r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8286265a56e3e10efd41b41618a54071
5f10ac9a050e15f5598674dc7ee3865b325d01a8
2da2fa0b2b86ccc4029d0baa4e9c5b21a6433228b84b451b72b1d318561d4ef2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2DA2FA0B2B86CCC4029D0BAA4E9C5B21A6433228B84B451B72B1D318561D4EF2"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17980
Expires: Sun, 06 Nov 2022 02:48:35 GMT
Date: Sat, 05 Nov 2022 21:48:55 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72c64df35304c35cd95e4ed6e101e795
a39287987854d644a8da295da536fb31de8b44c1
a9bf0da57e0f108b376781ede4b9762ae1b0d088910d26fb7be98c2d03e69092
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2818
Cache-Control: max-age=131347
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 21:48:55 GMT
Etag: "63662d58-1d7"
Expires: Mon, 07 Nov 2022 10:18:02 GMT
Last-Modified: Sat, 05 Nov 2022 09:31:04 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72c64df35304c35cd95e4ed6e101e795
a39287987854d644a8da295da536fb31de8b44c1
a9bf0da57e0f108b376781ede4b9762ae1b0d088910d26fb7be98c2d03e69092
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2641
Cache-Control: max-age=131170
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 21:48:55 GMT
Etag: "63662d58-1d7"
Expires: Mon, 07 Nov 2022 10:15:05 GMT
Last-Modified: Sat, 05 Nov 2022 09:31:04 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 078950c3ba9ad01927f3da494b1d1de4
443c8a8247e4e3e04c14d21e0227fc4e8f396142
dd5dd09fec51669adf36b3014bbf65d7bff608f72018d037f9ed9b414675037c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD5DD09FEC51669ADF36B3014BBF65D7BFF608F72018D037F9ED9B414675037C"
Last-Modified: Fri, 04 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17916
Expires: Sun, 06 Nov 2022 02:47:31 GMT
Date: Sat, 05 Nov 2022 21:48:55 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +4ljfPJyV/FGnSOYtjAW5tw3bSm4CLiGfxhne5nhOR19K8deOOmPemm5IPwOkBFsQ6i9ZcLwKl0=
x-amz-request-id: XSZ2F3PPY9AWP2K6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 05 Nov 2022 21:10:11 GMT
age: 2324
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 21:48:55 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ex-olive.com/
210.140.73.39301 Moved Permanently 232 B IP 210.140.73.39:0
ASN #4694 IDC Frontier Inc.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e7fb4c6e21680b4e520b65d9097cbba1
2640824294209f0b81a7ec1ac77da98b364f7e12
8b4285d861caf78cf098f899ea1cb4eaf5f548e450db12a7aef987bd82b496aa
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: ex-olive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 05 Nov 2022 21:48:56 GMT
Server: Apache
Location: http://www.ex-olive.com/
Content-Length: 232
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash db63d54b77502dd6c7bdc792d4fd093e
026ad8186833988279468829c004c6e2a2f2626f
eff89ef67baa622e8a196ffcadc44d29aafff009bb531da3e979a1f47c3b1c36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4100
Cache-Control: max-age=127571
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 21:48:56 GMT
Etag: "63661997-1d7"
Expires: Mon, 07 Nov 2022 09:15:07 GMT
Last-Modified: Sat, 05 Nov 2022 08:06:47 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.86.38.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.86.38.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iZjotGVdavpa/vqbkCatUg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wgyEC267jKSAkq0jMKNEqn2wGVk=
www.ex-olive.com/
210.140.73.39301 Moved Permanently 193 B IP 210.140.73.39:0
ASN #4694 IDC Frontier Inc.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 187dd1c056245b7634493483c6dbab3b
0c8481b92b4ede16d600db73fe249b7e185700ae
c04959225d246d8d88f59531a1f4f135914271cf806ae3638fd0ea193832c062
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.ex-olive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 05 Nov 2022 21:48:57 GMT
Server: Apache
Location: https://www.ex-olive.com/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 193
Content-Type: text/html; charset=iso-8859-1
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18758
Expires: Sun, 06 Nov 2022 03:01:35 GMT
Date: Sat, 05 Nov 2022 21:48:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18758
Expires: Sun, 06 Nov 2022 03:01:35 GMT
Date: Sat, 05 Nov 2022 21:48:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18758
Expires: Sun, 06 Nov 2022 03:01:35 GMT
Date: Sat, 05 Nov 2022 21:48:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18758
Expires: Sun, 06 Nov 2022 03:01:35 GMT
Date: Sat, 05 Nov 2022 21:48:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca6c7517d7015fbc35fa290c1c2d6afd
594e5a82ce82fb4cd76548b6d2d6b4cc419b7e4c
a746b36be50209915a0e5657abd219aab382eee4b7556142aa1316daf3a9f5a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: f2e39db1-fb8a-4a9b-8a1d-ee08000ddeb6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC1VyFHuIAMF5Eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636435be-7a03ef677f8dbd680f72de90;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:42:22 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: I6mALhsUwtQqMP_p_HxFaiCyfRDTtVzPIJjeDrKSEq7Tc_d5EcNw3Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 21:52:32 GMT
age: 86185
etag: "594e5a82ce82fb4cd76548b6d2d6b4cc419b7e4c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb94b0737-3952-4bbe-b940-e1f79fb95cbe.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb94b0737-3952-4bbe-b940-e1f79fb95cbe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eaf06d0fb99703abfd57b962eb21ce96
ce73b0ad22139bec863ed990e3d3af4bdc3df288
a226250245611193be882c92f2d9920cb6ceeb12823b48c0b9c8fa2aba1c8c0d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb94b0737-3952-4bbe-b940-e1f79fb95cbe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6909
x-amzn-requestid: 7c500c29-f514-491c-b2fe-a732a546925f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: awWpEEYHoAMFWdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635cd16d-6d9c4c5c41f4fcd16cabda59;Sampled=0
x-amzn-remapped-date: Sat, 29 Oct 2022 07:08:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lOCFTDiIxZDBzypATpujFz2hjWPabqjokrpq1-5An86y5lZLG5xHxQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 07:40:21 GMT
age: 50916
etag: "ce73b0ad22139bec863ed990e3d3af4bdc3df288"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255683f8-a0b6-411a-a41e-4d042746780e.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255683f8-a0b6-411a-a41e-4d042746780e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c7c9c908e891e7277f21a914fea9aa25
596c3c084ae3d850a5dc28e549b4e22f2b8cc71f
709c217b3ac09712d2af4366316c8977b1a4e2a73f887b3e30f10df1ed50bacd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255683f8-a0b6-411a-a41e-4d042746780e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9150
x-amzn-requestid: 7c179507-20a7-4fa3-993b-f79b3e7949ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apwiGHD_IAMFQZw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635a2e0d-337623ce79dc53c864632c72;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 07:06:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CKSa8_W-V5Rf8od3FFPgvBmlfXcqaYotYT5u6Gm8UvmXECcAzfAGoA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 14:36:54 GMT
age: 25923
etag: "596c3c084ae3d850a5dc28e549b4e22f2b8cc71f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F311de4fa-2622-4405-a8aa-ba6253adca1e.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F311de4fa-2622-4405-a8aa-ba6253adca1e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3f58211ba5351479df022215cd16ecd2
f54589d1eb5771befaef24a6299a6719c4353e97
8feccd5bce6e772e178ccdd2a1d084407d65bb82474d943b01efc0d5b660bdec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F311de4fa-2622-4405-a8aa-ba6253adca1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4812
x-amzn-requestid: e2bfc209-f109-4c05-a7ad-52b5bd138610
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a2ZK9HBWoAMFqPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635f3bdf-6ac70df57b5a16d66e16dcdd;Sampled=0
x-amzn-remapped-date: Mon, 31 Oct 2022 03:07:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KI7lYyLdzGvaKGQoblTwc15JiuoSh3uVi_B_JBCSMg_BaTrhlLHl5A==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 08:27:01 GMT
age: 48116
etag: "f54589d1eb5771befaef24a6299a6719c4353e97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3fDf4aoep5tTAusisXhIdAf0A6SbpM5fYtYaiXtNSb0-VRJo5nu8Vg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 06:27:59 GMT
age: 55258
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28a5f5ce-bd81-4e56-bd1b-460e13379581.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28a5f5ce-bd81-4e56-bd1b-460e13379581.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a3b1551512640bb8f5e7deb80c32272
75805b9f03aef14cfad025259936ae5f217d25ca
5baa90853202e78cf9b59e9ab597e16ccfbf143d7e124583e64dc1ad1ee2c2df
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28a5f5ce-bd81-4e56-bd1b-460e13379581.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7783
x-amzn-requestid: ab7cc6ee-976d-41a4-b5da-0aefd5cb6246
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bEJnzH15oAMFlwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364bc98-68f910b60bd5ecaf2947c59a;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 07:17:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JnvKcym5f71Ra_ZHzkTXnU7Fa3D5zBFK9JFKXA_A3G98jN9r3Jikyw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 08:24:07 GMT
age: 48290
etag: "75805b9f03aef14cfad025259936ae5f217d25ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dv.g4.ocsp.pubcert.jprs.jp/
113.52.156.18200 OK 1.6 kB URL HTTP/1.1 dv.g4.ocsp.pubcert.jprs.jp/
IP 113.52.156.18:0
ASN #10006 SECOM Trust Systems Co.,Ltd.
Hash 9890e8bc70c21b50b0f56d0e5aad31fe
bc56ff4bc4c22a59ef743607885ebd09578e632b
516d25af80d976550fd7a187f672fc03a66eb86e72d0a57cb5e031703920c478
POST / HTTP/1.1
Host: dv.g4.ocsp.pubcert.jprs.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 21:48:57 GMT
Server: Apache
Cache-Control: max-age=86400
Content-Type: application/ocsp-response
Expires: Wed, 09 Nov 2022 09:54:07 GMT
Last-Modified: Sat, 05 Nov 2022 09:54:07 GMT
ETag: "9890e8bc70c21b50b0f56d0e5aad31fe"
X-Powered-By: ASP.NET
Content-Length: 1561
Connection: close
dv.g4.ocsp.pubcert.jprs.jp/
113.52.156.18200 OK 1.6 kB URL HTTP/1.1 dv.g4.ocsp.pubcert.jprs.jp/
IP 113.52.156.18:0
ASN #10006 SECOM Trust Systems Co.,Ltd.
Hash 9890e8bc70c21b50b0f56d0e5aad31fe
bc56ff4bc4c22a59ef743607885ebd09578e632b
516d25af80d976550fd7a187f672fc03a66eb86e72d0a57cb5e031703920c478
POST / HTTP/1.1
Host: dv.g4.ocsp.pubcert.jprs.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 21:48:57 GMT
Server: Apache
Cache-Control: max-age=86400
Content-Type: application/ocsp-response
Expires: Wed, 09 Nov 2022 09:54:07 GMT
Last-Modified: Sat, 05 Nov 2022 09:54:07 GMT
ETag: "9890e8bc70c21b50b0f56d0e5aad31fe"
X-Powered-By: ASP.NET
Content-Length: 1561
Connection: close
www.ex-olive.com/
210.140.73.39200 OK 11 kB IP 210.140.73.39:0
ASN #4694 IDC Frontier Inc.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1316), with CRLF, LF line terminators
Hash 32154d943fdfdba25158f4be032a97bc
63132a4caf6a2db432aca001286ffc39cfc056d0
4abb43f35ccc60ddd49404a868876d3d3165e4c61ffee5e3709ec0873e23c749
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.ex-olive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 21:48:59 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 10925
Connection: keep-alive
Vary: ORG_REMOTE_ADDR,Host,Accept-Encoding
Link: <https://www.ex-olive.com/wp-json/>; rel="https://api.w.org/", <https://www.ex-olive.com/>; rel=shortlink
Content-Encoding: gzip
www.ex-olive.com/wp-content/plugins/biz-calendar/biz-cal.css?ver=2.1.0
210.140.73.39200 OK 649 B URL HTTP/1.1 www.ex-olive.com/wp-content/plugins/biz-calendar/biz-cal.css?ver=2.1.0
IP 210.140.73.39:0
ASN #4694 IDC Frontier Inc.
Hash 3cbedfcd9563ccc1eb670f67fec5fffc
f7f46a0ad7f6531866f9c8f5509d18d18cbdd0bd
991afcd72ee06ebdd98277f222cbe049c8c9d0722fd32804852cf219e1c7d429
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/biz-calendar/biz-cal.css?ver=2.1.0 HTTP/1.1
Host: www.ex-olive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ex-olive.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 21:49:00 GMT
Content-Type: text/css
Content-Length: 649
Connection: keep-alive
Vary: ORG_REMOTE_ADDR,Host,Accept-Encoding
Last-Modified: Fri, 15 Jun 2018 01:21:59 GMT
ETag: "10e46bb-7a7-56ea40ad55bc0"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Mon, 05 Dec 2022 21:49:00 GMT
Content-Encoding: gzip
www.ex-olive.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.4.2
210.140.73.39200 OK 469 B URL HTTP/1.1 www.ex-olive.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.4.2
IP 210.140.73.39:0
ASN #4694 IDC Frontier Inc.
Hash 664c130d1d31bfd00cc96c59c5de7680
9d0e9fd2df3e1074b8db3026b58fef7311a872d4
9dbee38530e8416e1d9033d95558777e16c1206ac1a6142df357a62a659d8fad
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.4.2 HTTP/1.1
Host: www.ex-olive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ex-olive.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 21:49:00 GMT
Content-Type: text/css
Content-Length: 469
Connection: keep-alive
Vary: ORG_REMOTE_ADDR,Host,Accept-Encoding
Last-Modified: Tue, 10 May 2016 04:31:00 GMT
ETag: "10e2525-44b-53275645e0900"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Mon, 05 Dec 2022 21:49:00 GMT
Content-Encoding: gzip
d.line-scdn.net/r/web/social-plugin/js/thirdparty/loader.min.js
23.38.201.100200 OK 1.6 kB URL HTTP/2 d.line-scdn.net/r/web/social-plugin/js/thirdparty/loader.min.js
IP 23.38.201.100:0
File type ASCII text, with very long lines (4730), with no line terminators
Hash 6ca5861dd247b41429ca943bbe2abc4c
17dfbc93696d0d6e1417e9574598deb8b58c62ac
59b9c01979c2f8e64c01f95534f59759e5df6b0d943bd7d1172c1e943b19ec40
GET /r/web/social-plugin/js/thirdparty/loader.min.js HTTP/1.1
Host: d.line-scdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ex-olive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: VOS
content-type: application/javascript
accept-ranges: bytes
last-modified: Mon, 25 Apr 2022 03:07:56 GMT
x-rgw-object-type: Normal
etag: "8e50c4d0b7f2c69fe4b07b078876770b"
x-amz-meta-s3cmd-attrs: md5:8e50c4d0b7f2c69fe4b07b078876770b
x-amz-storage-class: STANDARD
x-amz-request-id: tx000000000000043f87610-006266f963-f4bef5d-jp2
strict-transport-security: max-age=15768000
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=333624
expires: Wed, 09 Nov 2022 18:29:24 GMT
date: Sat, 05 Nov 2022 21:49:00 GMT
content-length: 1558
X-Firefox-Spdy: h2
www.ex-olive.com/wp-content/themes/ex-olive.com/assets/js/main.js?
210.140.73.39200 OK 3.5 kB URL HTTP/1.1 www.ex-olive.com/wp-content/themes/ex-olive.com/assets/js/main.js?
IP 210.140.73.39:0
ASN #4694 IDC Frontier Inc.
Hash d2392b13f3f3ad0347a00e9cb714808f
3232a42ecd00cecb1cd2176a054bf0bb702ebf74
6e3b75b86be330d3312c157ee72c32b547de528d9e662f6cdf641aace48c9629
GET /wp-content/themes/ex-olive.com/assets/js/main.js? HTTP/1.1
Host: www.ex-olive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ex-olive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 21:49:00 GMT
Content-Type: application/javascript
Content-Length: 3487
Connection: keep-alive
Vary: ORG_REMOTE_ADDR,Host,Accept-Encoding
Last-Modified: Mon, 02 Oct 2017 08:12:34 GMT
ETag: "11e1a7e-3365-55a8befd1a080"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Mon, 05 Dec 2022 21:49:00 GMT
Content-Encoding: gzip
www.ex-olive.com/wp-content/plugins/biz-calendar/calendar.js?ver=2.1.0
210.140.73.39200 OK 2.2 kB URL HTTP/1.1 www.ex-olive.com/wp-content/plugins/biz-calendar/calendar.js?ver=2.1.0
IP 210.140.73.39:0
ASN #4694 IDC Frontier Inc.
File type HTML document text\012- HTML document, Unicode text, UTF-8 text
Hash 9a5efda013f846432f140dd29a171be9
066c2ce5fba241d1318f958aae3fb2a47804ba27
5070ff0a6eb24a24f3dee5ba9f157781e70ea25b5530009913c73355b07a9ff8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/biz-calendar/calendar.js?ver=2.1.0 HTTP/1.1
Host: www.ex-olive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ex-olive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 21:49:00 GMT
Content-Type: application/javascript
Content-Length: 2217
Connection: keep-alive
Vary: ORG_REMOTE_ADDR,Host,Accept-Encoding
Last-Modified: Fri, 15 Jun 2018 01:22:00 GMT
ETag: "10e46bd-2175-56ea40ae49e00"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Mon, 05 Dec 2022 21:49:00 GMT
Content-Encoding: gzip
www.ex-olive.com/wp-content/themes/ex-olive.com/assets/js/vendor/respond.min.js
210.140.73.39200 OK 2.1 kB URL HTTP/1.1 www.ex-olive.com/wp-content/themes/ex-olive.com/assets/js/vendor/respond.min.js
IP 210.140.73.39:0
ASN #4694 IDC Frontier Inc.
File type HTML document, ASCII text, with very long lines (3180)
Hash a2cdec062d67b7a57757123dd31abae2
1e6611d791a6c756ba23752205775083c055af8a
8beb8b6caf05f40dc0316be9adc1edb88077bc20d3b015d02b86ffa5dad51f79
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ex-olive.com/assets/js/vendor/respond.min.js HTTP/1.1
Host: www.ex-olive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ex-olive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 21:49:00 GMT
Content-Type: application/javascript
Content-Length: 2058
Connection: keep-alive
Vary: ORG_REMOTE_ADDR,Host,Accept-Encoding
Last-Modified: Wed, 27 Sep 2017 06:40:30 GMT
ETag: "11e1a83-fd0-55a26115b3380"
Cache-Control: max-age=2592000
Expires: Mon, 05 Dec 2022 21:49:00 GMT
Content-Encoding: gzip
X-Varnish: 1367517809
Age: 0
Via: 1.1 varnish
www.ex-olive.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.4.2
210.140.73.39200 OK 3.2 kB URL HTTP/1.1 www.ex-olive.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.4.2
IP 210.140.73.39:0
ASN #4694 IDC Frontier Inc.
Hash f7a560a724b3c857e565f6c23cef7244
df7b802ffd4ecc5e4483cad691d555b3aa70e8af
f761c68c2da56dc05c5f8dc2478efeb28716aa0daa03885bb086864a3a0f2b0f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.4.2 HTTP/1.1
Host: www.ex-olive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ex-olive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 21:49:01 GMT
Content-Type: application/javascript
Content-Length: 3217
Connection: keep-alive
Vary: ORG_REMOTE_ADDR,Host,Accept-Encoding
Last-Modified: Tue, 10 May 2016 04:31:00 GMT
ETag: "10e2542-2e2b-53275645e0900"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Mon, 05 Dec 2022 21:49:01 GMT
Content-Encoding: gzip
www.ex-olive.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20
210.140.73.39200 OK 5.9 kB URL HTTP/1.1 www.ex-olive.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20
IP 210.140.73.39:0
ASN #4694 IDC Frontier Inc.
File type ASCII text, with very long lines (14900)
Hash ebcf9ad4a94d5c31649dd4515ad0c7c0
e219102aa3fe113876fd76b578f9ea142d67d967
5af8e42123fc03e9a53e6fe91d95c64591e63d3c1f27703a24966154d7784747
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20 HTTP/1.1
Host: www.ex-olive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ex-olive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 21:49:01 GMT
Content-Type: application/javascript
Content-Length: 5860
Connection: keep-alive
Vary: ORG_REMOTE_ADDR,Host,Accept-Encoding
Last-Modified: Tue, 10 May 2016 04:31:00 GMT
ETag: "10e252c-3b90-53275645e0900"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Mon, 05 Dec 2022 21:49:01 GMT
Content-Encoding: gzip
www.ex-olive.com/wp-content/themes/ex-olive.com/assets/js/vendor/bundle.js
210.140.73.39200 OK 35 kB URL HTTP/1.1 www.ex-olive.com/wp-content/themes/ex-olive.com/assets/js/vendor/bundle.js
IP 210.140.73.39:0
ASN #4694 IDC Frontier Inc.
File type ASCII text, with very long lines (31989)
Hash 81adb152fdd7308945f2bbee3ca67378
00e2518f7834822d58f69bc8cf470d8c21cf02a0
10e1bc585dc9aa17475d94996ef3b1b241482554355bc38d56287507a9aa3eaa
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ex-olive.com/assets/js/vendor/bundle.js HTTP/1.1
Host: www.ex-olive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ex-olive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 21:49:00 GMT
Content-Type: application/javascript
Content-Length: 35315
Connection: keep-alive
Vary: ORG_REMOTE_ADDR,Host,Accept-Encoding
Last-Modified: Wed, 27 Sep 2017 06:40:29 GMT
ETag: "11e1a81-26ee2-55a26114bf140"
Cache-Control: max-age=2592000
Expires: Mon, 05 Dec 2022 21:49:00 GMT
Content-Encoding: gzip
X-Varnish: 1367517807
Age: 0
Via: 1.1 varnish
www.ex-olive.com/wp-content/themes/ex-olive.com/assets/css/main.css?1667684939
210.140.73.39200 OK 16 kB URL HTTP/1.1 www.ex-olive.com/wp-content/themes/ex-olive.com/assets/css/main.css?1667684939
IP 210.140.73.39:0
ASN #4694 IDC Frontier Inc.
Hash e862837367c82eab7cbae35c65fec8f7
52c47c3c9f3d3dde2880d6bc3d457ac9e7eb45d6
786639fa0be391a5b41e34235a49e37009e31f1b5b9f4210f903e99ff55842c9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ex-olive.com/assets/css/main.css?1667684939 HTTP/1.1
Host: www.ex-olive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ex-olive.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 21:49:00 GMT
Content-Type: text/css
Content-Length: 15574
Connection: keep-alive
Vary: ORG_REMOTE_ADDR,Host,Accept-Encoding
Last-Modified: Thu, 12 Oct 2017 07:15:55 GMT
ETag: "1142259-18a05-55b544fa2c0c0"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Mon, 05 Dec 2022 21:49:00 GMT
Content-Encoding: gzip
www.ex-olive.com/wp-content/themes/ex-olive.com/assets/css/vendor/common.css
210.140.73.39200 OK 9.9 kB URL HTTP/1.1 www.ex-olive.com/wp-content/themes/ex-olive.com/assets/css/vendor/common.css
IP 210.140.73.39:0
ASN #4694 IDC Frontier Inc.
File type ASCII text, with very long lines (380)
Hash 67374677660202bcc70efbf08405f3f0
db7e8efb56b1aac7799877f37886a7d3c7011a2c
0648300e072286c5abb045efb2d1390e6c6e8fcf4fe3224995600feb97b54d90
GET /wp-content/themes/ex-olive.com/assets/css/vendor/common.css HTTP/1.1
Host: www.ex-olive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ex-olive.com/wp-content/themes/ex-olive.com/assets/css/main.css?1667684939
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 21:49:01 GMT
Content-Type: text/css
Content-Length: 9928
Connection: keep-alive
Vary: ORG_REMOTE_ADDR,Host,Accept-Encoding
Last-Modified: Wed, 27 Sep 2017 06:40:25 GMT
ETag: "11e1a7c-1478e-55a26110ee840"
Cache-Control: max-age=2592000
Expires: Mon, 05 Dec 2022 21:49:01 GMT
Content-Encoding: gzip
X-Varnish: 594410827
Age: 0
Via: 1.1 varnish
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6b72bfaacba486284aa2ecb4bcd8ebba
89fa4ef09e60380fc432c73b7919a29f26117088
fed14b27362ffe0dfbe0b1696e8dab5f6bba3e08b76bec620e75f0f3f213f69b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 21:49:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3228.2439901679545!2d139.65045586526728!3d35.98990453012352!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x6018c7caf69dd1fb%3A0x107705d1cd6185ac!2zTmjhuq10IELhuqNuLCDjgJIzNDktMDEyMSBTYWl0YW1hLWtlbiwgSGFzdWRhLXNoaSwgU2VraXlhbWEsIDMgQ2hvbWXiiJI44oiSMTMsIOOCqOOCr-OCueODhuODquOCouOCquODquODvOODlg!5e0!3m2!1svi!2s!4v1506505925285
142.250.74.164200 OK 652 B URL HTTP/2 www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3228.2439901679545!2d139.65045586526728!3d35.98990453012352!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x6018c7caf69dd1fb%3A0x107705d1cd6185ac!2zTmjhuq10IELhuqNuLCDjgJIzNDktMDEyMSBTYWl0YW1hLWtlbiwgSGFzdWRhLXNoaSwgU2VraXlhbWEsIDMgQ2hvbWXiiJI44oiSMTMsIOOCqOOCr-OCueODhuODquOCouOCquODquODvOODlg!5e0!3m2!1svi!2s!4v1506505925285
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (463)
Hash 61ee617360c90b0a664bb96e036cdad3
6e2c367263567446cfe228d8646994808293c1c0
89cd7d43acd9d0e98f452fc9e45ad71b52392313136d1a3d9adce38c6050cd5b
GET /maps/embed?pb=!1m18!1m12!1m3!1d3228.2439901679545!2d139.65045586526728!3d35.98990453012352!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x6018c7caf69dd1fb%3A0x107705d1cd6185ac!2zTmjhuq10IELhuqNuLCDjgJIzNDktMDEyMSBTYWl0YW1hLWtlbiwgSGFzdWRhLXNoaSwgU2VraXlhbWEsIDMgQ2hvbWXiiJI44oiSMTMsIOOCqOOCr-OCueODhuODquOCouOCquODquODvOODlg!5e0!3m2!1svi!2s!4v1506505925285 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ex-olive.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Sat, 05 Nov 2022 21:49:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-JejdE_EI4D6-Xb04iggLyg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 652
x-xss-protection: 0
server-timing: gfet4t7; dur=165
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.ex-olive.com/wp-content/uploads/search.png
210.140.73.39200 OK 531 B URL HTTP/1.1 www.ex-olive.com/wp-content/uploads/search.png
IP 210.140.73.39:0
ASN #4694 IDC Frontier Inc.
File type PNG image data, 14 x 14, 8-bit colormap, non-interlaced\012- data
Hash d14feaeafe5577d333fb8b747f9e5f68
8c08177f3e3d6fc75549d900d2dddea184095db9
32287e3b55b5d171b9e3e78e1cc1e61fcf0da44001ec66c1d7bb3b3c47b79e52
GET /wp-content/uploads/search.png HTTP/1.1
Host: www.ex-olive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ex-olive.com/wp-content/themes/ex-olive.com/assets/css/main.css?1667684939
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 21:49:01 GMT
Content-Type: image/png
Content-Length: 531
Connection: keep-alive
Vary: ORG_REMOTE_ADDR,Host
Last-Modified: Thu, 28 Sep 2017 08:54:52 GMT
ETag: "10e3745-213-55a3c0fbaef00"
Cache-Control: max-age=2592000
Expires: Mon, 05 Dec 2022 21:49:01 GMT
X-Varnish: 1367517821
Age: 0
Via: 1.1 varnish
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d2b4c49a0fb79e3d3bc40d2a28b27120
3f53633851cf851451354ccfd2931f2ec7a9e40f
a8a4ca2c09bae5cc3375077e531b357e2c1724693433a085ad038e3e6adfd96b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 21:49:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 3ebbd65a2bdd5c6f3dea5a6b99b25f0d
484be27b25b736a7e7e2b1d5ef9760aecdcec01b
5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 21:49:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad
216.58.211.10200 OK 56 kB URL HTTP/2 maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad
IP 216.58.211.10:0
File type ASCII text, with very long lines (2472)
Hash 5f6ac90ccab4c7cece8c3648ec52dd4e
9a06a21f5aa965fd0e268b2f9d7e34911e564058
0b0809cefc451d8cddc725c7d50671cbc25fd351656618c0e44ba0aa5edf3d99
GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56281
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=13
date: Sat, 05 Nov 2022 21:43:53 GMT
expires: Sat, 05 Nov 2022 22:13:53 GMT
cache-control: public, max-age=1800
content-type: text/javascript; charset=UTF-8
age: 309
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 3ebbd65a2bdd5c6f3dea5a6b99b25f0d
484be27b25b736a7e7e2b1d5ef9760aecdcec01b
5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 21:49:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 21:49:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.gstatic.com/maps-api-v3/embed/js/50/12/init_embed.js
142.250.74.163200 OK 68 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/50/12/init_embed.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (2669)
Hash 33fed333a55580b5c13fb891bf0e0343
7566dff90bb8035abcced956615eadbc6ebcf4a9
70386264b35cd6ef3b68f7e6c568197388d1140bb4e8e2cdd6d44fdfb0c00a2a
GET /maps-api-v3/embed/js/50/12/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 68524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 16:45:44 GMT
expires: Thu, 02 Nov 2023 16:45:44 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 02 Nov 2022 04:25:07 GMT
content-type: text/javascript
age: 277398
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 21:49:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.ex-olive.com/wp-content/uploads/bnr_img003.jpg
210.140.73.39200 OK 49 kB URL HTTP/1.1 www.ex-olive.com/wp-content/uploads/bnr_img003.jpg
IP 210.140.73.39:0
ASN #4694 IDC Frontier Inc.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 460x230, components 3\012- data
Hash 6df1a6b630ac4c62c8993d47aa862ece
1d52d05b2f404790a042d8060b430eb1c845cad2
abfe78e3efa0d0bd3ae88e56dc0dfa69c58d7580d610801b74a1c556fb3310f6
GET /wp-content/uploads/bnr_img003.jpg HTTP/1.1
Host: www.ex-olive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ex-olive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 21:49:01 GMT
Content-Type: image/jpeg
Content-Length: 49131
Connection: keep-alive
Vary: ORG_REMOTE_ADDR,Host
Last-Modified: Thu, 12 Oct 2017 07:14:13 GMT
ETag: "10e377f-bfeb-55b54498e5b40"
Cache-Control: max-age=2592000
Expires: Mon, 05 Dec 2022 21:49:01 GMT
X-Varnish: 594410829
Age: 0
Via: 1.1 varnish
www.ex-olive.com/wp-content/uploads/bnr_img005.jpg
210.140.73.39200 OK 49 kB URL HTTP/1.1 www.ex-olive.com/wp-content/uploads/bnr_img005.jpg
IP 210.140.73.39:0
ASN #4694 IDC Frontier Inc.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 490x205, components 3\012- data
Hash e4a57a19ddb2a7bd505beffe979d0402
892f6e17989992763703d9d3af8a1adbd29d82e4
1487b47a87cfaa041c6f7fa9dfa30d7eca6e5c9eabe3fa2456feea13aa2b1dd3
GET /wp-content/uploads/bnr_img005.jpg HTTP/1.1
Host: www.ex-olive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ex-olive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 21:49:01 GMT
Content-Type: image/jpeg
Content-Length: 49015
Connection: keep-alive
Vary: ORG_REMOTE_ADDR,Host
Last-Modified: Thu, 12 Oct 2017 07:14:17 GMT
ETag: "10e37ae-bf77-55b5449cb6440"
Cache-Control: max-age=2592000
Expires: Mon, 05 Dec 2022 21:49:01 GMT
X-Varnish: 594410831
Age: 0
Via: 1.1 varnish
www.ex-olive.com/wp-content/uploads/logo.svg
210.140.73.39200 OK 34 kB URL HTTP/1.1 www.ex-olive.com/wp-content/uploads/logo.svg
IP 210.140.73.39:0
ASN #4694 IDC Frontier Inc.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash f5c450009db6eeccade6a0158610d867
cf34a27b20cae5e79815d80406e374d7a1f5ba65
f9c64abfd9b4dd78c08b0f1e96598247cd7c984fb70ee9b0795c26f7e433c1d9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/logo.svg HTTP/1.1
Host: www.ex-olive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ex-olive.com/
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 21:49:01 GMT
Content-Type: image/svg+xml
Content-Length: 34126
Connection: keep-alive
Vary: ORG_REMOTE_ADDR,Host
Last-Modified: Thu, 28 Sep 2017 08:54:34 GMT
ETag: "10e373f-854e-55a3c0ea84680"
X-Varnish: 594410832
Age: 0
Via: 1.1 varnish
www.ex-olive.com/wp-content/uploads/bnr_img001.jpg
210.140.73.39200 OK 49 kB URL HTTP/1.1 www.ex-olive.com/wp-content/uploads/bnr_img001.jpg
IP 210.140.73.39:0
ASN #4694 IDC Frontier Inc.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 460x230, components 3\012- data
Hash 328e36e0a56d022e66c1d2d24c990060
6d02582adf9b4cf6e6b024be4be9f6dbfd16657a
7685c15a89a5582f7d24d0b503122f083f66386db63080f4e5b8df0c6fef4171
GET /wp-content/uploads/bnr_img001.jpg HTTP/1.1
Host: www.ex-olive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ex-olive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 21:49:01 GMT
Content-Type: image/jpeg
Content-Length: 48930
Connection: keep-alive
Vary: ORG_REMOTE_ADDR,Host
Last-Modified: Thu, 12 Oct 2017 07:14:07 GMT
ETag: "10e377c-bf22-55b544932cdc0"
Cache-Control: max-age=2592000
Expires: Mon, 05 Dec 2022 21:49:01 GMT
X-Varnish: 1367517819
Age: 0
Via: 1.1 varnish
www.ex-olive.com/wp-content/uploads/icon002.png
210.140.73.39200 OK 1.0 kB URL HTTP/1.1 www.ex-olive.com/wp-content/uploads/icon002.png
IP 210.140.73.39:0
ASN #4694 IDC Frontier Inc.
File type PNG image data, 27 x 26, 8-bit colormap, non-interlaced\012- data
Hash d224340867ae973c800ea49c4c70cf7e
9bf4adb8f84ff9537ba554f1314ae7132f629b18
db73a982ab0a032c381950b5e457bfe13440a1438ecebec2696fe595ab9d580d
GET /wp-content/uploads/icon002.png HTTP/1.1
Host: www.ex-olive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ex-olive.com/wp-content/themes/ex-olive.com/assets/css/main.css?1667684939
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 21:49:03 GMT
Content-Type: image/png
Content-Length: 1028
Connection: keep-alive
Vary: ORG_REMOTE_ADDR,Host
Last-Modified: Thu, 28 Sep 2017 08:54:11 GMT
ETag: "10e373a-404-55a3c0d4952c0"
Cache-Control: max-age=2592000
Expires: Mon, 05 Dec 2022 21:49:03 GMT
X-Varnish: 594410848
Age: 0
Via: 1.1 varnish
www.ex-olive.com/wp-content/uploads/bg_img003.jpg
210.140.73.39200 OK 73 kB URL HTTP/1.1 www.ex-olive.com/wp-content/uploads/bg_img003.jpg
IP 210.140.73.39:0
ASN #4694 IDC Frontier Inc.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x447, components 3\012- data
Hash 07ce0ca5077d5c5cb083af5a4686e7e0
5e95b177b47439932e4ea936b18576e1c2d0a36b
c2b8bf0e28e4bab5175b101b7b3c8cfc2666c1d3173a241eb5e23d0cfcf7cdb0
GET /wp-content/uploads/bg_img003.jpg HTTP/1.1
Host: www.ex-olive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ex-olive.com/wp-content/themes/ex-olive.com/assets/css/main.css?1667684939
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 21:49:01 GMT
Content-Type: image/jpeg
Content-Length: 73436
Connection: keep-alive
Vary: ORG_REMOTE_ADDR,Host
Last-Modified: Thu, 28 Sep 2017 09:00:27 GMT
ETag: "10e375e-11edc-55a3c23b2a0c0"
Cache-Control: max-age=2592000
Expires: Mon, 05 Dec 2022 21:49:01 GMT
X-Varnish: 1367517822
Age: 0
Via: 1.1 varnish
www.ex-olive.com/wp-content/uploads/bg_img002.png
210.140.73.39200 OK 49 kB URL HTTP/1.1 www.ex-olive.com/wp-content/uploads/bg_img002.png
IP 210.140.73.39:0
ASN #4694 IDC Frontier Inc.
File type PNG image data, 490 x 362, 8-bit colormap, non-interlaced\012- data
Hash 14c0ed13981136cea046a778568edf28
0b7291edf0a7e5c4a41cc53c9c89c28234287c87
5f31d81e6405b759c856010e9026c5f9e851606c15a1fe26043a9a47be68e9c9
GET /wp-content/uploads/bg_img002.png HTTP/1.1
Host: www.ex-olive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ex-olive.com/wp-content/themes/ex-olive.com/assets/css/main.css?1667684939
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 21:49:03 GMT
Content-Type: image/png
Content-Length: 49193
Connection: keep-alive
Vary: ORG_REMOTE_ADDR,Host
Last-Modified: Thu, 28 Sep 2017 09:00:17 GMT
ETag: "10e375b-c029-55a3c231a0a40"
Cache-Control: max-age=2592000
Expires: Mon, 05 Dec 2022 21:49:03 GMT
X-Varnish: 594410847
Age: 0
Via: 1.1 varnish
www.ex-olive.com/wp-content/uploads/bnr_img004.jpg
210.140.73.39200 OK 32 kB URL HTTP/1.1 www.ex-olive.com/wp-content/uploads/bnr_img004.jpg
IP 210.140.73.39:0
ASN #4694 IDC Frontier Inc.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 460x230, components 3\012- data
Hash cd56b317908df03c14f5dd1aaaec59c0
235262a137b5a839fe2a9330d7a82ed1c97162c7
0a83d06bb67b1219e75dc45a0a41b6dc03b161912e95361e72fa534cd7028b09
GET /wp-content/uploads/bnr_img004.jpg HTTP/1.1
Host: www.ex-olive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ex-olive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 21:49:03 GMT
Content-Type: image/jpeg
Content-Length: 32228
Connection: keep-alive
Vary: ORG_REMOTE_ADDR,Host
Last-Modified: Thu, 12 Oct 2017 07:14:15 GMT
ETag: "10e3784-7de4-55b5449acdfc0"
Cache-Control: max-age=2592000
Expires: Mon, 05 Dec 2022 21:49:03 GMT
X-Varnish: 594410857
Age: 0
Via: 1.1 varnish
fonts.googleapis.com/css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en
142.250.74.10200 OK 16 kB URL HTTP/2 fonts.googleapis.com/css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en
IP 142.250.74.10:0
Hash 2c5e576c986fa3babe2c32f4a7ca3f3c
2f9f0aaf63ec000b07fc073c26fddfb6ab4e4466
f560931ec3844307c32fb2b1503925261fc99f30ecd22d27664b104e13e5567c
GET /css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 05 Nov 2022 21:49:04 GMT
date: Sat, 05 Nov 2022 21:49:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.ex-olive.com/wp-content/uploads/bnr_img002.jpg
210.140.73.39200 OK 88 kB URL HTTP/1.1 www.ex-olive.com/wp-content/uploads/bnr_img002.jpg
IP 210.140.73.39:0
ASN #4694 IDC Frontier Inc.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 460x230, components 3\012- data
Hash 59493cad45e8cb02bc9f12d6e40bf883
3628ae0db02f92ef31a695ac34c61f8880b85f4a
634b903b801ca5dccd2f7e735b05beba9d6dc5c55c0cb4c58763780acc9ed9b3
GET /wp-content/uploads/bnr_img002.jpg HTTP/1.1
Host: www.ex-olive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ex-olive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 21:49:03 GMT
Content-Type: image/jpeg
Content-Length: 87866
Connection: keep-alive
Vary: ORG_REMOTE_ADDR,Host
Last-Modified: Thu, 28 Sep 2017 09:01:00 GMT
ETag: "10e376e-1573a-55a3c25aa2b00"
Cache-Control: max-age=2592000
Expires: Mon, 05 Dec 2022 21:49:03 GMT
X-Varnish: 594410855
Age: 0
Via: 1.1 varnish
www.ex-olive.com/wp-content/uploads/bg_img005.png
210.140.73.39200 OK 45 kB URL HTTP/1.1 www.ex-olive.com/wp-content/uploads/bg_img005.png
IP 210.140.73.39:0
ASN #4694 IDC Frontier Inc.
File type PNG image data, 296 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 08d5ef0dfd3a42469cdec3837dfa656d
07b2b02dedd4101b50d5882007e90541dd542c04
c5b8502bb9c717cad1d172447898d27fbdb79eace2d6e38ee593e7b351fffb7f
GET /wp-content/uploads/bg_img005.png HTTP/1.1
Host: www.ex-olive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ex-olive.com/wp-content/themes/ex-olive.com/assets/css/main.css?1667684939
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 21:49:04 GMT
Content-Type: image/png
Content-Length: 45076
Connection: keep-alive
Vary: ORG_REMOTE_ADDR,Host
Last-Modified: Thu, 28 Sep 2017 09:00:44 GMT
ETag: "10e3766-b014-55a3c24b60700"
Cache-Control: max-age=2592000
Expires: Mon, 05 Dec 2022 21:49:04 GMT
X-Varnish: 1367517872
Age: 0
Via: 1.1 varnish
www.ex-olive.com/wp-content/uploads/bg_img004.png
210.140.73.39200 OK 51 kB URL HTTP/1.1 www.ex-olive.com/wp-content/uploads/bg_img004.png
IP 210.140.73.39:0
ASN #4694 IDC Frontier Inc.
File type PNG image data, 325 x 91, 8-bit/color RGBA, non-interlaced\012- data
Hash 069fae64fda4ada4d16460a511c0a1aa
f283886e2123e645fa252a5a9dfc5c9d4a0a250b
5145e7990256d52d0e8763682022adb48e890a82839db52caae31a48483a2215
GET /wp-content/uploads/bg_img004.png HTTP/1.1
Host: www.ex-olive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ex-olive.com/wp-content/themes/ex-olive.com/assets/css/main.css?1667684939
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 21:49:04 GMT
Content-Type: image/png
Content-Length: 50952
Connection: keep-alive
Vary: ORG_REMOTE_ADDR,Host
Last-Modified: Thu, 28 Sep 2017 09:00:34 GMT
ETag: "10e3763-c708-55a3c241d7080"
Cache-Control: max-age=2592000
Expires: Mon, 05 Dec 2022 21:49:04 GMT
X-Varnish: 1367517871
Age: 0
Via: 1.1 varnish
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f29b126-c6e5-4528-8307-e3c7fe12e225.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f29b126-c6e5-4528-8307-e3c7fe12e225.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 308da46611df43543d31ca502986bea2
0bf4de356c3a64785fe116161cb931b3b2476f5d
63996962e2763dcf2e0ae5e43aa12dfd8f8677082bb1cdf63528dfd00404f3e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f29b126-c6e5-4528-8307-e3c7fe12e225.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7619
x-amzn-requestid: 67308248-e660-4294-aafe-5f178970f822
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bGHlcHHfIAMFyGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63658622-5b1ee875554a05eb1e8a6f16;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 21:37:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _-RekVvWiPI4MHy0Up2j6D6a_NcPywYvDeydP3QlbCceU7NfWk00jQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 21:52:21 GMT
age: 86203
etag: "0bf4de356c3a64785fe116161cb931b3b2476f5d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.ex-olive.com/wp-content/uploads/image1.png
210.140.73.39200 OK 0 B URL HTTP/1.1 www.ex-olive.com/wp-content/uploads/image1.png
IP 210.140.73.39:0
ASN #4694 IDC Frontier Inc.
GET /wp-content/uploads/image1.png HTTP/1.1
Host: www.ex-olive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ex-olive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 21:49:01 GMT
Content-Type: image/png
Content-Length: 527797
Connection: keep-alive
Vary: ORG_REMOTE_ADDR,Host
Last-Modified: Mon, 23 Oct 2017 05:05:27 GMT
ETag: "10e3879-80db5-55c2fc54e13c0"
Cache-Control: max-age=2592000
Expires: Mon, 05 Dec 2022 21:49:01 GMT
X-Varnish: 594410830
Age: 0
Via: 1.1 varnish
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en
IP 142.250.74.10:0
GET /css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 05 Nov 2022 21:49:04 GMT
date: Sat, 05 Nov 2022 21:49:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.ex-olive.com/wp-content/uploads/sp_image1.png
210.140.73.39200 OK 0 B URL HTTP/1.1 www.ex-olive.com/wp-content/uploads/sp_image1.png
IP 210.140.73.39:0
ASN #4694 IDC Frontier Inc.
GET /wp-content/uploads/sp_image1.png HTTP/1.1
Host: www.ex-olive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ex-olive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 21:49:01 GMT
Content-Type: image/png
Content-Length: 886061
Connection: keep-alive
Vary: ORG_REMOTE_ADDR,Host
Last-Modified: Mon, 23 Oct 2017 05:05:25 GMT
ETag: "10e3776-d852d-55c2fc52f8f40"
Cache-Control: max-age=2592000
Expires: Mon, 05 Dec 2022 21:49:01 GMT
X-Varnish: 1367517820
Age: 0
Via: 1.1 varnish
www.ex-olive.com/wp-content/uploads/bg_img001.png
210.140.73.39200 OK 0 B URL HTTP/1.1 www.ex-olive.com/wp-content/uploads/bg_img001.png
IP 210.140.73.39:0
ASN #4694 IDC Frontier Inc.
GET /wp-content/uploads/bg_img001.png HTTP/1.1
Host: www.ex-olive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ex-olive.com/wp-content/themes/ex-olive.com/assets/css/main.css?1667684939
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 21:49:01 GMT
Content-Type: image/png
Content-Length: 1422119
Connection: keep-alive
Vary: ORG_REMOTE_ADDR,Host
Last-Modified: Thu, 28 Sep 2017 09:00:12 GMT
ETag: "10e3756-15b327-55a3c22cdbf00"
Cache-Control: max-age=2592000
Expires: Mon, 05 Dec 2022 21:49:01 GMT
X-Varnish: 594410833
Age: 0
Via: 1.1 varnish