application/javascript
date: Sun, 04 Dec 2022 22:38:06 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:38:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ksudesapemogan.com/wp-content/uploads/2022/11/cover-depan01-300x201-1.jpg
88.99.30.244200 OK 16 kB URL HTTP/2 ksudesapemogan.com/wp-content/uploads/2022/11/cover-depan01-300x201-1.jpg
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x201, components 3\012- data
Hash 4f3af67e1f8fd3ddea39dc6201147d75
e809d58bde4579452398f3b505961771b84dc508
098124c8af07ceb18552d4cbed5117f3d2768e87c53283556395a00389c8c7c3
GET /wp-content/uploads/2022/11/cover-depan01-300x201-1.jpg HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 25 Nov 2022 06:35:12 GMT
etag: "3f90-5ee45b94d90f5"
accept-ranges: bytes
content-length: 16272
content-type: image/jpeg
date: Sun, 04 Dec 2022 22:38:06 GMT
server: Apache/2
X-Firefox-Spdy: h2
ksudesapemogan.com/wp-content/themes/onepress/assets/js/bootstrap.min.js?ver=2.3.3
88.99.30.244200 OK 12 kB URL HTTP/2 ksudesapemogan.com/wp-content/themes/onepress/assets/js/bootstrap.min.js?ver=2.3.3
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (32075)
Hash 391580ad8837cd713f71e810bbfb907f
6f2b1e9b2857152eca948d7ed85bab7c9cc79973
fa75c0fd247565aa605603cad34c33e38639ae222292be1d373d8751963381f3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/onepress/assets/js/bootstrap.min.js?ver=2.3.3 HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Nov 2022 12:32:39 GMT
etag: "b641-5edfa4042ece0-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 12034
content-type: application/javascript
date: Sun, 04 Dec 2022 22:38:06 GMT
server: Apache/2
X-Firefox-Spdy: h2
ksudesapemogan.com/wp-content/themes/onepress/assets/js/plugins.js?ver=2.3.3
88.99.30.244200 OK 27 kB URL HTTP/2 ksudesapemogan.com/wp-content/themes/onepress/assets/js/plugins.js?ver=2.3.3
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
File type HTML document, Unicode text, UTF-8 text, with very long lines (25010)
Hash 3de38374cd8eab5a399c59cb3a87ccc8
e0b9b2ad0f581eb69f104e8824b316f67ebeb629
522845597a5949a0023dd209fd4f75558364d4cb50a8fe7271f11a31af967694
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/onepress/assets/js/plugins.js?ver=2.3.3 HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Nov 2022 12:32:39 GMT
etag: "17a8c-5edfa4042cda0-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 27099
content-type: application/javascript
date: Sun, 04 Dec 2022 22:38:06 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d15775.159889276287!2d115.19963!3d-8.7114845!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x1e1ee9ebd3b51f25!2sKoperasi%20Serba%20Usaha%20Desa%20Pemogan!5e0!3m2!1sid!2sid!4v1669431408175!5m2!1sid!2sid
142.250.74.132200 OK 1.6 kB URL HTTP/2 www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d15775.159889276287!2d115.19963!3d-8.7114845!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x1e1ee9ebd3b51f25!2sKoperasi%20Serba%20Usaha%20Desa%20Pemogan!5e0!3m2!1sid!2sid!4v1669431408175!5m2!1sid!2sid
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3468)
Hash a56684c7787cf0f3769b48088c87baeb
68082ef68b351b264fc90cac6835057c0d1dd853
a7e9e9df76542d17ad3221495c1a9277fe4d62b6e9cfb418629a13e6b8270b6b
GET /maps/embed?pb=!1m14!1m8!1m3!1d15775.159889276287!2d115.19963!3d-8.7114845!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x1e1ee9ebd3b51f25!2sKoperasi%20Serba%20Usaha%20Desa%20Pemogan!5e0!3m2!1sid!2sid!4v1669431408175!5m2!1sid!2sid HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Sun, 04 Dec 2022 22:38:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-kLy5mdI6EJzrJBvQHVkK3w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1645
x-xss-protection: 0
server-timing: gfet4t7; dur=145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f54a71942ab5d7fdc54672cf84aa76db
e03db706ad371c93ddd3cc4a3e4c329777bb5f4b
87453ee6a206085c9b82594123a30bf59f7354733d19f21e388dea70768198c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:38:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.gstatic.com/maps-api-v3/embed/js/51/2/intl/id_ALL/init_embed.js
142.250.74.99200 OK 70 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/51/2/intl/id_ALL/init_embed.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (2669)
Hash 3da22c6336896a9091f6bd83b21158c9
792fc66c5690a2f9b28b0a518596e7e33d6cdc19
7ba4b0145b895a35f918d5589a2f6f48c61575d2f0add7fd3627f5dc58396167
GET /maps-api-v3/embed/js/51/2/intl/id_ALL/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 69524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 22:57:55 GMT
expires: Thu, 30 Nov 2023 22:57:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 22:32:00 GMT
content-type: text/javascript
age: 344412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ksudesapemogan.com/wp-content/uploads/2022/11/slide-ksu-03-1400x475-1.jpg
88.99.30.244200 OK 97 kB URL HTTP/2 ksudesapemogan.com/wp-content/uploads/2022/11/slide-ksu-03-1400x475-1.jpg
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1400x475, components 3\012- data
Hash 45439e5611ea41e31048b59dbe46ccf9
39a28fc372b0c4f19ad6017f26ac21c9bd54c3d4
0993b326bca2c5982c67865aafec89b447075a5909c413911fe736c26afa1a40
GET /wp-content/uploads/2022/11/slide-ksu-03-1400x475-1.jpg HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 25 Nov 2022 06:35:28 GMT
etag: "17b72-5ee45ba3b7f23"
accept-ranges: bytes
content-length: 97138
content-type: image/jpeg
date: Sun, 04 Dec 2022 22:38:06 GMT
server: Apache/2
X-Firefox-Spdy: h2
ksudesapemogan.com/wp-content/uploads/2022/11/slide-ksu-01-1400x475-1.jpg
88.99.30.244200 OK 123 kB URL HTTP/2 ksudesapemogan.com/wp-content/uploads/2022/11/slide-ksu-01-1400x475-1.jpg
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1400x475, components 3\012- data
Size 123 kB (123142 bytes)
Hash feeb7f73ea9f8007f9f13cfa2763db80
7fb38b56d31d80942f55848365e4d0b392f10882
4c378b4d0d8279090f54b69d3ce2a299d411ddb688b40a3571bae88802884bea
GET /wp-content/uploads/2022/11/slide-ksu-01-1400x475-1.jpg HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 25 Nov 2022 06:35:20 GMT
etag: "1e106-5ee45b9c9f8a0"
accept-ranges: bytes
content-length: 123142
content-type: image/jpeg
date: Sun, 04 Dec 2022 22:38:06 GMT
server: Apache/2
X-Firefox-Spdy: h2
ksudesapemogan.com/wp-content/uploads/2022/11/slide-kecak.jpg
88.99.30.244200 OK 154 kB URL HTTP/2 ksudesapemogan.com/wp-content/uploads/2022/11/slide-kecak.jpg
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1400x475, components 3\012- data
Size 154 kB (153586 bytes)
Hash bfdcfe25f4f6cff78c168155b07b87f2
61f36fa4b6f217bc18173f1ed2ef919497dd0c70
685c144ab9080fc4b42a4d3dcaa7b7d5bc9f049a7be7140f90bb457ead70b5b7
GET /wp-content/uploads/2022/11/slide-kecak.jpg HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 25 Nov 2022 06:55:29 GMT
etag: "257f2-5ee4601d4641a"
accept-ranges: bytes
content-length: 153586
content-type: image/jpeg
date: Sun, 04 Dec 2022 22:38:06 GMT
server: Apache/2
X-Firefox-Spdy: h2
ksudesapemogan.com/wp-content/uploads/2022/11/cropped-logo.jpg
88.99.30.244200 OK 13 kB URL HTTP/2 ksudesapemogan.com/wp-content/uploads/2022/11/cropped-logo.jpg
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 329x85, components 3\012- data
Hash 665a0a7fee445336e5a75a489e183661
9c29c6cd05a8bb4faca020ef39d34d940bb0e540
e2c70041821ae9279335d2d330b4650800b3e68eb34ce091316bc91325328011
GET /wp-content/uploads/2022/11/cropped-logo.jpg HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 25 Nov 2022 06:45:15 GMT
etag: "340e-5ee45dd4418e0"
accept-ranges: bytes
content-length: 13326
content-type: image/jpeg
date: Sun, 04 Dec 2022 22:38:07 GMT
server: Apache/2
X-Firefox-Spdy: h2
ksudesapemogan.com/wp-content/uploads/2022/11/cover-depan02-300x245-1.jpg
88.99.30.244200 OK 20 kB URL HTTP/2 ksudesapemogan.com/wp-content/uploads/2022/11/cover-depan02-300x245-1.jpg
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x245, components 3\012- data
Hash 0d0df1a9cad7dc2cdf5523e73cc65376
72d11b19627b48020ec0464177f1bbe6d09ce5ca
90052192d5bfe920f9d943383455fc62a433bab98bcf128b0ac70983bec141fd
GET /wp-content/uploads/2022/11/cover-depan02-300x245-1.jpg HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 25 Nov 2022 06:35:14 GMT
etag: "4f8d-5ee45b971f55e"
accept-ranges: bytes
content-length: 20365
content-type: image/jpeg
date: Sun, 04 Dec 2022 22:38:07 GMT
server: Apache/2
X-Firefox-Spdy: h2
ksudesapemogan.com/wp-content/themes/onepress/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
88.99.30.244200 OK 77 kB URL HTTP/2 ksudesapemogan.com/wp-content/themes/onepress/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/onepress/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ksudesapemogan.com/wp-content/themes/onepress/assets/css/font-awesome.min.css?ver=4.7.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Nov 2022 12:32:40 GMT
etag: "12d68-5edfa4051e4e9"
accept-ranges: bytes
content-length: 77160
vary: Accept-Encoding,User-Agent
date: Sun, 04 Dec 2022 22:38:07 GMT
server: Apache/2
X-Firefox-Spdy: h2
ksudesapemogan.com/wp-content/plugins/ml-slider/themes/bubble/v1.0.0/images/arrow-right.png
88.99.30.244200 OK 1.5 kB URL HTTP/2 ksudesapemogan.com/wp-content/plugins/ml-slider/themes/bubble/v1.0.0/images/arrow-right.png
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 23 x 38, 8-bit/color RGBA, non-interlaced\012- data
Hash 1e2129a2c494b38736e0ceced9cf8670
0cacb007e0de606e6a30ebf8aa801c081b07ad1b
e060d2552f40e99ad96957f7e4cc703a26fdc6f6846a79c61ec5a72a0a63fd00
GET /wp-content/plugins/ml-slider/themes/bubble/v1.0.0/images/arrow-right.png HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/wp-content/plugins/ml-slider/themes/bubble/v1.0.0/style.min.css?ver=1.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 25 Nov 2022 06:48:14 GMT
etag: "5f2-5ee45e7e53a7f"
accept-ranges: bytes
content-length: 1522
content-type: image/png
date: Sun, 04 Dec 2022 22:38:07 GMT
server: Apache/2
X-Firefox-Spdy: h2
ksudesapemogan.com/wp-content/plugins/ml-slider/themes/bubble/v1.0.0/images/arrow-left.png
88.99.30.244200 OK 1.5 kB URL HTTP/2 ksudesapemogan.com/wp-content/plugins/ml-slider/themes/bubble/v1.0.0/images/arrow-left.png
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 23 x 38, 8-bit/color RGBA, non-interlaced\012- data
Hash a7b0fe9f7097aff4a65a2521f6f70c36
52a2aaf9a6cd8ee2e668662959105581d29af6c8
57472f4859650850932c8632daeb6b20483affb63fd8e86f65ba7462347891fe
GET /wp-content/plugins/ml-slider/themes/bubble/v1.0.0/images/arrow-left.png HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/wp-content/plugins/ml-slider/themes/bubble/v1.0.0/style.min.css?ver=1.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 25 Nov 2022 06:48:14 GMT
etag: "5f2-5ee45e7e53697"
accept-ranges: bytes
content-length: 1522
content-type: image/png
date: Sun, 04 Dec 2022 22:38:07 GMT
server: Apache/2
X-Firefox-Spdy: h2
ksudesapemogan.com/wp-content/plugins/ml-slider/assets/sliders/flexslider/fonts/flexslider-icon.woff
88.99.30.244200 OK 1.3 kB URL HTTP/2 ksudesapemogan.com/wp-content/plugins/ml-slider/assets/sliders/flexslider/fonts/flexslider-icon.woff
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format, TrueType, length 1268, version 1.0\012- data
Hash f8b92f66539473eea649c8514eb836a0
9876bce2a7b39125bd7a406c445e46e704d7b37e
333fe8266952f16c8b686f3edd78293da28e6eaef314dca86bc4eeaa23f290e8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ml-slider/assets/sliders/flexslider/fonts/flexslider-icon.woff HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ksudesapemogan.com/wp-content/plugins/ml-slider/assets/sliders/flexslider/flexslider.css?ver=3.27.14
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 25 Nov 2022 06:48:18 GMT
etag: "4f4-5ee45e81ec4f8"
accept-ranges: bytes
content-length: 1268
vary: Accept-Encoding,User-Agent
content-type: application/x-font-woff
date: Sun, 04 Dec 2022 22:38:07 GMT
server: Apache/2
X-Firefox-Spdy: h2
ksudesapemogan.com/wp-content/uploads/2022/11/cropped-favicon-32x32.jpg
88.99.30.244200 OK 1.2 kB URL HTTP/2 ksudesapemogan.com/wp-content/uploads/2022/11/cropped-favicon-32x32.jpg
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 32x32, components 3\012- data
Hash 91feb4f59c43e98ac52cc84551101a93
cc426c6d41df98b7dbd5618a564e2ded70f98295
e790276dc92197e7ffe9cb19e9257d476b3b6f557c1ff993be7c1632b12efa9c
GET /wp-content/uploads/2022/11/cropped-favicon-32x32.jpg HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 25 Nov 2022 06:45:29 GMT
etag: "4cd-5ee45de1a605d"
accept-ranges: bytes
content-length: 1229
content-type: image/jpeg
date: Sun, 04 Dec 2022 22:38:07 GMT
server: Apache/2
X-Firefox-Spdy: h2
ksudesapemogan.com/wp-content/uploads/2022/11/cropped-favicon-192x192.jpg
88.99.30.244200 OK 14 kB URL HTTP/2 ksudesapemogan.com/wp-content/uploads/2022/11/cropped-favicon-192x192.jpg
IP 88.99.30.244:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 192x192, components 3\012- data
Hash aece31fce67689ba21a36a064cc7c167
7371ed21d875a18a677e8bcfded0f2afa1b87009
8df12bfc1c8662f957f4f4aea9469aacc9c7966b0e095216798c05510cdd72b2
GET /wp-content/uploads/2022/11/cropped-favicon-192x192.jpg HTTP/1.1
Host: ksudesapemogan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksudesapemogan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 25 Nov 2022 06:45:29 GMT
etag: "34e8-5ee45de19e35d"
accept-ranges: bytes
content-length: 13544
content-type: image/jpeg
date: Sun, 04 Dec 2022 22:38:07 GMT
server: Apache/2
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:56 GMT
expires: Thu, 30 Nov 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 356652
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type gzip compressed data, max compression\012- data
Hash 3d41aac6d02feb1fde7283494b19108a
fe3ffb2ab31753daea33fb55bf4b4ace0a6061e7
53c33db0ad6ee509db0ac63ac17d1a529fa2e24686e9212cab7566ade6c98505
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 356654
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2