www.skidrowcodex.net/total-war-warhammer-steampunks/
172.67.217.92301 Moved Permanently 0 B URL HTTP/1.1 www.skidrowcodex.net/total-war-warhammer-steampunks/
IP 172.67.217.92:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /total-war-warhammer-steampunks/ HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 05 Feb 2023 16:47:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 05 Feb 2023 17:47:09 GMT
Location: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fe8Oc8D4uIFR0ES0rIbnV%2BQGxBW0TXW0jYlZMqOS0yG0LUqAB1m9KwshUueqAzgWNTUTU%2BerXvMQehoCtXS8LzY9Itk4BVgtu619sqDv9Kd5MFEkEuNWE5o68AL9XKoQf%2Bii5PWb%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794d2053bcfeb518-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12940
Expires: Sun, 05 Feb 2023 20:22:49 GMT
Date: Sun, 05 Feb 2023 16:47:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4368
Expires: Sun, 05 Feb 2023 17:59:57 GMT
Date: Sun, 05 Feb 2023 16:47:09 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 16:33:56 GMT
content-type: application/json
age: 793
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19317
Expires: Sun, 05 Feb 2023 22:09:06 GMT
Date: Sun, 05 Feb 2023 16:47:09 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: wuq3JNoU0fBiAGm5G42o1n4mx7fm/KjLtM0tMS3XWUk9Fp4qp0o7O3f0Zmza/Arpti/bHlujuqOCR3Lf7dtj+Q==
x-amz-request-id: EY20N1MQQS1SE36Q
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 16:24:32 GMT
age: 1357
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash dbc6734634f5c006832b7c136e890d33
afba69b7222b7a0d5b41f313fa8b163f296ea1a8
fd424e10ae0857be6cefd3f9ecfbc913121ae72a0779ee176b67d8db86602789
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4956
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 16:47:09 GMT
Last-Modified: Sun, 05 Feb 2023 15:24:33 GMT
Server: ECS (amb/6BA7)
X-Cache: HIT
Content-Length: 279
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 16:47:09 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/addons/clan-wars/css/widget.css?ver=1.5.5
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/addons/clan-wars/css/widget.css?ver=1.5.5
IP 172.67.217.92:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/skidrowcodex-main/addons/clan-wars/css/widget.css?ver=1.5.5 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
content-length: 0
x-accel-version: 0.01
last-modified: Wed, 20 Jul 2022 22:26:07 GMT
cache-control: public, max-age=31536000
expires: Fri, 19 Jan 2024 05:38:17 GMT
vary: Accept-Encoding
x-powered-by: PleskLin
cf-cache-status: HIT
age: 1508934
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bB7hyvK1tLLLyNH5JVbWPW3DqIu7Hk4fzxOzeKFugbxCqHbikNeHuHv17duKAYWdcnzzuI%2FZunl%2BL%2Bh2g6X5m5Yeo7xBQr%2BtQkbJdCfPLRQQzgYqcygLjwxbVcDnDOS3W6y4WwPK3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d20581858b505-OSL
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/uploads/2019/01/new-logo.png
172.67.217.92200 OK 48 kB URL HTTP/2 www.skidrowcodex.net/wp-content/uploads/2019/01/new-logo.png
IP 172.67.217.92:0
File type PNG image data, 767 x 99, 8-bit/color RGBA, interlaced\012- data
Hash 3927a87b7eb1db967c93304ddbff8a71
839edda3002bbd220823d7700b0e8dcbf18acbd1
085b6558baab0ac6b5251b0f57a1a2a072f7e73822632f9e3e4298af0a27de95
GET /wp-content/uploads/2019/01/new-logo.png HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: image/png
content-length: 47724
last-modified: Wed, 20 Jul 2022 22:26:07 GMT
cache-control: public, max-age=16070400
expires: Tue, 02 May 2023 20:49:05 GMT
etag: "62d880ff-ba6c"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2922950
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D34wxD05qjfjYiyW3PavF7VDmuXMmPU%2BEUMjP06NzrpwqsQ%2FzfUmmf6maOjfNYijc%2BOmDpIDYDP5zvMcgbOrqS2EAysF2iMHpKiUv5jyQRSNfBX2PL%2BNQXQhVPV3iCc88%2BKpQlqSaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d20586932b505-OSL
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/uploads/2019/04/Total-War-WARHAMMER.jpg
172.67.217.92200 OK 12 kB URL HTTP/2 www.skidrowcodex.net/wp-content/uploads/2019/04/Total-War-WARHAMMER.jpg
IP 172.67.217.92:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 460x215, components 3\012- data
Hash 30ff370c325958d76df08a36a83448c7
fe02f40db174f8de755102dea648af3916f3f5d8
af49c7292e5d85a0eeec96d7b59561e5d9fccede3784fd97927550c878cab67c
GET /wp-content/uploads/2019/04/Total-War-WARHAMMER.jpg HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: image/jpeg
content-length: 11925
last-modified: Tue, 31 Jan 2023 06:55:07 GMT
cache-control: public, max-age=16070400
expires: Sun, 04 Jun 2023 10:36:40 GMT
etag: "63d8bb4b-2e95"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 108630
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3O9lXkdEisc0eA0N6Z3NNEetL8Jpz%2Bk0aQ9R%2BfsFlqYapQdE0bOCQ58tvSASGAIja3t%2Fy%2FkscM%2FO%2FFuGK42HtsdU90DWF5cezX%2F0IsBuonTy1lY60uzznLjAadYYZ3RQg2%2BIzI0z3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d2058793eb505-OSL
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/uploads/2019/03/avatar.jpg
172.67.217.92200 OK 59 kB URL HTTP/2 www.skidrowcodex.net/wp-content/uploads/2019/03/avatar.jpg
IP 172.67.217.92:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, datetime=2015:10:04 16:23:37], progressive, precision 8, 736x786, components 3\012- data
Hash 19fbef7460c49b3481c57cc1102aeca7
9d5daf88ccc2e4b05c3d4e73733b1f2c78154990
16b8052f9b721c898b899c6e1e4b5d2c4190b745607e9f3a5676278707b58413
GET /wp-content/uploads/2019/03/avatar.jpg HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: image/jpeg
content-length: 58606
last-modified: Wed, 20 Jul 2022 22:26:07 GMT
cache-control: public, max-age=16070400
expires: Tue, 02 May 2023 20:49:07 GMT
etag: "62d880ff-e4ee"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2922948
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1hYmOxrwCZCLhs1ffKHLO1O7WKm0rGgie8nBHXdoDhNFn6h8ZCZvZCfgKgSr1m1HMXWk5pvKFzM4uXKiR84gFI4rFcmDWUNtqL2Dwwex%2B9dNt4rdNyN7sfX8av757mJNavB5M9H3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d20587946b505-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 16:47:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.skidrowcodex.net/wp-includes/js/mediaelement/wp-mediaelement.min.css
172.67.217.92200 OK 4.6 kB URL HTTP/2 www.skidrowcodex.net/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP 172.67.217.92:0
File type ASCII text, with very long lines (4186), with no line terminators
Hash 35a47007458f4d02de10e57e8333473f
9352996a534a2641d13335c3e66b47656e8c4317
89ee13a26b985e385378059a76300629367554f2678149b2a2a3bebd4d064060
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 20 Jul 2022 22:26:08 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Sun, 07 Jan 2024 19:54:19 GMT
etag: W/"62d88100-105a"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2494373
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKfPZL%2BNXzUqCHgqHVWCd4n%2FYnDjup31L8xL0nPEyT4iTtujhya79dJk%2FmuYx9f10JUJ2Rj2%2FEoPFiYq8iSS7yHFdo4iTWkEEkUS4RUWYbFboj%2BGGJlRwbMrYgDMM5dlsOzngbJ5HA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d2058289fb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/ajax-search-lite/css/style-simple-red.css?ver=4.11
172.67.217.92200 OK 1.8 kB URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/ajax-search-lite/css/style-simple-red.css?ver=4.11
IP 172.67.217.92:0
File type ASCII text, with very long lines (10689), with no line terminators
Hash 4a2435f9c5dcf3c1d6366635c9d3924e
504de656ea18a2740b3a2fe36b191451cc80de01
c24c87853de1a1ef6d20e7633effa3d92fde2e3247bba6e0ed3ce1398e97511d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ajax-search-lite/css/style-simple-red.css?ver=4.11 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 10 Jan 2023 21:52:54 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Wed, 10 Jan 2024 21:58:19 GMT
etag: W/"63bdde36-29c1"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2227732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nihRlnftLn5vKpqHPtcIAxU32ncLSgEyuO4zBKXByI1yz0dSVswdXV4E3RBkBfUMZXS%2B%2FbryJIyzzdN36pGNDxNgClm9CbCsPp9WzOrR63JZGyFw0LLx9LBBOvr4q72fslB%2FC4UbaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d205828a4b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
172.67.217.92200 OK 639 kB URL HTTP/2 www.skidrowcodex.net/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
IP 172.67.217.92:0
File type ASCII text, with very long lines (11256), with no line terminators
Size 639 kB (638667 bytes)
Hash 5f812f30118112ce50df8f03e13b9c2d
30fe4b9b19b1574aabb6f7aac4bd128de677312a
e3c122d4875f431c3703d0642231a4f9dec9c0293980eebfb4d98b9b9bf99691
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 20 Jul 2022 22:26:08 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Sun, 26 Nov 2023 10:22:34 GMT
etag: W/"62d88100-2bf8"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 6157384
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2F4htIbrlBx2eVrABoMp5y1Wp%2BNV27Lz%2B5UnHNhgPhjmM4KQPAnMZAWZoKjd9XiUIUd2Oc%2FqEhVa8jBzQTpJOUREG9z7PmQ847TGqa9EzgFPlN80gX0TaQXbk17FI%2FJ8CR20zmCPHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d2058289db505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/wp-rocket/assets/js/heartbeat.js?ver=3.12.5.2
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/wp-rocket/assets/js/heartbeat.js?ver=3.12.5.2
IP 172.67.217.92:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-rocket/assets/js/heartbeat.js?ver=3.12.5.2 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
x-accel-version: 0.01
last-modified: Fri, 27 Jan 2023 08:44:10 GMT
cache-control: public, max-age=31536000
expires: Sat, 27 Jan 2024 08:47:19 GMT
vary: Accept-Encoding
x-powered-by: PleskLin
cf-cache-status: HIT
age: 806393
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRZtcBXfpIH35ZAL6UnmksXqIcGHpMHrrxQC4f6F%2Fgrcs77X1Loa1dQ69s6uOcbRt4DNHyTnmz3msmgmGCbDC%2B8Ag9scIlVg5AD4Tkqq7rmno338W33AcUNnP6NKb03ZtYi8LLrKfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d20596ac5b505-OSL
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/bbpressmoderation/style.css
172.67.217.92200 OK 5.8 MB URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/bbpressmoderation/style.css
IP 172.67.217.92:0
Size 5.8 MB (5797394 bytes)
Hash ae75ff66e971f77d0e86e2b59d8bc23f
3aeb190f5eac48929f54ef8840d0d496a751cae8
667dedc319754871eca334f97089bb19362e899b29309a08b07b3f1d5a69dcb5
GET /wp-content/plugins/bbpressmoderation/style.css HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Sat, 30 Apr 2022 22:50:15 GMT
cache-control: public, max-age=31536000
expires: Tue, 06 Jun 2023 23:01:35 GMT
x-powered-by: PleskLin
cf-cache-status: HIT
age: 21059135
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FkWVCco1ai%2BQqjYF7tKfbgska%2BLMyB7MQw4VbKtD9oPAY3vlPXfZuH%2FujoGn5vN5%2FcJpFHnMeIOWm8Qx96LmTJuLUQsU%2FKOI6GMPi4ZGpqcucIHByzu7MgJ0kYbJLWKDIdRfA7kCFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d2058083eb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/main.css?ver=20160930
172.67.217.92200 OK 639 kB URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/main.css?ver=20160930
IP 172.67.217.92:0
File type ASCII text, with very long lines (829)
Size 639 kB (638702 bytes)
Hash f3efa22c43e72c23eaa3dae92ec4968b
2d7638b2dd9da3c89f0003bb2814386c8d460e96
ef16c63d7b094f7358b06d725b8b6bb9e0e4a5002378f06d840dbb70b719a483
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/skidrowcodex-main/css/main.css?ver=20160930 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 20 Jul 2022 22:26:07 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Fri, 19 Jan 2024 05:38:17 GMT
etag: W/"62d880ff-21d5c"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 1508934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9oC1U2j6u4h18QVFnWoD9L6ijXhJbyr23KQ1o8FILMDlC%2Fj8SU0dQsmJHEuFigqllSifZWO%2BcPcniAx9qksfzb7kWWsb6cW%2FrJeptLCQXQQI5eo%2B8NmqTnMKrKGddYWfZmgTWiSb1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d2058186eb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-load.js?ver=4756
172.67.217.92200 OK 539 B URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-load.js?ver=4756
IP 172.67.217.92:0
Hash 588ef27450c16b0b471f226adb5e0f2f
32cc75be71333a4b1fb4177a04640666f90f8df0
1a0b8adadc10d4e453aa5b241617e0d32c9cf5ec7a3a54f91db718c0141f07f3
GET /wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-load.js?ver=4756 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Tue, 10 Jan 2023 21:52:54 GMT
cache-control: public, max-age=31536000
expires: Wed, 10 Jan 2024 21:58:20 GMT
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2227731
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5O0%2B2c6rzfVJETyT03LqRi1Kz2ewnsqtNQMDbfNaojGcxhJDLRmFUtdofaqhsY5NDg4Tos2CtDZI1hMPxqShhOWo%2FLqw429GSb1nmdzIvb%2FkrrD%2F0ifjlIIIq7aH3Eb3rlPxpFeNnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d20596ac3b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-includes/js/imgareaselect/imgareaselect.css?ver=0.9.8
172.67.217.92200 OK 967 kB URL HTTP/2 www.skidrowcodex.net/wp-includes/js/imgareaselect/imgareaselect.css?ver=0.9.8
IP 172.67.217.92:0
Size 967 kB (967282 bytes)
Hash 64069cdecb75b9f2913d031237c1b055
a5051ae885f6146a7569182a8ca6595ae190130f
44be0f5fe6e7e6423f03670347b98957719834c1c9cefef5434e90587632699d
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/imgareaselect/imgareaselect.css?ver=0.9.8 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Wed, 20 Jul 2022 22:26:08 GMT
cache-control: public, max-age=31536000
expires: Sun, 07 Jan 2024 20:25:15 GMT
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2492516
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OdGIe4%2BbRm5dRl6Q76yHgqnHnt1SVHwYoe4CulphTA1HkcooZAYqER5XH1VYLlOJQKyKLdeIb%2BIEVHCszyTU4oJq%2BS%2FUSrbErBQ6Zvh9ueZxMeLK4t7t1S7rGuChSQ20MPiwSZYHzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d205828a2b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/clanwars.css?ver=20160930
172.67.217.92200 OK 2.6 MB URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/clanwars.css?ver=20160930
IP 172.67.217.92:0
Size 2.6 MB (2623452 bytes)
Hash a4af4dc024b80774123650f0a585c6ff
91dfcc2208e3239c9316ace874d0a20a7ae46ed6
993b5bd307eb349b641d53dee4a3f47b3297808e6553627a00325a2e93de7032
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/skidrowcodex-main/css/clanwars.css?ver=20160930 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 20 Jul 2022 22:26:07 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Sun, 07 Jan 2024 20:25:15 GMT
etag: W/"62d880ff-3426"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2492516
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JBa25gFzWI%2BfBGbS6%2BqJ6bLFFjuXjP8WslDt0GqGOFv3mp%2FdhtxkHHUdOM%2FLU1liCqyo5lmJzGSbIIoc8NGy9U3%2BcIU2EHWIwtZdT0QsPdolfAEiMP9OmPaJiSZHV%2FtkkOdQ%2F0MxFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d2058287eb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/jquery.fancybox.css?ver=20150401
172.67.217.92200 OK 5.6 MB URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/jquery.fancybox.css?ver=20150401
IP 172.67.217.92:0
File type ASCII text, with very long lines (3437), with no line terminators
Size 5.6 MB (5580827 bytes)
Hash 7bf7fbb61bd0d0188fae574cf4f0405c
52e95eddc6833dfa1053af10e92b5fb15033a095
ec090c8a851939c2004290deb4db1fec93dcfc03b6ba5bb99c930e22ab579fc5
GET /wp-content/themes/skidrowcodex-main/css/jquery.fancybox.css?ver=20150401 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 20 Jul 2022 22:26:07 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Sun, 07 Jan 2024 20:36:01 GMT
etag: W/"62d880ff-d6d"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2491870
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7FeTWY9l9gqKFEfUvjU7A%2Bhz%2BGgVxjqclMZYr7d7XXEdCW2kIH2HUa8MmGvi15blb1KF%2FK0O%2BDNLI1E6rW4O04OS1%2F9iBHAm%2FVUIaXOaQjPkdeK2dbQmW3n1aTgpmFiBL2a2cRVxSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d20582881b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
steamcdn-a.akamaihd.net/steam/apps/364360/extras/TopSmall.jpg?t=1545145125
23.33.119.11200 OK 8.5 MB URL HTTP/2 steamcdn-a.akamaihd.net/steam/apps/364360/extras/TopSmall.jpg?t=1545145125
IP 23.33.119.11:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 628 x 183\012- data
Size 8.5 MB (8544399 bytes)
Hash 7f4106a22b3eddf674125834355d8a9a
2f65319382b43adc6f7743ca0c9bb09aa1028f51
79dc155a210f26ead179006d61d6488a5984e04a50911843e0d62ec8c2867a02
GET /steam/apps/364360/extras/TopSmall.jpg?t=1545145125 HTTP/1.1
Host: steamcdn-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 28 Sep 2016 14:15:31 GMT
etag: "57ebd083-82608f"
server: nginx
access-control-allow-origin: *
content-type: image/jpeg
content-length: 8544399
accept-ranges: bytes
cache-control: public, max-age=500387
expires: Sat, 11 Feb 2023 11:46:57 GMT
date: Sun, 05 Feb 2023 16:47:10 GMT
X-Firefox-Spdy: h2
steamcdn-a.akamaihd.net/steam/apps/364360/extras/Watch-the-skiesSmall.jpg?t=1545145125
23.33.119.11200 OK 8.0 MB URL HTTP/2 steamcdn-a.akamaihd.net/steam/apps/364360/extras/Watch-the-skiesSmall.jpg?t=1545145125
IP 23.33.119.11:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 628 x 183\012- data
Size 8.0 MB (7987648 bytes)
Hash ec402f63c1b7d58a4e896cbb54c49516
5d126fc53be7db675bdbc89ed68bf77b25940ca4
b3a051ab4de51b03b28a11572c7378ee22abac5a27e55f2c951f3f6ee72fd64b
GET /steam/apps/364360/extras/Watch-the-skiesSmall.jpg?t=1545145125 HTTP/1.1
Host: steamcdn-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 28 Sep 2016 14:15:31 GMT
etag: "57ebd083-79e1c0"
server: nginx
access-control-allow-origin: *
content-type: image/jpeg
content-length: 7987648
accept-ranges: bytes
cache-control: public, max-age=246846
expires: Wed, 08 Feb 2023 13:21:16 GMT
date: Sun, 05 Feb 2023 16:47:10 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5977
Expires: Sun, 05 Feb 2023 18:26:49 GMT
Date: Sun, 05 Feb 2023 16:47:12 GMT
Connection: keep-alive
www.google.com/recaptcha/api.js?onload=gglcptch_onload_callback&render=explicit&ver=1.70
142.250.74.164200 OK 583 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=gglcptch_onload_callback&render=explicit&ver=1.70
IP 142.250.74.164:0
File type ASCII text, with very long lines (919), with no line terminators
Hash 6367572d91cf501867c5b6641ff41dc0
c3b71afd5b7a44fb02f4a9ad759e259914cb62b8
e73936b9f5b60e4ab24eef9c5711799fc3bbde2c94c10e7541fadd60d536bb6e
GET /recaptcha/api.js?onload=gglcptch_onload_callback&render=explicit&ver=1.70 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 05 Feb 2023 16:47:12 GMT
date: Sun, 05 Feb 2023 16:47:12 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/addons/clan-wars/js/matches.js
172.67.217.92200 OK 2.0 kB URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/addons/clan-wars/js/matches.js
IP 172.67.217.92:0
File type HTML document text\012- assembler source, ASCII text
Hash b8103d29f57c0161868b97d93a21f68b
185090746618efdb5b780249cd5ba435cc147b0f
18db948bbbd0e71046f5fc88b4c5b11d7016ce8547a94b8ef015ae4c4d7526cf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/skidrowcodex-main/addons/clan-wars/js/matches.js HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 20 Jul 2022 22:26:07 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Sun, 07 Jan 2024 19:54:19 GMT
etag: W/"62d880ff-1196"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2494372
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L2LLNNTrbeaTOQU0BocsB%2FWobZbSKcUqPmcWOC3TKl9vyyydZISUw3Nvsr8Mg%2BJU0VjGPjtFZCUXO%2Bs6PfOoGHR7932S7wyl5TVm9Ey5DrduW2NMJx9nd1w2t9112oV4LZxpHKBowA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d20594a7ab505-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7509
Expires: Sun, 05 Feb 2023 18:52:21 GMT
Date: Sun, 05 Feb 2023 16:47:12 GMT
Connection: keep-alive
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/animate.css?ver=20150401
172.67.217.92200 OK 4.4 kB URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/animate.css?ver=20150401
IP 172.67.217.92:0
File type ASCII text, with very long lines (53186)
Hash a3d3dc0462aed8b14e76615c9e3e940e
2908e7d206996e40abf11d5e97706b427701bb5d
bebe88f04b0cd765e1921a174bae062410c8d4fa83eb346372be0d816715611e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/skidrowcodex-main/css/animate.css?ver=20150401 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 20 Jul 2022 22:26:07 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Sun, 07 Jan 2024 20:25:15 GMT
etag: W/"62d880ff-d063"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2492516
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2B8V9P%2FbGn01bD0hyURCcPseK6lLiOXOHlNFvUfRId36AVoyBduEB9DQ3r130Wc8%2BoH1YQLStE4XUzWBbW4%2FFbONoGzzRJyLd6jTns6kBm1qlyEpC3HlRejhOvoWWvwsEhdJ3SThag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d20582884b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/buddy-bbPress-Support-Topic-master/css/bpbbpst-bbpress-widget.css?ver=2.1.4
172.67.217.92200 OK 2.0 kB URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/buddy-bbPress-Support-Topic-master/css/bpbbpst-bbpress-widget.css?ver=2.1.4
IP 172.67.217.92:0
Hash 81aefa3f0c457db22fb8ddb845a81eb9
ad7cd009c7b27d55eceb978193dda27b72879f67
f335fc3418b98bce1d1969998eae2383c8c44245a9a7132b791ac69b20b557df
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/buddy-bbPress-Support-Topic-master/css/bpbbpst-bbpress-widget.css?ver=2.1.4 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 30 Apr 2022 22:49:15 GMT
cache-control: public, max-age=31536000
expires: Tue, 06 Jun 2023 22:15:01 GMT
etag: W/"626dbceb-41c"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 21061929
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ymhfNXE1ncSk1Tx59gexddF0Q0FTEaDL%2B4bowqKvlSlqx4%2BGmByQDdGBs6YDF3FHL3v4VvvwWmVHqDB5QDmGK%2BJOuUVnbCfYEQ1G3WckTzrpftABtPOUL%2BoF92MSRaMV5G6ZFQ6Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d205828a5b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/fontawesome6/css/all.css?ver=1.0.0
172.67.217.92200 OK 22 kB URL HTTP/2 www.skidrowcodex.net/fontawesome6/css/all.css?ver=1.0.0
IP 172.67.217.92:0
File type troff or preprocessor input, ASCII text
Hash 48ef3c9ba1d96298d773408949dea35d
29ff1fe76335134fc6a96f1adcfd072720165e65
919aae7f3d963018777fcc3c8c08c5e3a6c5b5f79529234d6093fbcb61b9a9e8
Analyzer Verdict Alert fortinet Malware
GET /fontawesome6/css/all.css?ver=1.0.0 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 20 Jul 2022 22:25:55 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Fri, 19 Jan 2024 05:38:17 GMT
etag: W/"62d880f3-21abd"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 1508934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihm9O%2BB%2Bxk6xduDsfS4EEsCiArriAmrA51JwT8y3D3sdwZM9%2B4leqU%2BbaOgHWjWlytpCNN2KPZMNycG9AJocE2GdJgJ%2B1avbedCMFkJioF04h%2FwEdXqpTDi8GdOvjDYxPcRd%2B9R53g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d205838a8b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-includes/js/wp-embed.min.js
172.67.217.92200 OK 1.1 kB URL HTTP/2 www.skidrowcodex.net/wp-includes/js/wp-embed.min.js
IP 172.67.217.92:0
File type ASCII text, with very long lines (1491)
Hash 4f7896cfe1ecbcbdc596f3f91d55d750
814b9901e11987588e739155dddedf02955add30
5bc5449734ee263d66c0f7e2c364aecbb96d01ebe964c993ac943afce5df27cf
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-embed.min.js HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 23 Nov 2022 08:38:23 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Sun, 26 Nov 2023 02:54:06 GMT
etag: W/"637ddbff-5f6"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 6184292
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=usYd4X8XidjhZER%2FRQygcLhjcBoH5jHbQiCSh7bWX6ms0M2Ovd1z8RblVyb4kgF3XPPBt9WEDDFR6vGulkbiLoZapydosCyJd49Lc8IlRhf%2FwG1hM%2ByrMlCndIbXC5J1lcRcWLzIjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d20596ac7b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/buddypress/bp-members/css/blocks/member.min.css?ver=11.0.0
172.67.217.92200 OK 1.8 kB URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/buddypress/bp-members/css/blocks/member.min.css?ver=11.0.0
IP 172.67.217.92:0
File type ASCII text, with very long lines (1898), with no line terminators
Hash 18ba77d14166590d205545a74bde29d7
5c22a86dcf385d7723bdd1839987d8b990ee4375
83ea5ba5040776f3a35df526c7fa1a56fa9f64e50006af3729f871e9b5be9085
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/buddypress/bp-members/css/blocks/member.min.css?ver=11.0.0 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 06 Jan 2023 08:34:10 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Sat, 06 Jan 2024 09:01:19 GMT
etag: W/"63b7dd02-76a"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2619813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iEa3DVkMpfI20%2F5cvYX5kVoiXJ6QQgA9pom%2Fcx%2Bwdp4hDFGsMsicrYI4b%2F%2F2g%2F%2BLcvx14nhIG0OBqGBZC13sTeToikDx0OGG3iAVm7eKUh2OPijqnm8rKQu3mBj0oxFW12Y8%2BbVinQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d2057f818b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-includes/css/dashicons.min.css
172.67.217.92200 OK 43 kB URL HTTP/2 www.skidrowcodex.net/wp-includes/css/dashicons.min.css
IP 172.67.217.92:0
File type ASCII text, with very long lines (58981)
Hash 5e4db6bd5188443545fa57a57333e31e
118acd123fec645a06cbf7bc9211f444a7ede8bf
e6a65a1187f3eaaa380e4304ebc008bc51f7c400d175bd1fd5e7b8165e1c5c6e
GET /wp-includes/css/dashicons.min.css HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 10 Sep 2021 02:18:46 GMT
cache-control: public, max-age=31536000
expires: Tue, 04 Jul 2023 17:33:08 GMT
etag: W/"613ac086-e688"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 18659642
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YktsoSsFL2SzXKM8G9B5Yaz9aQKuXNM%2BOFiWSPrgzQYTqbbzgssjMLX67s8T8xCHQIIeUKDjHfWTAzmmUEMZYOKVAEO9%2B5Bxc9F9xC3Pj5pPU1z1FjkQ4WTR%2F9o2VrudI%2BrxyFLq5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d2058289cb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-includes/css/buttons.min.css
172.67.217.92200 OK 20 kB URL HTTP/2 www.skidrowcodex.net/wp-includes/css/buttons.min.css
IP 172.67.217.92:0
File type ASCII text, with very long lines (5819)
Hash 1f272dd9af2ceb23b11f889043f631ac
0521b33f5e5807ee2124d5dd6244178837e879e3
71151a94bd95fb4349b8c9f229e72f7c9e03c1da4d2990e1ee9c162f4de5e3a5
GET /wp-includes/css/buttons.min.css HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 20 Jul 2022 22:26:08 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Fri, 19 Jan 2024 05:38:17 GMT
etag: W/"62d88100-16de"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 1508934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tykmhQL%2F6pbNYYMCJKjXCdRJIBzUer5MHpbTifak8jZsVsrwZ1X4bkKrn80KZOsmYyoU%2B3VZbnCSypwK3lhS9dB%2Fvm%2FWqkuC8wlwjsItecvHupZIv1Se3woCrGCnd0cVJzPNB%2BdoAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d20582899b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8e0be7db14d930d6227443314bcd1747
4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d
baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12967
x-amzn-requestid: 013fa296-a431-410b-b3fb-7417b3e877eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpIQAFCMIAMF0Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9ed99-2e1daa8b75977de07c48b8fc;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 04:42:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UzQGDCYe_8AuYYLaLSAWzHQhwJMpzpXWbjE5AwukevW6G6SLDxDjmA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 03:42:59 GMT
age: 47053
etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: 6a8c6487-6069-47d1-afa1-648626f85439
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqGg5oAMFV-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-0a772cde1e6fba6d7da97435;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CHWhIpyzhoPtMUplzh1430Q9FfCM1wkTc_hQsgQk6InM9tYBPGYnNg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:05:45 GMT
age: 67287
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.187.102.159101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.102.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: G6gLK7Hy+He783QlhyPsrQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DO9DY8H0Sgs+zxxIpOz9OMOZK+I=
www.skidrowcodex.net/wp-content/plugins/ajax-search-lite/css/style.basic.css?ver=4.11
172.67.217.92200 OK 15 kB URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/ajax-search-lite/css/style.basic.css?ver=4.11
IP 172.67.217.92:0
File type ASCII text, with CRLF line terminators
Hash 64ecd352be3b478c356c9d4080e7fe97
1d17510038372905c4774b239dfe861c6912ac17
b53ab5c1a973feb9cd7b416147636727356243b78bf80dbb0ed0cd8138102a81
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ajax-search-lite/css/style.basic.css?ver=4.11 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 10 Jan 2023 21:52:54 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Wed, 10 Jan 2024 21:58:19 GMT
etag: W/"63bdde36-4cae"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2227732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1k8%2FFeGPCm3XnXIXv%2Bk293XvJo7H4vDl%2BSscxuQGZjJzbJsxRGIIdubjwLDsban5mXCRjhNOtL3V6Ja7bAHIlmwceJrJSs5ntUxJ4BO3wUJ7bXY70aEOoy66jCxyxSSTbqKMJZM92A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d205828a3b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-includes/css/media-views.min.css
172.67.217.92200 OK 21 kB URL HTTP/2 www.skidrowcodex.net/wp-includes/css/media-views.min.css
IP 172.67.217.92:0
File type ASCII text, with very long lines (43713)
Hash 68897865b47fa1b50f4629195b0dfad0
b4ea50dc4cb81d4d8ecaed5ba42686a548cb9ef8
308fc28e4f221f175ae210bf4ccdf85512ce98dc3a63223d63ba98ebfd4fd212
GET /wp-includes/css/media-views.min.css HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 25 May 2022 22:03:40 GMT
cache-control: public, max-age=31536000
expires: Tue, 04 Jul 2023 17:48:48 GMT
etag: W/"628ea7bc-b7a8"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 18658702
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zOO7OU%2BhBzD%2FgL2jhub3hrz6WN6Lht28lyXzZL1DOoT8FPCLy0yi%2FFh%2BEa%2F3NmnvvyoTWUYpMzLlrFDrw1OOjPfMDhfLuSpKTH%2Fk8XD%2FBVoiW5Vka0tl%2BUBNoGorxdqBZ7GULQW4xg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d205828a1b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-includes/js/media-views.min.js
172.67.217.92200 OK 28 kB URL HTTP/2 www.skidrowcodex.net/wp-includes/js/media-views.min.js
IP 172.67.217.92:0
File type ASCII text, with very long lines (65501)
Hash 75c48fe980d55f1589ea7f899f88cb78
0ee707660034e6e1a4120bf44b944d20172d0f20
8b71e10f7ace510b5a9cbd6fc53d0fbbd3d6e0772c228763ed41e10047f75493
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/media-views.min.js HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Nov 2022 10:21:49 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Sun, 07 Jan 2024 19:54:19 GMT
etag: W/"6381e8bd-1b2a3"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2494372
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XFY9BgvHYXjMT9Dzx5%2B5A8oFGrFE6UmfFiFZkwu9cayrdNTPLLyB5La8ogH6FCl33KWtFyK5B9iQOs%2FNHfaFjeCTSQClMXVW4OraT%2BcRP9VREq0YNKReT1Ri0v114duVtNkWI00Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d20595abbb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 28bf28cd4047284962355849aa311878
c2e27d984d53cc799fcee6bfab8eba154f13aa1f
e6e338a641bbb15f3c1317c703a995fd819ba93b209a8ad2843e6fd0329fe1d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E6E338A641BBB15F3C1317C703A995FD819BA93B209A8AD2843E6FD0329FE1D8"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=894
Expires: Sun, 05 Feb 2023 17:02:06 GMT
Date: Sun, 05 Feb 2023 16:47:12 GMT
Connection: keep-alive
www.skidrowcodex.net/wp-includes/js/dist/a11y.min.js?ver=0ac8327cc1c40dcfdf29716affd7ac63
172.67.217.92200 OK 1.6 kB URL HTTP/2 www.skidrowcodex.net/wp-includes/js/dist/a11y.min.js?ver=0ac8327cc1c40dcfdf29716affd7ac63
IP 172.67.217.92:0
File type Unicode text, UTF-8 text, with very long lines (2973)
Hash 1e0c62163a6e20d820164ca2ab9aa741
7536f376c5aa42dd1fa0b01e154dc1ed399c046b
073aec604dbe8810cfa1a4b2db9986e561e5352f5674805088597f7b03311caa
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/a11y.min.js?ver=0ac8327cc1c40dcfdf29716affd7ac63 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Nov 2022 10:21:49 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Fri, 19 Jan 2024 03:10:46 GMT
etag: W/"6381e8bd-bc1"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 1517785
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BMZ3Hj4X7zLLVQo4k2quj9QUtUjzAv4fehbRFPaEJccTPNGQ7rslJrUTgswjv7mPU5jcK%2FWxbze00wLP7ufzj%2BsN2Yc%2BoDY4w4mfCBJpjQ0gZL5y9gooevUTnI749aOm6OmP3BdUvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d20595ab8b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
colognenobilityfrost.com/2a/a0/d7/2aa0d74e87039503a470d3942c5f7ea4.js
173.233.137.60200 OK 21 kB URL HTTP/1.1 colognenobilityfrost.com/2a/a0/d7/2aa0d74e87039503a470d3942c5f7ea4.js
IP 173.233.137.60:0
File type HTML document, ASCII text, with very long lines (60142), with no line terminators
Hash 4363cd89728e3ba46758124f8a811d5e
5d52147b88add50e6f7169b764d5091eddc246cd
32a923215a89a32efc4ebcad29d1df3162c288339304b4a89bcca87e432926bb
GET /2a/a0/d7/2aa0d74e87039503a470d3942c5f7ea4.js HTTP/1.1
Host: colognenobilityfrost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 16:47:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 60f9327561101f522c8af18401cf8863
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
colognenobilityfrost.com/9e/55/c2/9e55c24c07205b6a363c94f4ff46ad27.js
173.233.137.60200 OK 13 kB URL HTTP/1.1 colognenobilityfrost.com/9e/55/c2/9e55c24c07205b6a363c94f4ff46ad27.js
IP 173.233.137.60:0
File type ASCII text, with very long lines (37128), with no line terminators
Hash 358612203b178af073ad5aab29ac5c8f
7b0980c10a7a8b9dcf82efd38426b03780f47c7d
d48e8967fccea97656f2b71b6eacc628af52b8f57b81f970c2f62bb33241cdf4
GET /9e/55/c2/9e55c24c07205b6a363c94f4ff46ad27.js HTTP/1.1
Host: colognenobilityfrost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 16:47:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5e16903888002ed347449e4b96c4fd26
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/img/dots.png
172.67.217.92200 OK 977 B URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/img/dots.png
IP 172.67.217.92:0
File type PNG image data, 6 x 6, 8-bit/color RGBA, interlaced\012- data
Hash b4182163c3a6206ac2b16047c9c5728c
dfe78be5b52f41b77559972c0910f55ea0cd012a
941a6bc0a17c76ca67ecf18377953295380b4e01d544f5e6650d1c7df5d7bfe3
GET /wp-content/themes/skidrowcodex-main/img/dots.png HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/main.css?ver=20160930
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:13 GMT
content-type: image/png
content-length: 977
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Wed, 20 Jul 2022 22:26:07 GMT
cache-control: public, max-age=16070400
expires: Tue, 02 May 2023 20:49:06 GMT
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2922953
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EX4C6PaI2Nt9ogvn9T8eacbefWh0ep58fjRCidIbweurt%2BiPv72MDUoS%2FvDQ69BbvVywhfu9DjFyueyDkzBfa2nJHKvcovdPNmsOuLWcFue7ZaLCvf7CkC4p81KfdwbXJNG1G8yAlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d206cba87b505-OSL
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/img/lock.png
172.67.217.92200 OK 17 kB URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/img/lock.png
IP 172.67.217.92:0
File type PNG image data, 96 x 110, 8-bit/color RGBA, interlaced\012- data
Hash fecbdc317a3aff1c4d00e72b38282968
238bec1cac1ed867e9b4d0ac6bcca911eb03fec8
babd158fc7016951651bb505e64df065de6136b972abaf3c6fe2deb7824b0c2d
GET /wp-content/themes/skidrowcodex-main/img/lock.png HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/main.css?ver=20160930
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:13 GMT
content-type: image/png
content-length: 16785
last-modified: Wed, 20 Jul 2022 22:26:07 GMT
cache-control: public, max-age=16070400
expires: Fri, 19 May 2023 03:10:42 GMT
etag: "62d880ff-4191"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 1517793
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MgXq%2B4cGDjwPHRB2b3h1SHl2PTJUHqZ17jRgtKJM8muJ3%2BVf5DA2D0JmNFAqvVFHk2O37LI7i7aEJaA%2B9IqiBxyYs6yn1XDi64z5aRi1ooxvExCCYQ8aNbIA0bc%2B9dZWRsiu%2FyVgaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d206cba8cb505-OSL
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/img/stripe_dark.jpg
172.67.217.92200 OK 2.5 kB URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/img/stripe_dark.jpg
IP 172.67.217.92:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 45x45, components 3\012- data
Hash 831d60d44857d1610edc3cc99e5c966a
b9300a2686cbd8d151e704985d7a2b9756a2d7d1
f2f834565b74e137eaccc783ab6b6e98bc23c653f7610b5eb7a8f74e69fd89cf
GET /wp-content/themes/skidrowcodex-main/img/stripe_dark.jpg HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/main.css?ver=20160930
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:13 GMT
content-type: image/jpeg
content-length: 2518
last-modified: Tue, 31 Jan 2023 06:55:07 GMT
cache-control: public, max-age=16070400
expires: Fri, 02 Jun 2023 01:54:08 GMT
etag: "63d8bb4b-9d6"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 312784
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzmsXWDD43gwuvzZsYZymXb0w5BK9anVT05xKNe1nTy9KaIt5IN1CJtEvFs0oIa%2FzyS4mFtL3hnhZ%2Fmi0S%2FBTuhvCqSSRj3CGeJDbN%2BqpQ9KIk3zjszRgta9eB%2BYeoHMFixpg8BPUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d206cba96b505-OSL
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/img/tip2.png
172.67.217.92200 OK 1.5 kB URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/img/tip2.png
IP 172.67.217.92:0
File type PNG image data, 22 x 17, 8-bit/color RGBA, non-interlaced\012- data
Hash a4fc2c7b8edaccfa51b3e4f868629561
7e57dc0a0181425e5e057a7c9b0cad0b4b330e5b
c953c054e31937a34242e5cd9616f27b52bceb547b1a872b04d600e6c4560b26
GET /wp-content/themes/skidrowcodex-main/img/tip2.png HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/tooltip.css?ver=20160930
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:13 GMT
content-type: image/png
content-length: 1490
last-modified: Tue, 31 Jan 2023 06:55:07 GMT
cache-control: public, max-age=16070400
expires: Thu, 01 Jun 2023 22:31:25 GMT
etag: "63d8bb4b-5d2"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 324948
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m008JcnOLUBcZtYTh6WBI5Wd1T22rZCcLnDJYZZVO02UWDsb6EpW5bVUrDMvcfrNaXsWZbWRI2uO%2FwpGqlStAPnTRDS0rWQVd0mFcpLFOIC9ET8Lgi4em0b2fJEpczQe6SIJ80EJ7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d206cba99b505-OSL
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/img/ticker_bg.jpg
172.67.217.92200 OK 6.0 kB URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/img/ticker_bg.jpg
IP 172.67.217.92:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1170x35, components 3\012- data
Hash 94038b94f5429ac15e33a18afb5095bc
0866853c03bd768ef298f06ece3f3d3c516146d1
f2881f0e963bb5d4d3a598c589943bc451d0d3723035e870fb7f91845fd44f6d
GET /wp-content/themes/skidrowcodex-main/img/ticker_bg.jpg HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/main.css?ver=20160930
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:13 GMT
content-type: image/jpeg
content-length: 6019
last-modified: Tue, 31 Jan 2023 06:55:07 GMT
cache-control: public, max-age=16070400
expires: Thu, 01 Jun 2023 23:19:07 GMT
etag: "63d8bb4b-1783"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 322086
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M3P0pycccnBXMoOt4w%2Fy1y17LPMp2uVG83FatYXWnOyaywxPv2tdCasG8ZF5Um8hedArDbRthWSPk%2BPGZOIg9z7HnLbRXflKsS%2BQKa3QeSUUm2UacUnGMRO5AwLSAEO2%2F9FhbkC0nw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d206cca9eb505-OSL
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/vcfixes.css?ver=20150401
172.67.217.92200 OK 2.9 kB URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/vcfixes.css?ver=20150401
IP 172.67.217.92:0
File type ASCII text, with very long lines (683)
Hash ca50cb39a2869fff45941d4ddc977c88
7ac590b916c1f0696058433bcd8e26b58b258e04
002b67456cf42205b2ac029d0fd3af40bfcf8a41f050f2ccc9c14d26ce40842e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/skidrowcodex-main/css/vcfixes.css?ver=20150401 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Sun, 20 Sep 2020 13:10:50 GMT
cache-control: public, max-age=31536000
expires: Tue, 06 Jun 2023 22:15:01 GMT
etag: W/"5f6754da-2908"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 21061929
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMyHH9sgC2YweDpD6z19WPPNEM1zIBzsXoJ67LeqC8JFTt4Z05Z2i3F%2FjhXRjn9nmBf8bTfXVsDHkkCPYomDrzvTpzhCORaxLsxQSYd6oOud0dQfIX5mCdCON8RWzabdK5AUQ6KnFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d20582898b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/img/dark_wall.jpg
172.67.217.92200 OK 28 kB URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/img/dark_wall.jpg
IP 172.67.217.92:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x299, components 3\012- data
Hash ea37dc947a83753b5f364f9bb8a84bc9
0f07a6af7aab2dc4762d22edada7b933036b36a0
7eb115351100f9724ea804954b8d3c3bde3e515fd698cca4bc930dd6101751af
GET /wp-content/themes/skidrowcodex-main/img/dark_wall.jpg HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/main.css?ver=20160930
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:13 GMT
content-type: image/jpeg
content-length: 28089
last-modified: Wed, 20 Jul 2022 22:26:07 GMT
cache-control: public, max-age=16070400
expires: Wed, 01 Mar 2023 17:34:34 GMT
etag: "62d880ff-6db9"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 8291496
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UEn%2FG%2BaJ4HFbUnYUcztIcquPN1p%2BK9GMUNqNmmVQyRfNhK4xN3YznYqBXqOixwC82ix83BPbyC1FPmzgvJNfpVhamOiRtCJYlAH%2F3aVZnE5FBkDv9Bqz7KyOc4umhkubZVMQbDGN0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d206ccaaab505-OSL
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/buddypress/bp-groups/css/blocks/groups.min.css?ver=11.0.0
172.67.217.92200 OK 1.1 kB URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/buddypress/bp-groups/css/blocks/groups.min.css?ver=11.0.0
IP 172.67.217.92:0
File type ASCII text, with very long lines (3457), with no line terminators
Hash 868b1541d4a0e6d3c988440b58073a9a
eeb6e66ae94ce60d84ff915d4f0ec899915baccf
8054312f6c3342255dc3a6192c2abd8be1ea20fa6169a556876762aee2436e42
GET /wp-content/plugins/buddypress/bp-groups/css/blocks/groups.min.css?ver=11.0.0 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 06 Jan 2023 08:34:10 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Sat, 06 Jan 2024 09:01:19 GMT
etag: W/"63b7dd02-d81"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2619813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sfpzezPhllLvNQCxv1MbIPdjj7CZI3hylIsJWqVHoj3%2B8dkx1zb2oRsWOC%2FUXOEHitZ%2BGtj9EsLeNQKDzc2tixLpSVA9lyr%2BHlbu3JcCSuTh2hNT7cr%2ByG634cyoHdmyin24V15r3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d2057f833b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/buddypress/bp-groups/css/blocks/group.min.css?ver=11.0.0
172.67.217.92200 OK 169 kB URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/buddypress/bp-groups/css/blocks/group.min.css?ver=11.0.0
IP 172.67.217.92:0
File type ASCII text, with very long lines (2029), with no line terminators
Size 169 kB (169070 bytes)
Hash 317402486ac99dfcac9d0730c7b634f0
f8afbf884075961886323e42b4f7b06982c2c836
bcbc968e90f06d04c0e2ac1a8065ec41e5d22b194fbca64675e97a48bb1fabb9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/buddypress/bp-groups/css/blocks/group.min.css?ver=11.0.0 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 06 Jan 2023 08:34:10 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Sat, 06 Jan 2024 09:01:19 GMT
etag: W/"63b7dd02-7ed"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2619813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dp2j%2BFTSuelTqCFYoA4JeIoQ7ah50C9BmpHGsWSCghumTPRsHTjCbPAO8NGht2H0l8cy1uaQScxnXbgY%2BdIaKiCByHCJYl0M2Ux5m6gJqqidOnLOLdTAV0Beac1abdeQHnrmfWWZ%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d2057f82db505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/fontawesome6/webfonts/fa-brands-400.woff2
172.67.217.92200 OK 106 kB URL HTTP/2 www.skidrowcodex.net/fontawesome6/webfonts/fa-brands-400.woff2
IP 172.67.217.92:0
File type Web Open Font Format (Version 2), TrueType, length 105536, version 769.768\012- data
Size 106 kB (105536 bytes)
Hash cd2b4095e9ce66cde642c3502a4022d9
a280ecdddd14695fad22599301ab03adfe5224c0
404c746c8f7e3f9b7611a8f23d908c1a32a5c972236b9d89bb68b05d9bf4b905
Analyzer Verdict Alert fortinet Malware
GET /fontawesome6/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.skidrowcodex.net/fontawesome6/css/all.css?ver=1.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:13 GMT
content-type: font/woff2
content-length: 105536
last-modified: Tue, 31 Jan 2023 06:54:54 GMT
cache-control: max-age=16070400
expires: Fri, 03 Mar 2023 21:45:23 GMT
etag: "63d8bb3e-19c40"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 327710
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gf%2FQRP3Q%2FwGwZdlcSrCNXOlR8rZGWrsd7JP3eNKp5LcOyK%2BowWwN7LtAB53J354YhBkRVGm%2Fk0UNnM3rQ3hRuFU4xS1887FQu7Wr%2F3TyK%2F0M2CFLtlwOoflb3Ob9Y8pk%2F19m3ovdAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d206d1b2bb505-OSL
X-Firefox-Spdy: h2
www.skidrowcodex.net/fontawesome6/webfonts/fa-regular-400.woff2
172.67.217.92200 OK 24 kB URL HTTP/2 www.skidrowcodex.net/fontawesome6/webfonts/fa-regular-400.woff2
IP 172.67.217.92:0
File type Web Open Font Format (Version 2), TrueType, length 23940, version 769.768\012- data
Hash e8a1ba418ee6d897d1339ef22e6d8e60
379ca48f70f3d4f79f8bf1079881c7c5af4f44a4
6a274e7629c0d71dcf8cab1e7733687ebfe32e2c53b4ca9fad050b4f1d5471f3
Analyzer Verdict Alert fortinet Malware
GET /fontawesome6/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.skidrowcodex.net/fontawesome6/css/all.css?ver=1.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:13 GMT
content-type: font/woff2
content-length: 23940
last-modified: Tue, 31 Jan 2023 06:54:54 GMT
cache-control: max-age=16070400
expires: Sat, 04 Mar 2023 02:00:01 GMT
etag: "63d8bb3e-5d84"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 312432
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VFT8VvKJBPhJaB3zhKC1%2Bi9drj7fAscmkdiWMsUyITTW1wpE1zpignAisR3vIHTEnFCw%2FA1JJTnNnqvBFwPxRd5qbFlSRzNGEBAnklSijZqHKrKUxvldOucLXeXgyuBAgBVcYlywOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d206d3b63b505-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 16:47:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.skidrowcodex.net/wp-includes/css/dist/block-library/style.min.css
172.67.217.92200 OK 23 kB URL HTTP/2 www.skidrowcodex.net/wp-includes/css/dist/block-library/style.min.css
IP 172.67.217.92:0
File type Unicode text, UTF-8 text, with very long lines (33376)
Hash 1b69b1f1dfa9be52a3a2c03dca14aecc
c5ec9218840e66e9b5c4874b6f6a48a240d8a04c
4046878c230f86205d60be44602f8ad686584469deb576f902f782b1b3e08071
GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 26 Nov 2022 10:21:48 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Sun, 07 Jan 2024 19:54:19 GMT
etag: W/"6381e8bc-13abe"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2494372
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5xcFpyTJAPWHBMi33U4CV1KO%2FZkvvRehWVD7HU3ZZfAktHP6FLoOrfpuUhrYFSSW48sbkvREnepa%2B9e29inriopq38rBXWZ5btdCFwcLUscGZTBZRQW9Y4Yqu3MwNX6ZkurCLMiWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d2057e80bb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 76d3ef22c017706c86b3e3f3b6f21d04
b2402b28bd724cc39e82e2385d4f7313ed1c62dd
62a385b6b25a8d2e247f3fbd635accd1d7f6e929446fb8c3bc9603a8fa0dd03e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A385B6B25A8D2E247F3FBD635ACCD1D7F6E929446FB8C3BC9603A8FA0DD03E"
Last-Modified: Sat, 04 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15408
Expires: Sun, 05 Feb 2023 21:04:01 GMT
Date: Sun, 05 Feb 2023 16:47:13 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 2b9fa7773944abe31f5a0d2c89fcf83f
dd497be3ec7fff255da6600a2d92c45d0f4b9a50
68342c1715a25165c46c7832671ce7d31cc3afeda203b110c999875bb79ba116
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=165397
Date: Sun, 05 Feb 2023 16:47:13 GMT
Etag: "63dfaf99-1d7"
Expires: Tue, 07 Feb 2023 14:43:50 GMT
Last-Modified: Sun, 05 Feb 2023 13:31:05 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: AYCD8C1Nzu0k5yPurKvKMBN3LMwzZnvAjwWwaGMdm35CXy9jt0svTQ==
Age: 4365
www.skidrowcodex.net/wp-content/plugins/buddypress/bp-activity/css/blocks/latest-activities.min.css?ver=11.0.0
172.67.217.92200 OK 25 kB URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/buddypress/bp-activity/css/blocks/latest-activities.min.css?ver=11.0.0
IP 172.67.217.92:0
File type ASCII text, with very long lines (1877), with no line terminators
Hash fc8c2e7ea380d9b37a1444d0a46882d8
8ee5f80f42e469504db256b2068d8ccd004d51b9
0edc1a8dca6c00ea2fa028435f95eeb9846ff1992a118440cf17e2df955e8c9f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/buddypress/bp-activity/css/blocks/latest-activities.min.css?ver=11.0.0 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 06 Jan 2023 08:34:09 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Sat, 06 Jan 2024 09:01:19 GMT
etag: W/"63b7dd01-755"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2619813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dIq6SrVUokH9IWD9Mw7SlAc33PYG4pC0DhGe8l4MPWn9gl0LZowElxOnPE%2ButWrBlZ%2BkkXOlfIcP%2FLuxM8U8xt%2Fz6mZYVRLTwILELGVFh5b69wTbt%2FHY4zb6hheLETHjHMx3zcBJ0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d2057f823b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-includes/js/wp-backbone.min.js
172.67.217.92200 OK 17 kB URL HTTP/2 www.skidrowcodex.net/wp-includes/js/wp-backbone.min.js
IP 172.67.217.92:0
File type ASCII text, with very long lines (3002)
Hash 583d4d7fb441f8a655f1604ce337ef2f
9a811006a582b164d46c43efb4acbebc443cd691
f6d5e1d6e2a8b8ea4feb075c50bbe980bd9d391978394502b1a392483fb79e7b
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-backbone.min.js HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Nov 2022 10:21:49 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Fri, 19 Jan 2024 04:17:15 GMT
etag: W/"6381e8bd-bdd"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 1513797
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oeCT5rHPdcRsqFgHJVTmMioKwT2aOfOh8NW%2F%2FW7GvX0ri0HDcArlMmY8EGTSOY3Oi5tPPyUIExCoE%2F0Go%2FO5FAtc8mfB4yHJ%2FidNjks7i6rqvPTwxqumVOSEp2FERlPvWu8gLKUVBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d20594a84b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Hash b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.skidrowcodex.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 12:46:53 GMT
expires: Wed, 31 Jan 2024 12:46:53 GMT
cache-control: public, max-age=31536000
age: 446420
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 2b9fa7773944abe31f5a0d2c89fcf83f
dd497be3ec7fff255da6600a2d92c45d0f4b9a50
68342c1715a25165c46c7832671ce7d31cc3afeda203b110c999875bb79ba116
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=167267
Date: Sun, 05 Feb 2023 16:47:13 GMT
Etag: "63dfaf99-1d7"
Expires: Tue, 07 Feb 2023 15:15:00 GMT
Last-Modified: Sun, 05 Feb 2023 13:31:05 GMT
Server: ECS (bsa/EB18)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ASa4wi9l-KRaPz3iOSvnrD_3SHSdGGBxlmH34yCrsFmpg3TsBTEGNw==
Age: 6235
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
142.250.74.163200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.skidrowcodex.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 03:36:17 GMT
expires: Thu, 01 Feb 2024 03:36:17 GMT
cache-control: public, max-age=31536000
age: 393056
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
35.156.167.37200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.156.167.37:0
File type ASCII text, with no line terminators
Hash c476a7356ee1fab308827d0a4a6dd5ad
5d89d72492ccd74b31abd8ac129ccb04686ed78a
249b0ad629d5139eb3b024d438756cff2a9a7a111dc967c6475647a110af51f3
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.skidrowcodex.net
Connection: keep-alive
Referer: https://www.skidrowcodex.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:13 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.skidrowcodex.net
access-control-allow-credentials: true
set-cookie: uid_id2=6cf21d72-a2da-468a-b23e-7082c3a62d43:3:1; expires=Wed, 02 Feb 2033 16:47:13 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/shadowbox.css?ver=20160930
172.67.217.92200 OK 19 kB URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/shadowbox.css?ver=20160930
IP 172.67.217.92:0
File type ASCII text, with CR line terminators
Hash 31e360fff96a61bd6bb24084366cd737
a65f694c1c17eb934a2def53cd2ca90a6831907b
8db24733813f0a7cf85ede5543d5499e39e2c644b8062c2a0e34c58e5c8b72c1
GET /wp-content/themes/skidrowcodex-main/css/shadowbox.css?ver=20160930 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 20 Jul 2022 22:26:07 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Sun, 07 Jan 2024 20:25:15 GMT
etag: W/"62d880ff-7f9"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2492516
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jtef6H28dfr%2BjODn3vZgkqot74FwQJLgJPBMgFwgqPWYUS8NDCZ%2BcOxp8sArVy6u%2BxUar2vRMKVDI7jmcFttSYMU3HvTwNr%2FElsCWHSudaquxHUEAaC5thwO8WsNsZHCw6udCfYeNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d2058185ab505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-includes/js/dist/dom-ready.min.js?ver=71883072590656bf22c74c7b887df3dd
172.67.217.92200 OK 18 kB URL HTTP/2 www.skidrowcodex.net/wp-includes/js/dist/dom-ready.min.js?ver=71883072590656bf22c74c7b887df3dd
IP 172.67.217.92:0
File type ASCII text, with very long lines (1222)
Hash 6644f5c0c2f0aa365eb8d23b95fb4444
36cb25207c57c3e03ce41dbddcbec4d002785fdd
66f9efdaa14219c244db56130361d89fd86ad593cf748ce581cb7906779b9776
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/dom-ready.min.js?ver=71883072590656bf22c74c7b887df3dd HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Nov 2022 10:21:49 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Sun, 26 Nov 2023 10:22:34 GMT
etag: W/"6381e8bd-4e9"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 6157384
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ym1y9yPxMpQUa56GnDb1MDpPgxlGwg4jCY7ARyNfcK1e31BXc0%2FBgHub6jS8B1pcfNY9aEA%2Bt%2F63kIy0SZDCfrFlhWslYfrSnXBDrbfq645krVtzm%2BXCQ2Dz8TsNbvb4VblF%2BfG5kg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d20595ab5b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/img/back-to-top.png
172.67.217.92200 OK 2.1 kB URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/img/back-to-top.png
IP 172.67.217.92:0
File type PNG image data, 95 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash 952aaec234df43d2167f1400f8b3f60a
1015cb7713a407c513eefb339fca2d2670ca67a6
262f611899b5fe03759e7ac14af58f73f26b18c84f215b8e7065005f96b8774e
GET /wp-content/themes/skidrowcodex-main/img/back-to-top.png HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/main.css?ver=20160930
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:13 GMT
content-type: image/png
content-length: 2092
last-modified: Wed, 20 Jul 2022 22:26:07 GMT
cache-control: public, max-age=16070400
expires: Fri, 26 May 2023 15:50:42 GMT
etag: "62d880ff-82c"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 867393
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6uEu45VQXouZ49U9J1ZDgPSMZiOs3FIUFzvpSfsM79ymlUhXJDW4W8%2Bk9jV0untRipqXOMLxXlXp5bQ8FEULIsu4GPvHsZPxuXXAO0KSnVSg%2FyLZzIwP3Sr9UOalBCQf%2BJ43FSxkXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d206f5e58b505-OSL
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/responsive-full-width-background-slider/inc/images/overlay/overlay.png
172.67.217.92200 OK 211 B URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/responsive-full-width-background-slider/inc/images/overlay/overlay.png
IP 172.67.217.92:0
File type PNG image data, 2 x 2, 1-bit colormap, non-interlaced\012- data
Hash 0a3750e6fdb29fcd632e627e2fc34dde
7c046ea4b1669da4eb81acccd7fc58b00201543d
5ddb13e84c10a1b7a773f0580f2997c3b5e91d1c2227fc1313c5991429442657
GET /wp-content/plugins/responsive-full-width-background-slider/inc/images/overlay/overlay.png HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:13 GMT
content-type: image/png
content-length: 211
x-accel-version: 0.01
last-modified: Tue, 31 Jan 2023 06:55:07 GMT
cache-control: public, max-age=16070400
expires: Fri, 02 Jun 2023 01:54:08 GMT
vary: Accept-Encoding
x-powered-by: PleskLin
cf-cache-status: HIT
age: 312784
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWqFWn%2Bzwm5WRylZleEK8IbSj9E%2B7YMaDoV0TNz8cx4ryJVz4HEWeoBDMAOQX0gWSjYFL4oil1Mv6VxR53F1lMDITKcTrRKhJEO9lsISMb%2B9hFOS%2ByDuZN95JF6JBq5RVlSrHVmRdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d206f6e67b505-OSL
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
35.156.167.37200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.156.167.37:0
File type ASCII text, with no line terminators
Hash 7d936584f5c26c756bd425e0811684e9
efe1b37e730d0b51237e2a6ba336619b1cf559fc
5e98f1eb36a1ce33d7b6954305c8691715ce4aa46d216123ac4c213a12421222
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.skidrowcodex.net
Connection: keep-alive
Referer: https://www.skidrowcodex.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:13 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.skidrowcodex.net
access-control-allow-credentials: true
set-cookie: uid_id2=3830a2e5-3bb1-4378-9ecc-79b5b2b68ced:1:1; expires=Wed, 02 Feb 2033 16:47:13 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
35.156.167.37200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.156.167.37:0
File type ASCII text, with no line terminators
Hash 2892d1b1b71a0e573514911127134bf3
092e68ad1e369afc867f68950a40f25168c0f9d3
37c5b651dc0e87cd6b719e0a5b97a634e8cebee766e75f7b967ecce507c85353
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.skidrowcodex.net
Connection: keep-alive
Referer: https://www.skidrowcodex.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:13 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.skidrowcodex.net
access-control-allow-credentials: true
set-cookie: uid_id2=9038c91e-a911-4dcf-98bd-36049769f5a4:1:1; expires=Wed, 02 Feb 2033 16:47:13 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/buddypress/bp-friends/css/blocks/friends.min.css?ver=11.0.0
172.67.217.92200 OK 18 kB URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/buddypress/bp-friends/css/blocks/friends.min.css?ver=11.0.0
IP 172.67.217.92:0
File type ASCII text, with very long lines (621), with no line terminators
Hash d63f5fd0c134069fe34cd989536f72c5
70759838bb3c7e62478b2ff72df3f74dbd862972
4603e58b79fc9b3c5fbf1008e9680b3ff1631d3f48fc536fff65097f8f0acad4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/buddypress/bp-friends/css/blocks/friends.min.css?ver=11.0.0 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Fri, 06 Jan 2023 08:34:10 GMT
cache-control: public, max-age=31536000
expires: Sat, 06 Jan 2024 09:01:19 GMT
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2619813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hvbLGx3jCjuUyDqRxeFtZPCLTJhuyC4b01pnB4zcm%2FtzdlGxJJyU0fc4ALtNPhAWyUq33XTzUagr0M%2FhqJPJl7vFo2I6Ias0KhhwfAcZSnKYY78X3BYBjuyybL%2BDLeuRnOLdlCNvPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d2057f826b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
prejudiceinsure.com/pixel/purst?dl=0&th=0&sc=0&rs=3948&rd=3948&fd=3332&bv=22.10.v.9&tmpl=70
173.233.137.60200 OK 0 B URL HTTP/1.1 prejudiceinsure.com/pixel/purst?dl=0&th=0&sc=0&rs=3948&rd=3948&fd=3332&bv=22.10.v.9&tmpl=70
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=3948&rd=3948&fd=3332&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: prejudiceinsure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 16:47:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
friendshipmale.com/sfp.js
172.64.203.23200 OK 28 kB URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.203.23:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 886f482e6cb3fd74524b34cca161fc9e
c43f540a03b8ab4f1c6d0552f936d940dc31091b
ecd4f6a4b3e7b52c083601cc4daa4963c586009458391bc86c222a107857c166
Analyzer Verdict Alert fortinet Malware
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:13 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: cf2f0408f72d55cedf9c097ccfa15462
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 05 Feb 2023 16:47:13 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zWvAfnUdhS2Bqa3Q8jKRW%2F51S7qlmFhdbbtochajD0PfcsNTu3uzolyKawx2EOV8Kk%2BT3UezYHCueUa3M2zyeGFI7b9VLmIfPHzZGpPWW5WtJtLo8sodB%2FGTzBkEpuQnQOFYfc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d206d28137695-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/bootstrap.css?ver=20160930
172.67.217.92200 OK 42 kB URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/bootstrap.css?ver=20160930
IP 172.67.217.92:0
File type assembler source, ASCII text, with very long lines (540)
Hash c2be8e391852de35164921e37dad647b
2b9540a340c6d03aa0b859cfc8426006e8570e15
9c82a22a0b6c7efd5c1fca18fa78d17f8ab8602fb3d0b2418c0ada3382bcbfd9
GET /wp-content/themes/skidrowcodex-main/css/bootstrap.css?ver=20160930 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Sun, 20 Sep 2020 13:10:50 GMT
cache-control: public, max-age=31536000
expires: Tue, 06 Jun 2023 21:32:27 GMT
etag: W/"5f6754da-1fbf3"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 21064483
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QRcbxGcZt6NxSoO9cOnCHnIXvS9AxyoTcYRKzVgQFjdQCg79pKzIM%2BHScIT07YbXyVyNRmDfokFFEyL6w1oVjPsjeVedGLGxdq8y0L9rsDeRo5jASi%2FhkbRDSYc4SdvgaG9Y%2Ft90aw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d20581860b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
ws.sharethis.com/button/async-buttons.js
54.230.111.78200 OK 19 kB URL HTTP/2 ws.sharethis.com/button/async-buttons.js
IP 54.230.111.78:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0b3b7d06f8df8276ede0facec198706e
3e42fc6cacb95a5fa1b56c5b3984e8269752fbbe
342ffe242184c80ddf304e21db8b256ccb8aecb1f4bd9363802dcf2f36053837
GET /button/async-buttons.js HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 18813
cache-control: max-age=259200
content-encoding: gzip
date: Fri, 03 Feb 2023 09:31:47 GMT
etag: W/"63d989f2-16245"
expires: Mon, 06 Feb 2023 09:31:47 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RlXp8HePDncA2EYDNW2Ln-ViMLGGhnXbj6OTbcSz5ntRUYZgQl390A==
age: 198926
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
farm1.staticflickr.com/783/41557306941_bd4746c6fe_o.jpg
143.204.48.75200 OK 5.7 kB URL HTTP/2 farm1.staticflickr.com/783/41557306941_bd4746c6fe_o.jpg
IP 143.204.48.75:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 184x184, components 3\012- data
Hash e6be7684f30b83388026b9e8e4ec5d9d
606d2ebe7d560f9f57528471f2027af8540e5540
57a0b41dc02f2db77675aebe3d9ee93f7c428b9b2369d34b295d0bca5468a84b
GET /783/41557306941_bd4746c6fe_o.jpg HTTP/1.1
Host: farm1.staticflickr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 5714
date: Sat, 07 Jan 2023 11:28:23 GMT
edge-control: public, max-age=31536000
surrogate-control: public, max-age=31536000
cache-control: public, max-age=31536000
expires: Sun, 07 Jan 2024 11:28:24 GMT
imagewidth: 184
imageheight: 184
content-md5: 5r52hPMLgziAJrno5OxdnQ==
etag: "e6be7684f30b83388026b9e8e4ec5d9d"
last-modified: Tue, 02 Apr 2019 14:02:26 GMT
streaming: false
origintype: D
server: Jubilee
quote: "I'm not a kid anymore, I'm one of you, one of the X-Men. It means more to me than anything in the world."
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
powered-by: Mutation/1.0
hiring: Change the world of photography with us. https://www.flickr.com/jobs/
ourvalues: Dare (#4 of 5)
x-request-id: 87590b4b
x-frame-options: DENY
p3p: CP="This is not a P3P policy. We respect your privacy."
x-env: a=live, b=jubilee, c=4cf206a9, e=b1cfc1fdb4a90fbd7ed7449176940c7c057c6af1
x-ttfb: 0.079
x-ttdb-l: 5714
mib: 2
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: X4zGDZ0w_D6UGXTkeBnCzChW2wSPpdc0fGNRO3Q75_C0lLH7uYXKsg==
age: 2524731
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9206c3ba6d5a17d62244c438fd03496e
069e8257aebe618953434b1299d065540125a512
937d395fed398e9410f75945e80f607f3146458b48cd47ba7249536ca2195817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 16:47:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/bbpress.css?ver=20160930
172.67.217.92200 OK 169 kB URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/bbpress.css?ver=20160930
IP 172.67.217.92:0
File type ASCII text, with very long lines (20130)
Size 169 kB (168570 bytes)
Hash 9043efb297924caf7e7819c980a5339f
c42d1c452608204d94c33496938ef0fcb037a981
e1d75d29559e15c304b16956cb6aa8bce8c12dad6571e8cbfb9028e731e33369
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/skidrowcodex-main/css/bbpress.css?ver=20160930 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 20 Jul 2022 22:26:07 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Sat, 20 Jan 2024 06:34:58 GMT
etag: W/"62d880ff-57f3"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 1419134
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lNsfS%2BYE1Zara1C2gTo5Vxn%2FWWXk2bnAwxChJy9W51s2MCpFAwyh2s3v3siaVU7840K6I3nvsaUBdNiOmsWRXglDPdczzd%2BbfYwvRJj8iUETySSOD%2BT4dTqURVEhGf8GtvJ%2Fg11URA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d20581870b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
216.239.34.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.34.178:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 05 Feb 2023 15:44:08 GMT
expires: Sun, 05 Feb 2023 17:44:08 GMT
cache-control: public, max-age=7200
age: 3786
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/img/arrow-menu.png
172.67.217.92200 OK 958 B URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/img/arrow-menu.png
IP 172.67.217.92:0
File type PNG image data, 9 x 9, 8-bit/color RGBA, non-interlaced\012- data
Hash f9c0ecfcff60768fbd06b8530b5893d8
278c5069e07702d4879e9071a6b0771dcdf52276
a67a4f1d3647720231c97244d0c0ff6dfa49b83f7191dd86d19940a3d3f96685
GET /wp-content/themes/skidrowcodex-main/img/arrow-menu.png HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/main.css?ver=20160930
Cookie: __unam=bb01aea-186227a21dd-4ee9a948-1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:14 GMT
content-type: image/png
content-length: 958
x-accel-version: 0.01
last-modified: Wed, 20 Jul 2022 22:26:07 GMT
cache-control: public, max-age=16070400
expires: Fri, 19 May 2023 05:38:31 GMT
vary: Accept-Encoding
x-powered-by: PleskLin
cf-cache-status: HIT
age: 1508925
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2nhK%2FQ3660dsX9NZ6lmfArVATgr2UPmVvpJp3p54hTDfQORNOyq6i7%2BdePxiaqexVkHp8XJLYqIpkXbuBzl8J3m7EA8rIWurKcfCvzSr1XE4Izk%2FxEslptaqR56hNVZfrEDpno3OBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d2070d89db505-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 16:47:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ws.sharethis.com/button/css/buttons-secure.css
54.230.111.78200 OK 3.9 kB URL HTTP/2 ws.sharethis.com/button/css/buttons-secure.css
IP 54.230.111.78:0
File type ASCII text, with very long lines (23158), with no line terminators
Hash 61da924a747e08c5f54a6cb31c724a48
8e49d971d6a667c3888a481b742e05cafcf72a43
54302324d4b6aa780466c869b9932504d0b1eaa7ef1df6c5481b35fb0625343a
GET /button/css/buttons-secure.css HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 3851
content-encoding: gzip
date: Sun, 05 Feb 2023 05:11:47 GMT
etag: W/"63d989f4-5a76"
last-modified: Tue, 31 Jan 2023 21:36:52 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: apRDVokMujTXVbh_FbbHKAFcTxG5L6CCS25u1glOAut9RGUHEK6fZQ==
age: 41727
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
steamcdn-a.akamaihd.net/steam/apps/256663246/movie_max.webm?_=1
23.33.119.11206 Partial Content 4.5 MB URL HTTP/2 steamcdn-a.akamaihd.net/steam/apps/256663246/movie_max.webm?_=1
IP 23.33.119.11:0
ASN #20940 Akamai International B.V.
File type WebM\012- EBML file, creator webmB\20\012- data
Size 4.5 MB (4521488 bytes)
Hash 84dd66b50d4500effc9a052fddba40c9
9dd55ff466dfd072ee3646f0b5baaad89cda2226
89e5886a7d64f5ff5cc6b33970415f3247493fc59626ed982456c3505de65f98
GET /steam/apps/256663246/movie_max.webm?_=1 HTTP/1.1
Host: steamcdn-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.skidrowcodex.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
content-type: video/webm
last-modified: Wed, 20 Apr 2016 10:53:14 GMT
etag: "57175f9a-143f556"
accept-ranges: bytes
date: Sun, 05 Feb 2023 16:47:14 GMT
content-range: bytes 0-21230933/21230934
content-length: 21230934
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
35.156.167.37200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.156.167.37:0
File type ASCII text, with no line terminators
Hash c476a7356ee1fab308827d0a4a6dd5ad
5d89d72492ccd74b31abd8ac129ccb04686ed78a
249b0ad629d5139eb3b024d438756cff2a9a7a111dc967c6475647a110af51f3
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.skidrowcodex.net
Connection: keep-alive
Referer: https://www.skidrowcodex.net/
Cookie: uid_id2=6cf21d72-a2da-468a-b23e-7082c3a62d43:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:14 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.skidrowcodex.net
access-control-allow-credentials: true
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/buddypress.css?ver=20160930
172.67.217.92200 OK 73 kB URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/buddypress.css?ver=20160930
IP 172.67.217.92:0
File type ASCII text, with very long lines (857)
Hash 3cc662efa7e26ad5ccde3ac78a724308
93009c776791414f68601f5312547146a12fd415
732bcd3e60fecd8c058ac8cf27afba8f2fd43adc6178e40d273d6f73a715e0b3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/skidrowcodex-main/css/buddypress.css?ver=20160930 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 20 Jul 2022 22:26:07 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Fri, 19 Jan 2024 05:38:17 GMT
etag: W/"62d880ff-e393"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 1508934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j35TzCUHXipR9Bmf0qXVdvx0N4eEZ5Ut8h9xQVioSDUQNUzSbV1JE74EMtIr%2BDmfdrTJrAF7XVGrffCllUhkkekpD9mwT9%2FgpVhyKgG%2F6HfrLKjKHgazLlU6kygVXY6Tubt460%2FJnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d20581873b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f670dd974cc6bd4679bcf36d9238aff8
54ba66ba657e27e0ac25da50e3bd3b8dfeabdf38
2d76cdb0f3b4ea41e8019e71d4005caf7d4f9ae7d291a9801d1c6a7df44762f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2D76CDB0F3B4EA41E8019E71D4005CAF7D4F9AE7D291A9801D1C6A7DF44762F0"
Last-Modified: Sat, 04 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8606
Expires: Sun, 05 Feb 2023 19:10:40 GMT
Date: Sun, 05 Feb 2023 16:47:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ca784bfb98a85732f481ca165bdcedcb
b4508579ced64ada4d6e81bb455188d67f10054a
49fd8d13e978e522da76463d6fff640af40cfa8d965bc4a89df2d7f988b77312
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49FD8D13E978E522DA76463D6FFF640AF40CFA8D965BC4A89DF2D7F988B77312"
Last-Modified: Sat, 04 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6950
Expires: Sun, 05 Feb 2023 18:43:04 GMT
Date: Sun, 05 Feb 2023 16:47:14 GMT
Connection: keep-alive
prejudiceinsure.com/pixel/pure
173.233.137.60204 No Content 0 B URL HTTP/1.1 prejudiceinsure.com/pixel/pure
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
OPTIONS /pixel/pure HTTP/1.1
Host: prejudiceinsure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.skidrowcodex.net/
Origin: https://www.skidrowcodex.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 16:47:14 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0
prejudiceinsure.com/pixel/pure
173.233.137.60204 No Content 0 B URL HTTP/1.1 prejudiceinsure.com/pixel/pure
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
OPTIONS /pixel/pure HTTP/1.1
Host: prejudiceinsure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.skidrowcodex.net/
Origin: https://www.skidrowcodex.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 16:47:14 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 79e65fc8bd6082f7b42e9235efec43f9
f9a2b2c14c1fa6aa4d832c77066452c72b209274
0266d380456e97ee19ae84c54858fc37d227d79292fb731015a874b3d954eb5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0266D380456E97EE19AE84C54858FC37D227D79292FB731015A874B3D954EB5E"
Last-Modified: Sat, 04 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15376
Expires: Sun, 05 Feb 2023 21:03:30 GMT
Date: Sun, 05 Feb 2023 16:47:14 GMT
Connection: keep-alive
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 10:05:58 GMT
expires: Fri, 02 Feb 2024 10:05:58 GMT
cache-control: public, max-age=31536000
age: 283276
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
prejudiceinsure.com/pixel/pure
173.233.137.60200 OK 0 B URL HTTP/1.1 prejudiceinsure.com/pixel/pure
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
POST /pixel/pure HTTP/1.1
Host: prejudiceinsure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 73
Origin: https://www.skidrowcodex.net
Connection: keep-alive
Referer: https://www.skidrowcodex.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 16:47:14 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
prejudiceinsure.com/pixel/pure
173.233.137.60200 OK 0 B URL HTTP/1.1 prejudiceinsure.com/pixel/pure
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
POST /pixel/pure HTTP/1.1
Host: prejudiceinsure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 73
Origin: https://www.skidrowcodex.net
Connection: keep-alive
Referer: https://www.skidrowcodex.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 16:47:14 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
www.skidrowcodex.net/wp-content/plugins/google-captcha/js/pre-api-script.js?ver=1.70
172.67.217.92200 OK 590 B URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/google-captcha/js/pre-api-script.js?ver=1.70
IP 172.67.217.92:0
Hash 72868d2263d9f74bccbb26daab4d1c30
5293ef893adadfadf441ef4013bf6a65f0af3188
691451182ca6279af9b6077f7e3a9cb51106203cd1069e9b689b04a5d3dd07c6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/google-captcha/js/pre-api-script.js?ver=1.70 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 11 Dec 2022 10:09:58 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Mon, 11 Dec 2023 10:10:15 GMT
etag: W/"6395ac76-6fc"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 4862106
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxWLWHtlVFFY6EzWIE84CwW4hZEEAitwQmJ5n7QprJDBLQ5FbPZD4xjUOtgmoCikMw3GKxcVHWUwmVLJaObZSolGBJdbcv7mLM%2Fg1RDU8g4VnqIWJ1QVpIxtWarMn6mMHqS9J%2F6dHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d20596ac9b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 32f2303686dd97bd505c717191db295e
ec7f36c2f8416458cac98eee989c51c7f880c747
8f093240519e2239d7c63c9236cb862fe2483d9f641c2beb99287b71d69c789e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F093240519E2239D7C63C9236CB862FE2483D9F641C2BEB99287B71D69C789E"
Last-Modified: Sun, 05 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4418
Expires: Sun, 05 Feb 2023 18:00:53 GMT
Date: Sun, 05 Feb 2023 16:47:15 GMT
Connection: keep-alive
withenvisagehurt.com/watch.351800484987.js?key=3d4d1ebf834071da337ca3d4ccf0aef4&kw=%5B%22total%22%2C%22war%22%2C%22warhammer-steampunks%22%2C%22-%22%2C%22skidrow%22%2C%22codex%22%5D&refer=https%3A%2F%2Fwww.skidrowcodex.net%2Ftotal-war-warhammer-steampunks%2F&tz=0&dev=e&res=12.1055&uuid=3830a2e5-3bb1-4378-9ecc-79b5b2b68ced%3A1%3A1
173.233.137.60307 Temporary Redirect 0 B URL HTTP/1.1 withenvisagehurt.com/watch.351800484987.js?key=3d4d1ebf834071da337ca3d4ccf0aef4&kw=%5B%22total%22%2C%22war%22%2C%22warhammer-steampunks%22%2C%22-%22%2C%22skidrow%22%2C%22codex%22%5D&refer=https%3A%2F%2Fwww.skidrowcodex.net%2Ftotal-war-warhammer-steampunks%2F&tz=0&dev=e&res=12.1055&uuid=3830a2e5-3bb1-4378-9ecc-79b5b2b68ced%3A1%3A1
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.351800484987.js?key=3d4d1ebf834071da337ca3d4ccf0aef4&kw=%5B%22total%22%2C%22war%22%2C%22warhammer-steampunks%22%2C%22-%22%2C%22skidrow%22%2C%22codex%22%5D&refer=https%3A%2F%2Fwww.skidrowcodex.net%2Ftotal-war-warhammer-steampunks%2F&tz=0&dev=e&res=12.1055&uuid=3830a2e5-3bb1-4378-9ecc-79b5b2b68ced%3A1%3A1 HTTP/1.1
Host: withenvisagehurt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.skidrowcodex.net
Connection: keep-alive
Referer: https://www.skidrowcodex.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 16:47:15 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.skidrowcodex.net
Access-Control-Allow-Origin: https://www.skidrowcodex.net
Access-Control-Allow-Credentials: true
Location: https://withenvisagehurt.com/watch.351800484987.js?key=3d4d1ebf834071da337ca3d4ccf0aef4&kw=%5B%22total%22%2C%22war%22%2C%22warhammer-steampunks%22%2C%22-%22%2C%22skidrow%22%2C%22codex%22%5D&refer=https%3A%2F%2Fwww.skidrowcodex.net%2Ftotal-war-warhammer-steampunks%2F&tz=0&dev=e&res=12.1055&uuid=3830a2e5-3bb1-4378-9ecc-79b5b2b68ced%3A1%3A1&shu=af210d7ce964f90fc2b18a0655ea433b42aedf609a6ac7913ab2c343d5c15160d0e9dfe388bd34439fe7567898558cf0bd910be7d0deca828af96d169b0d05159eaf851e983332434b41e0f78f63557bba014a358fe9218e3a4ef8d71556bd&pst=1675615695&rmtc=t
Set-Cookie: u_pl=16850525; expires=Mon, 06 Feb 2023 16:47:15 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjg1MDUyNSwiayI6IjNkNGQxZWJmODM0MDcxZGEzMzdjYTNkNGNjZjBhZWY0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNDAzNzQxLCJwaWQiOjI0Mzk3NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyMywicHQiOjQsInBrIjoiZnJzcHNkYWEiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cuc2tpZHJvd2NvZGV4Lm5ldC90b3RhbC13YXItd2FyaGFtbWVyLXN0ZWFtcHVua3MvIn19.HnS1dn023mCLwT1ML07HhCvf5NOVALuL3ZIzukQ4mQM; expires=Sun, 05 Feb 2023 16:48:15 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 17842636e5ce110ec209c84fc3dffa7f
Strict-Transport-Security: max-age=0; includeSubdomains
pompeydesigning.com/sbar.json?key=9e55c24c07205b6a363c94f4ff46ad27
192.243.59.20200 OK 4.4 kB URL HTTP/1.1 pompeydesigning.com/sbar.json?key=9e55c24c07205b6a363c94f4ff46ad27
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6188), with no line terminators
Hash 241676f08a2cccfc69c4e56dea47105d
d7646c3af74e85e230f2d6b0ab4a5f4867331ec9
1185b6bf516451338f943bfea89d4ccc7e2c3d6c08c4b1a36cd53f0b5d6dbbf3
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=9e55c24c07205b6a363c94f4ff46ad27 HTTP/1.1
Host: pompeydesigning.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.skidrowcodex.net
Connection: keep-alive
Referer: https://www.skidrowcodex.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 05 Feb 2023 16:47:15 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.skidrowcodex.net
Access-Control-Allow-Origin: https://www.skidrowcodex.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16905685; expires=Mon, 06 Feb 2023 16:47:14 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 06 Feb 2023 16:47:15 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 Feb 2023 16:47:15 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 06 Feb 2023 16:47:15 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 06 Feb 2023 16:47:15 GMT; secure; SameSite=None
slec9e55c24c07205b6a363c94f4ff46ad27=[3986545]; expires=Sun, 05 Feb 2023 16:47:20 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 48e8529b1f431d5a505ae29d1a69784a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
withenvisagehurt.com/watch.351800484987.js?key=3d4d1ebf834071da337ca3d4ccf0aef4&kw=%5B%22total%22%2C%22war%22%2C%22warhammer-steampunks%22%2C%22-%22%2C%22skidrow%22%2C%22codex%22%5D&refer=https%3A%2F%2Fwww.skidrowcodex.net%2Ftotal-war-warhammer-steampunks%2F&tz=0&dev=e&res=12.1055&uuid=3830a2e5-3bb1-4378-9ecc-79b5b2b68ced%3A1%3A1&shu=af210d7ce964f90fc2b18a0655ea433b42aedf609a6ac7913ab2c343d5c15160d0e9dfe388bd34439fe7567898558cf0bd910be7d0deca828af96d169b0d05159eaf851e983332434b41e0f78f63557bba014a358fe9218e3a4ef8d71556bd&pst=1675615695&rmtc=t
173.233.137.60200 OK 635 B URL HTTP/1.1 withenvisagehurt.com/watch.351800484987.js?key=3d4d1ebf834071da337ca3d4ccf0aef4&kw=%5B%22total%22%2C%22war%22%2C%22warhammer-steampunks%22%2C%22-%22%2C%22skidrow%22%2C%22codex%22%5D&refer=https%3A%2F%2Fwww.skidrowcodex.net%2Ftotal-war-warhammer-steampunks%2F&tz=0&dev=e&res=12.1055&uuid=3830a2e5-3bb1-4378-9ecc-79b5b2b68ced%3A1%3A1&shu=af210d7ce964f90fc2b18a0655ea433b42aedf609a6ac7913ab2c343d5c15160d0e9dfe388bd34439fe7567898558cf0bd910be7d0deca828af96d169b0d05159eaf851e983332434b41e0f78f63557bba014a358fe9218e3a4ef8d71556bd&pst=1675615695&rmtc=t
IP 173.233.137.60:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (581)
Hash e3d30eb705a6a2d594214d9a929cb73f
58b3444eeb83e7bb6d28a385d63d3fca033eab31
e6061433f6d8b279705f977cd64cf43e75b801df3446c4ea07745b4c9fa88188
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.351800484987.js?key=3d4d1ebf834071da337ca3d4ccf0aef4&kw=%5B%22total%22%2C%22war%22%2C%22warhammer-steampunks%22%2C%22-%22%2C%22skidrow%22%2C%22codex%22%5D&refer=https%3A%2F%2Fwww.skidrowcodex.net%2Ftotal-war-warhammer-steampunks%2F&tz=0&dev=e&res=12.1055&uuid=3830a2e5-3bb1-4378-9ecc-79b5b2b68ced%3A1%3A1&shu=af210d7ce964f90fc2b18a0655ea433b42aedf609a6ac7913ab2c343d5c15160d0e9dfe388bd34439fe7567898558cf0bd910be7d0deca828af96d169b0d05159eaf851e983332434b41e0f78f63557bba014a358fe9218e3a4ef8d71556bd&pst=1675615695&rmtc=t HTTP/1.1
Host: withenvisagehurt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.skidrowcodex.net
Referer: https://www.skidrowcodex.net/
Connection: keep-alive
Cookie: u_pl=16850525; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjg1MDUyNSwiayI6IjNkNGQxZWJmODM0MDcxZGEzMzdjYTNkNGNjZjBhZWY0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNDAzNzQxLCJwaWQiOjI0Mzk3NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyMywicHQiOjQsInBrIjoiZnJzcHNkYWEiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cuc2tpZHJvd2NvZGV4Lm5ldC90b3RhbC13YXItd2FyaGFtbWVyLXN0ZWFtcHVua3MvIn19.HnS1dn023mCLwT1ML07HhCvf5NOVALuL3ZIzukQ4mQM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 16:47:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.skidrowcodex.net
Access-Control-Allow-Origin: https://www.skidrowcodex.net
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=3830a2e5-3bb1-4378-9ecc-79b5b2b68ced:1:1; expires=Sun, 12 Feb 2023 16:47:15 GMT; secure; SameSite=None
iprc260609ef1d05bf2f4cf83ff6f3a1b933=2717343; expires=Mon, 06 Feb 2023 18:47:15 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 06 Feb 2023 16:47:15 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 Feb 2023 16:47:15 GMT; secure; SameSite=None
pdhtkv23=true; expires=Mon, 06 Feb 2023 16:47:15 GMT; secure; SameSite=None
uncs23=1; expires=Mon, 06 Feb 2023 16:47:15 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 09d2dd18174ab8c39940da6c32255796
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5fc2e5e3dacb5f1694d1a313e41dfeff
a2b4b4257d0b674a067709e7fb363aaefb49b527
9bbe470357f73baef6b70ea5c067c0f513822d705a2b7b1c5c5b3711b90dfd11
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BBE470357F73BAEF6B70EA5C067C0F513822D705A2B7B1C5C5B3711B90DFD11"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11257
Expires: Sun, 05 Feb 2023 19:54:52 GMT
Date: Sun, 05 Feb 2023 16:47:15 GMT
Connection: keep-alive
ws.sharethis.com/secure/index.html
54.230.111.78200 OK 2.1 kB URL HTTP/2 ws.sharethis.com/secure/index.html
IP 54.230.111.78:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 232cad052401bc88aa3a66cdbf7a71e6
cfe3fe2fac0661929631575951ab791f34fbccb6
7e428860aaedac5453f03c5b04a5c8ee60d75d1009d16481257cc716f2a6fbf7
GET /secure/index.html HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 2088
content-encoding: gzip
date: Sun, 05 Feb 2023 00:06:53 GMT
etag: W/"63d989f3-1ade"
last-modified: Tue, 31 Jan 2023 21:36:51 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -CG72tC0Syhe_KuKVetPVd9RV8ynYrBwFL097ybZZqbVrk_i03ePhQ==
age: 60022
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f4d9c2d553a200240473444165a541b5
0eb9622553749bd890597beaa5e48275c2d85954
2097681b0d08e909407d58a8da85fe03b2f2768e4561ccfb366061c919687c33
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2097681B0D08E909407D58A8DA85FE03B2F2768E4561CCFB366061C919687C33"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4769
Expires: Sun, 05 Feb 2023 18:06:44 GMT
Date: Sun, 05 Feb 2023 16:47:15 GMT
Connection: keep-alive
pompeydesigning.com/pixel/sbe?t=2&error=timeout
192.243.59.20200 OK 0 B URL HTTP/1.1 pompeydesigning.com/pixel/sbe?t=2&error=timeout
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbe?t=2&error=timeout HTTP/1.1
Host: pompeydesigning.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/
Cookie: u_pl=16905685; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 05 Feb 2023 16:47:15 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16850525
173.233.137.52200 OK 1.3 kB URL HTTP/1.1 jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16850525
IP 173.233.137.52:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash b708584bfe4dc94cbb6beb979b73fb74
27aa458443a6906747f436d5171d478f7391b4e7
6eeb0fa46d82ac2feec2d176e9e351db986252482455d4e71342490561266767
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16850525 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 16:47:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Mon, 06 Feb 2023 16:47:15 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTY4NTA1MjUiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cuc2tpZHJvd2NvZGV4Lm5ldC8ifX0.t5pFp7qIevwtGYw0GdHbsqRWc0WPsw7WI58UBYiuoVg; expires=Sun, 05 Feb 2023 16:48:15 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 51222704e30ffc71a44666eadbdbae80
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
jennyvisits.com/dyfc1k09?shu=323350da4bacf0d27d03b45975e65f0d92321204019a892aa67ba0a7a8ce45c485af2734d01d26d81830e0e73fdd0881473d0c02cb096cec9ed0b4f4d2d9d1d26d1a5a06530a4b0dcba3fc44ff052eea61d4be805bd8190c3a56e697a13a7122deba3a&pst=1675615695&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fwww.skidrowcodex.net%2F&psid=16850525
173.233.137.52302 Found 0 B URL HTTP/1.1 jennyvisits.com/dyfc1k09?shu=323350da4bacf0d27d03b45975e65f0d92321204019a892aa67ba0a7a8ce45c485af2734d01d26d81830e0e73fdd0881473d0c02cb096cec9ed0b4f4d2d9d1d26d1a5a06530a4b0dcba3fc44ff052eea61d4be805bd8190c3a56e697a13a7122deba3a&pst=1675615695&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fwww.skidrowcodex.net%2F&psid=16850525
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=323350da4bacf0d27d03b45975e65f0d92321204019a892aa67ba0a7a8ce45c485af2734d01d26d81830e0e73fdd0881473d0c02cb096cec9ed0b4f4d2d9d1d26d1a5a06530a4b0dcba3fc44ff052eea61d4be805bd8190c3a56e697a13a7122deba3a&pst=1675615695&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fwww.skidrowcodex.net%2F&psid=16850525 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jennyvisits.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTY4NTA1MjUiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cuc2tpZHJvd2NvZGV4Lm5ldC8ifX0.t5pFp7qIevwtGYw0GdHbsqRWc0WPsw7WI58UBYiuoVg; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 16:47:15 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
Set-Cookie: pdhtkv=true; expires=Mon, 06 Feb 2023 16:47:16 GMT
uncs=1; expires=Mon, 06 Feb 2023 16:47:16 GMT
pdhtkv28=true; expires=Mon, 06 Feb 2023 16:47:16 GMT
uncs28=1; expires=Mon, 06 Feb 2023 16:47:16 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f47fb8d6adc37aea3f8dc65bca255bd3
Strict-Transport-Security: max-age=0; includeSubdomains
adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
95.101.10.186307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
IP 95.101.10.186:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_B36D29EF91A841C0A6F976F264C459F2&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Sun, 05 Feb 2023 16:47:16 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 05 Feb 2023 16:47:16 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675615636194)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251647%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228786180287%7c1%22%7d%5d; domain=.unibet.com; expires=Tue, 05-Feb-3022 16:47:16 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=20, origin; dur=49
X-Firefox-Spdy: h2
www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_B36D29EF91A841C0A6F976F264C459F2&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_B36D29EF91A841C0A6F976F264C459F2&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_B36D29EF91A841C0A6F976F264C459F2&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 05 Feb 2023 16:47:16 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_B36D29EF91A841C0A6F976F264C459F2&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
set-cookie: JSESSIONID=node0pl1rmokuu1bp1z0spgmubcy52551351.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node0pl1rmokuu1bp1z0spgmubcy52; Path=/; Domain=.unibet.nu; Expires=Tue, 04-Feb-2025 16:47:16 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Tue, 04-Feb-2025 16:47:16 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://jennyvisits.com/"; Path=/; Domain=.unibet.nu; Expires=Tue, 04-Feb-2025 16:47:16 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Secure; SameSite=None
B-TAG=127656177_B36D29EF91A841C0A6F976F264C459F2; Path=/; Domain=.unibet.nu; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
PID=68246908; Path=/; Domain=.unibet.nu; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fjennyvisits.com%2F; Path=/; Domain=.unibet.nu; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_B36D29EF91A841C0A6F976F264C459F2%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
referer: https://jennyvisits.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Sun, 05 Feb 2023 16:47:16 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_B36D29EF91A841C0A6F976F264C459F2&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_B36D29EF91A841C0A6F976F264C459F2&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_B36D29EF91A841C0A6F976F264C459F2&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Cookie: __ucbt=node0pl1rmokuu1bp1z0spgmubcy52; uniattr=ST.0.T; uniattr_ref="https://jennyvisits.com/"; affiliateId=1; B-TAG=127656177_B36D29EF91A841C0A6F976F264C459F2; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fjennyvisits.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_B36D29EF91A841C0A6F976F264C459F2%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 05 Feb 2023 16:47:16 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B36D29EF91A841C0A6F976F264C459F2&bid=37950&campaignId=2799402&pid=68246908
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Sun, 05 Feb 2023 16:47:16 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d91daac2f7a6035aec076d19d5c16d3
6e862b64409b002d475b31b7a7a54299d0bb95fe
e3defc545b74069cc884fdd87ecc069588c692c4381acd1590715a25dfe76a0c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3DEFC545B74069CC884FDD87ECC069588C692C4381ACD1590715A25DFE76A0C"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4583
Expires: Sun, 05 Feb 2023 18:03:39 GMT
Date: Sun, 05 Feb 2023 16:47:16 GMT
Connection: keep-alive
welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
104.18.25.188200 OK 5.7 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
IP 104.18.25.188:0
Hash 873b1dc55b5f354e692945bdc2e82bd6
e926e270a3f6cfd6638081fde05f4adec0670d3b
0d1f8ed619e45110e90f1aa2f3e97f7f961344e585e4d4c251d73993d84f34f7
GET /nu/pop/sportsbook/multisports/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B36D29EF91A841C0A6F976F264C459F2&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675615636194)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251647%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228786180287%7c1%22%7d%5d; btag=127656177_B36D29EF91A841C0A6F976F264C459F2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:16 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
etag: W/"0x8DAFF9914DE94BB"
x-ms-request-id: 580bcb77-701e-0034-8081-3121ca000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 274604
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d20810e1cfac4-OSL
content-encoding: br
X-Firefox-Spdy: h2
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
85.184.96.5200 OK 956 B URL HTTP/2 a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash fd48e87ecd4d06d9c5df490b91dc813e
a65a437db44444634e4f41732c590c1d14433b3f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675615636194)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251647%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228786180287%7c1%22%7d%5d; btag=127656177_B36D29EF91A841C0A6F976F264C459F2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:16 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
216.58.207.234200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 216.58.207.234:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 09:05:01 GMT
expires: Wed, 31 Jan 2024 09:05:01 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 459735
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
welcome.unibet.com/widget/betslip/betslip.js
104.18.25.188200 OK 102 kB URL HTTP/2 welcome.unibet.com/widget/betslip/betslip.js
IP 104.18.25.188:0
File type ASCII text, with very long lines (693)
Size 102 kB (102294 bytes)
Hash 90f4d77cdc47c5a326c653c1d672b2b9
88270bec309c05b54f3b43e2f1ac9258f55c9698
1343a6af20517c2a14e9477b7e813115752021f8eed2e20c0ad21cd7677c3aee
GET /widget/betslip/betslip.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B36D29EF91A841C0A6F976F264C459F2&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675615636194)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251647%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228786180287%7c1%22%7d%5d; btag=127656177_B36D29EF91A841C0A6F976F264C459F2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:16 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: V3DcYDl/+4NNEoCqe8670A==
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
etag: W/"0x8D67ACF6D112CB5"
x-ms-request-id: 556a432d-701e-0079-3f03-03ee26000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 548081
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d2081cf67fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500
216.58.207.234200 OK 12 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP 216.58.207.234:0
Hash 23fd24afac374c2c4a603f486cf62a12
9b04ae752fbb43addfeed33b6b918e02428cfe1e
17fd11d3d0aa646bd421afca609e7161ce7f3a337f5355ab962344944bc9415d
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 Feb 2023 16:47:16 GMT
date: Sun, 05 Feb 2023 16:47:16 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
welcome.unibet.com/custom.js
104.18.25.188200 OK 76 kB URL HTTP/2 welcome.unibet.com/custom.js
IP 104.18.25.188:0
Hash 599dfa1a3cbca86ff960e0767e6528db
7fb05be4880a7bb555af438d254361553e846c08
3805cfbdbed7220a927bd52547fd70b155ec591156910e78442427b6bd96949a
GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B36D29EF91A841C0A6F976F264C459F2&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675615636194)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251647%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228786180287%7c1%22%7d%5d; btag=127656177_B36D29EF91A841C0A6F976F264C459F2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:16 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: d013a120-f01e-003a-7703-03087a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 548081
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d20810e23fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 16:47:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
104.18.25.188200 OK 20 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1356)
Hash 4102271d8934eceb2807a60d14bb1b42
6963dc0898e4aff278d3e6edd1cb68bde74d7db2
5446c96368f3271e1257a348e187d171281dc73309d57593b33447123ff2d1c8
GET /nu/pop/sportsbook/multisports/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B36D29EF91A841C0A6F976F264C459F2&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675615636194)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251647%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228786180287%7c1%22%7d%5d; btag=127656177_B36D29EF91A841C0A6F976F264C459F2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:16 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF99183CF8FA"
x-ms-request-id: d4160c8c-201e-0016-7481-31e4d5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 274609
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d20811e2ffac4-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
104.18.25.188200 OK 10 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (15888), with no line terminators
Hash 9866b5d2df2da358506e7a7597dc994f
705d3ca67c396f31dc40d8dcdc63b070a0e8ee11
e1d8eb3c2250500e1fb6c7517893a55857c6b0a9087e86a791fde1961c6c6052
GET /nu/pop/sportsbook/multisports/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B36D29EF91A841C0A6F976F264C459F2&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675615636194)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251647%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228786180287%7c1%22%7d%5d; btag=127656177_B36D29EF91A841C0A6F976F264C459F2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:16 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF991835F51F"
x-ms-request-id: 1328b90b-701e-0024-5c81-31e4a2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 274610
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d20811e2dfac4-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
104.18.25.188200 OK 10 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash bc7914b62ea846ead6571fed1ce0c7bf
fe2c786cb2cc8c92b2e33f7ebbec2df2e7e1173a
19dbe57aaed8404e96455ec3ac62b61751ae65c0f144aafd68c1115192f271b4
GET /nu/pop/sportsbook/multisports/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B36D29EF91A841C0A6F976F264C459F2&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675615636194)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251647%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228786180287%7c1%22%7d%5d; btag=127656177_B36D29EF91A841C0A6F976F264C459F2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:16 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF9915D02464"
x-ms-request-id: 9ee27f41-c01e-000e-3881-313bb2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 274608
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d20811e37fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 16:47:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
104.18.25.188200 OK 17 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
IP 104.18.25.188:0
File type HTML document, Unicode text, UTF-8 text
Hash 5927e1e1a809263be81921a703d671a0
7de7be423abf90744d8798d0f31b250361e29244
2a27ccfdffb3ff72956810b062b2e4f0ca378aca49064c6a3fd7c9061e757e52
GET /nu/pop/sportsbook/multisports/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B36D29EF91A841C0A6F976F264C459F2&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675615636194)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251647%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228786180287%7c1%22%7d%5d; btag=127656177_B36D29EF91A841C0A6F976F264C459F2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:16 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Thu, 26 Jan 2023 12:30:23 GMT
etag: W/"0x8DAFF99188E686E"
x-ms-request-id: fae4441f-101e-0040-4d81-31153a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 274610
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d20810e1dfac4-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
104.18.25.188200 OK 16 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (966), with no line terminators
Hash 5e5397f33f08737b5521e1ce25415283
fde46e78e420de8c2191ba5401b019e068031458
355bb654a9384664b6bdb2b4dc538455f1ab1544ec1e9933a553272ab78577d8
GET /nu/pop/sportsbook/multisports/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B36D29EF91A841C0A6F976F264C459F2&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675615636194)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251647%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228786180287%7c1%22%7d%5d; btag=127656177_B36D29EF91A841C0A6F976F264C459F2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:16 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF99174612EA"
x-ms-request-id: 82c2bcc2-201e-0029-1081-312c76000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 274609
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d20811e34fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
104.18.25.188200 OK 82 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (807), with no line terminators
Hash 9cbe6fecdfc22bf482071a8206864f37
be1b08f12875c9ebbb097b058758e043d9c22436
6cd48a4cc99a88318278a18d09d4e8da375b9593da15d3feb96ebe1c9d4d010a
GET /nu/pop/sportsbook/multisports/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B36D29EF91A841C0A6F976F264C459F2&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675615636194)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251647%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228786180287%7c1%22%7d%5d; btag=127656177_B36D29EF91A841C0A6F976F264C459F2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:16 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF99157C1D3C"
x-ms-request-id: ec6073d8-501e-0051-6881-318f8e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 274610
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d20810e28fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash bc97b827347d82cbe1159a5ec9145b98
2b4586146583d06e1c4ef3a6e2410bce3852b1fe
243b64e36dfa29f8f19a74536c9a2e7ef8ac8d58862154fbff03b1ab33993174
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5181
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 16:47:17 GMT
Last-Modified: Sun, 05 Feb 2023 15:20:57 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
a1s.unibet.com/orval/tracking/lastclick.min.js
85.184.96.5200 OK 1.1 kB URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash a4a542e49d72cc3e074943a7722a9c85
24bd83469c5bbfa9e014eb4b23e2ebbb3c12e345
ee4324213d080703b3c339d347a819e242a55cd0a3b3ac2478f652cdd721d8ef
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675615636194)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251647%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228786180287%7c1%22%7d%5d; btag=127656177_B36D29EF91A841C0A6F976F264C459F2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:16 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:24 GMT
etag: W/"705-5e57dfac7ede0"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
104.18.25.188200 OK 4.7 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (5740), with no line terminators
Hash 1f1267c76524ac4075377e40e3db6bf0
cdae675a88cf38e497b6da04053f831b6a9f5a09
47c282d38af74cc68fd798fa565c718d3bc2d161ad921b0db17677ed40c01dad
GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B36D29EF91A841C0A6F976F264C459F2&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675615636194)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251647%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228786180287%7c1%22%7d%5d; btag=127656177_B36D29EF91A841C0A6F976F264C459F2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:16 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF99184AD9A4"
x-ms-request-id: fa9ed380-a01e-0027-7f81-3105c6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 274609
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d20811e31fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=9755599
185.89.211.84307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=9755599
IP 185.89.211.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 16:47:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: 8d5baac9-63fc-4173-b751-61b681ca31aa
Set-Cookie: uuid2=707931945562496162; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 16:47:17 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9ba49f1fc7f2f554049e6761ba03e37b
687a48ce650668c484bfda4b50fd202977bb85de
256310e4ec423d30bb346e06ff441daf493641a12ad9e208a2cdf90a0fcbf6f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5504
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 16:47:17 GMT
Last-Modified: Sun, 05 Feb 2023 15:15:33 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1675615678168
34.251.149.144200 OK 499 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1675615678168
IP 34.251.149.144:0
File type JSON data\012- , ASCII text, with very long lines (791), with no line terminators
Hash 6b5e6fc4d4d8fbc56e13989674f66665
fcacfb11d9f31ce501be2bca6dafa81584922d7e
cbbdb49324cf17845d3a6ceb05138150106ddbc0f6026e732ab8330664c288ea
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1675615678168 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://welcome.unibet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-07e4ed132.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=00876921465648749603718601858093825332; Max-Age=15552000; Expires=Fri, 04 Aug 2023 16:47:17 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: LU+zfnbqSF4=
Content-Length: 499
Connection: keep-alive
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
185.89.211.84200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP 185.89.211.84:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 16:47:17 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 9ce2d466-51ee-444c-ab1d-19410d686f13
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GVQlZ>If!]tbP6j2F-XstGt!@E)'%'?oW; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 16:47:17 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash baeed5ecca34118b9471a9f7a9f3fe98
efbc52d00192e76a22c5808299adbbff9ae59018
4b62a4da3f4f33db038870a3d97a39c592a02bfb46c034fae1e96fce0cf6f11f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5540
Cache-Control: max-age=145313
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 16:47:17 GMT
Etag: "63df5c92-1d7"
Expires: Tue, 07 Feb 2023 09:09:10 GMT
Last-Modified: Sun, 05 Feb 2023 07:36:50 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=00881791682837379313717137954305032367&ts=1675615678342
13.37.25.97200 OK 2 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=00881791682837379313717137954305032367&ts=1675615678342
IP 13.37.25.97:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=00881791682837379313717137954305032367&ts=1675615678342 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://welcome.unibet.com
access-control-allow-credentials: true
date: Sun, 05 Feb 2023 16:47:17 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
unibet.demdex.net/dest5.html?d_nsid=0
52.18.15.195200 OK 2.8 kB URL HTTP/1.1 unibet.demdex.net/dest5.html?d_nsid=0
IP 52.18.15.195:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: unibet.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Sun, 5 Feb 2023 16:47:17 GMT
DCS: dcs-prod-irl1-1-v045-0780584f2.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:02:57 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: iAbDP7YuRpU=
Content-Length: 2791
Connection: keep-alive
unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s97213107020297?AQB=1&ndh=1&pf=1&t=5%2F1%2F2023%2016%3A47%3A58%200%200&mid=00881791682837379313717137954305032367&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_B36D29EF91A841C0A6F976F264C459F2%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&r=https%3A%2F%2Fjennyvisits.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_B36D29EF91A841C0A6F976F264C459F2%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=4%3A47%20PM%7CSunday&v6=4%3A47%20PM%7CSunday&v11=GBP&c14=New&v14=New&c16=1675615678&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A68246908-37950&v122=NONE&v124=2799402&v125=127656177_B36D29EF91A841C0A6F976F264C459F2&v126=68246908&v127=37950&v134=1675615678&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
13.37.25.97200 OK 43 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s97213107020297?AQB=1&ndh=1&pf=1&t=5%2F1%2F2023%2016%3A47%3A58%200%200&mid=00881791682837379313717137954305032367&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_B36D29EF91A841C0A6F976F264C459F2%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&r=https%3A%2F%2Fjennyvisits.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_B36D29EF91A841C0A6F976F264C459F2%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=4%3A47%20PM%7CSunday&v6=4%3A47%20PM%7CSunday&v11=GBP&c14=New&v14=New&c16=1675615678&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A68246908-37950&v122=NONE&v124=2799402&v125=127656177_B36D29EF91A841C0A6F976F264C459F2&v126=68246908&v127=37950&v134=1675615678&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
IP 13.37.25.97:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s97213107020297?AQB=1&ndh=1&pf=1&t=5%2F1%2F2023%2016%3A47%3A58%200%200&mid=00881791682837379313717137954305032367&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_B36D29EF91A841C0A6F976F264C459F2%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&r=https%3A%2F%2Fjennyvisits.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_B36D29EF91A841C0A6F976F264C459F2%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=4%3A47%20PM%7CSunday&v6=4%3A47%20PM%7CSunday&v11=GBP&c14=New&v14=New&c16=1675615678&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A68246908-37950&v122=NONE&v124=2799402&v125=127656177_B36D29EF91A841C0A6F976F264C459F2&v126=68246908&v127=37950&v134=1675615678&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Sun, 05 Feb 2023 16:47:17 GMT
expires: Sat, 04 Feb 2023 16:47:17 GMT
last-modified: Mon, 06 Feb 2023 16:47:17 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3598357182018060288-4619756382546434670
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 646851d52cd35404df4d86d6d43e2b03
64c15937be5fd5968e78d1b88bb443c9ee545484
4e94a2012415af233fec2960ffa6f07106684a2fc5fadec7134eee2dbc65f1b8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=168850
Date: Sun, 05 Feb 2023 16:47:17 GMT
Etag: "63dfb69f-1d7"
Expires: Tue, 07 Feb 2023 15:41:27 GMT
Last-Modified: Sun, 05 Feb 2023 14:01:03 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: wlE68h9k42qPZibvIDb-OugV5LkVV9-cYPFdjY84qsil_bvgc4CDtg==
Age: 6024
cm.everesttech.net/cm/dd?d_uuid=00876921465648749603718601858093825332
18.203.152.154302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=00876921465648749603718601858093825332
IP 18.203.152.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=00876921465648749603718601858093825332 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Sun, 05 Feb 2023 16:47:17 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y9-dlQAAAEHr7AN-; Domain=.everesttech.net; Expires=Mon, 05-Feb-2024 16:47:17 GMT; Path=/
everest_session_v2=Y9-dlQAAAEHr7QN-; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y9-dlQAAAEHr7AN-
Server: AMO-cookiemap/1.1
dpm.demdex.net/ibs:dpid=411&dpuuid=Y9-dlQAAAEHr7AN-
34.251.149.144302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y9-dlQAAAEHr7AN-
IP 34.251.149.144:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y9-dlQAAAEHr7AN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-0a888e68a.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9-dlQAAAEHr7AN-
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=27321164673147406572273410962334547894; Max-Age=15552000; Expires=Fri, 04 Aug 2023 16:47:17 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: LcnKotyaROU=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9-dlQAAAEHr7AN-
34.251.149.144200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9-dlQAAAEHr7AN-
IP 34.251.149.144:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9-dlQAAAEHr7AN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-0fb9f79b9.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: pn6Mg0GsSdk=
Content-Length: 59
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 68851ca46b34e108e2780e3a6ba57319
8eb5e76c621ecc5b587b47c65f2a562fc7b7d78a
68cebe0d935553b59bb78a54a828ff2cc6ffdb240cd002b51a4fef31388d6200
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3660
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 16:47:18 GMT
Last-Modified: Sun, 05 Feb 2023 15:46:18 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 68851ca46b34e108e2780e3a6ba57319
8eb5e76c621ecc5b587b47c65f2a562fc7b7d78a
68cebe0d935553b59bb78a54a828ff2cc6ffdb240cd002b51a4fef31388d6200
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4817
Cache-Control: max-age=165109
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 16:47:18 GMT
Etag: "63dfacba-118"
Expires: Tue, 07 Feb 2023 14:39:07 GMT
Last-Modified: Sun, 05 Feb 2023 13:18:50 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 68851ca46b34e108e2780e3a6ba57319
8eb5e76c621ecc5b587b47c65f2a562fc7b7d78a
68cebe0d935553b59bb78a54a828ff2cc6ffdb240cd002b51a4fef31388d6200
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3660
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 16:47:18 GMT
Last-Modified: Sun, 05 Feb 2023 15:46:18 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
www.skidrowcodex.net/wp-content/plugins/buddypress/bp-members/css/blocks/dynamic-members.min.css?ver=11.0.0
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/buddypress/bp-members/css/blocks/dynamic-members.min.css?ver=11.0.0
IP 172.67.217.92:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/buddypress/bp-members/css/blocks/dynamic-members.min.css?ver=11.0.0 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Fri, 06 Jan 2023 08:34:10 GMT
cache-control: public, max-age=31536000
expires: Sat, 06 Jan 2024 09:01:19 GMT
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2619813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYKfv%2BG9fvd6xGgb5qUngSe4t4HQUrKaA8colSQp3DHv5%2FlbIP%2B%2BifRqGjbHsCdhy2auJcbpQB5VCNJs8e1daup4ciW5TGNlXUDtenNg5bDf0IKQ5omla%2B2%2BCp5WQsO9UxKU8eTcvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d2057f821b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/js/social.js
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/js/social.js
IP 172.67.217.92:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/skidrowcodex-main/js/social.js HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 20 Sep 2020 13:10:50 GMT
cache-control: public, max-age=31536000
expires: Tue, 06 Jun 2023 21:32:26 GMT
etag: W/"5f6754da-418"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 21064484
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Fh6qpVu0iEt%2F9yuWfNBRc%2FrDN1VXs9C6bLLwh694kyvHxrZJLg9SmaR1UmMKBV3g1Hc21t65ZFOlfT%2BKq57Qu%2B3VrXJveNYtddVdZnLulkO2GvaD1JJcUivZUpeAUJVBVRYC26h5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d20594a79b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/countdown-timer/js/fergcorp_countdownTimer_java.js?ver=3.0.7
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/countdown-timer/js/fergcorp_countdownTimer_java.js?ver=3.0.7
IP 172.67.217.92:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/countdown-timer/js/fergcorp_countdownTimer_java.js?ver=3.0.7 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 05 Jan 2022 14:58:08 GMT
cache-control: public, max-age=31536000
expires: Tue, 06 Jun 2023 23:01:37 GMT
etag: W/"61d5b200-12da"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 21059133
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5%2B5R1FGPqWcKRELgisb8L3MUYMyEj%2FFpTfuFfykXIxuZ%2FNWrtPUyyH%2FiKoHGlJdkoMVo59Em9FcSyD7SMMoRnxCmyuq7wZWIj%2B%2F5IUKXbI2e2Xu2Dt7ep79lZUCuHwj%2BwBbtzUtzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d20596ac6b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
104.18.25.188404 Not Found 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B36D29EF91A841C0A6F976F264C459F2&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675615636194)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251647%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228786180287%7c1%22%7d%5d; btag=127656177_B36D29EF91A841C0A6F976F264C459F2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sun, 05 Feb 2023 16:47:16 GMT
content-type: application/xml
x-ms-request-id: e922a457-501e-000c-0b81-39850a000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 159
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d20811e36fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B36D29EF91A841C0A6F976F264C459F2&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675615636194)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251647%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228786180287%7c1%22%7d%5d; btag=127656177_B36D29EF91A841C0A6F976F264C459F2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:16 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF9917716257"
x-ms-request-id: 78c0b78e-401e-0000-7881-311202000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 274609
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d20811e35fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-includes/js/clipboard.min.js
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-includes/js/clipboard.min.js
IP 172.67.217.92:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/clipboard.min.js HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Nov 2022 10:21:49 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Sun, 26 Nov 2023 10:22:34 GMT
etag: W/"6381e8bd-296f"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 6157384
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNU6Fb3Zfl8Xb8dszC54Myph4JAfNE8SLGYUUNM9qjWe0c3HXUJOiIa7g47vKrteYJbYTq6HsN3iYwS0OEX17zyFcl80maOCSLYFfJGTFwqj9uZZr0htIP%2Fen%2BAvtulmxBwHjFBwUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d20595abab505-OSL
content-encoding: br
X-Firefox-Spdy: h2
bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
104.40.147.180200 OK 0 B URL HTTP/2 bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
IP 104.40.147.180:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no HTTP/1.1
Host: bannerflow-feed-builder.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Sun, 05 Feb 2023 16:47:18 GMT
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: no-cache
content-encoding: gzip
expires: -1
pragma: no-cache
set-cookie: ARRAffinity=918a28837d469cda54fea86f65a3d5a5f06872944f26694d3e52a68732d0d39c;Path=/;HttpOnly;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
ARRAffinitySameSite=918a28837d469cda54fea86f65a3d5a5f06872944f26694d3e52a68732d0d39c;Path=/;HttpOnly;SameSite=None;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:f631c08e-9610-47b7-82c9-c925628cdde1
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/woocommerce.css?ver=20160930
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/woocommerce.css?ver=20160930
IP 172.67.217.92:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/skidrowcodex-main/css/woocommerce.css?ver=20160930 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 20 Jul 2022 22:26:07 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Sun, 07 Jan 2024 20:36:01 GMT
etag: W/"62d880ff-79a9"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2491870
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mzmbaiQ5KHGlarozRbcUOLuloFMzagOmf9mti1jSvAeUjdU3Vq%2FAG621R6%2Fh462NeBLtxCyYpShfh%2B%2B30BsPiSTqEE0iqEc2hmyj690jxFKBjnOFPwo%2Be0yBhP4iOOocofKzyUWcsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d20581872b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/enable-jquery-migrate-helper/js/jquery-migrate/jquery-migrate-1.4.1-wp.js?ver=1.4.1-wp
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/enable-jquery-migrate-helper/js/jquery-migrate/jquery-migrate-1.4.1-wp.js?ver=1.4.1-wp
IP 172.67.217.92:0
GET /wp-content/plugins/enable-jquery-migrate-helper/js/jquery-migrate/jquery-migrate-1.4.1-wp.js?ver=1.4.1-wp HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 11 Dec 2020 23:33:05 GMT
cache-control: public, max-age=31536000
expires: Tue, 06 Jun 2023 22:15:02 GMT
etag: W/"5fd401b1-5c79"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 21061928
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7kYUSu0sndk8PFNuoRr5QlQaAuQal0EatpUUog7jtqge5krF%2F7%2F5GvpINNdFSepp%2BMdn7F4%2B1bkvm5HJEh3SY79W2RQauKKuh0K2PaT20ZaLLs5%2BoIp1IlxV%2FKodnOKOsXVf20ciQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d205838bab505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp
IP 172.67.217.92:0
GET /wp-content/plugins/enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 20 Jul 2022 22:26:06 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Fri, 19 Jan 2024 03:10:29 GMT
etag: W/"62d880fe-17a56"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 1517803
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jTMBbtOZwPg2vt1hxDeCdeFTHAR8rvLlabBYFW%2BJcQCNu2BLi75upML%2FmeprtSpQWFI1vkSf2JpP%2FgTEu%2BFZ2shBGGDzu83jT05Ea%2FX%2BjI3mhcU3w4a%2BBKy3xTNkViyua1ODacfAug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d205838b8b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/addons/clan-wars/js/tabs.js?ver=1.5.5
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/addons/clan-wars/js/tabs.js?ver=1.5.5
IP 172.67.217.92:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/skidrowcodex-main/addons/clan-wars/js/tabs.js?ver=1.5.5 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
x-accel-version: 0.01
last-modified: Wed, 20 Jul 2022 22:26:07 GMT
cache-control: public, max-age=31536000
expires: Sat, 20 Jan 2024 01:26:31 GMT
vary: Accept-Encoding
x-powered-by: PleskLin
cf-cache-status: HIT
age: 1437641
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2FZGpgVaEDgzjRElTS7nYpoPZwJ5K3m5ZUvwcLAzvIDolFtZfy2IjXTaEIMMLvCMJcWHgmYr%2FzA6h9Nq8GwthZH6cn7HT58Spo%2F5DGw5c9ZQdGradJ5WlgRYbR6A1H6%2Bf66xUvc2Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d205848cbb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-prereq.js?ver=4756
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-prereq.js?ver=4756
IP 172.67.217.92:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-prereq.js?ver=4756 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 10 Jan 2023 21:52:54 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Wed, 10 Jan 2024 21:58:20 GMT
etag: W/"63bdde36-4e74"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2227731
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8auV3SKRN9jG4zvLYtWdrv6qm7d4cYpcknsRV9KgfaYCntuqXGrzUa0G53qsaJwRHv%2FVxE6LFwZJZ7nKzKmDvK1Ay9FMyetPL6IN7sNnoaevBJCE%2FRWBspwGKO6JvBQwZixIOGLxAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d20595ac0b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/buddypress/bp-groups/css/blocks/dynamic-groups.min.css?ver=11.0.0
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/buddypress/bp-groups/css/blocks/dynamic-groups.min.css?ver=11.0.0
IP 172.67.217.92:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/buddypress/bp-groups/css/blocks/dynamic-groups.min.css?ver=11.0.0 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Fri, 06 Jan 2023 08:34:10 GMT
cache-control: public, max-age=31536000
expires: Sat, 06 Jan 2024 09:01:19 GMT
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2619813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ENQ43Aprf4X%2Fx2s1%2F3p%2Bmyi3NFBXBNFh6Etju458Xq0hTecjOefav2mPjCdtqBKAjfs4IVW%2BWeId%2FItM6ZQQbvjR%2F3S7hB%2BfSpdiKo1NOlFdMn4iEyFBtvxNi%2FMoSevGJ6XG6eQPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d2058083ab505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/responsive-full-width-background-slider/css/rfwbs_slider.css
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/responsive-full-width-background-slider/css/rfwbs_slider.css
IP 172.67.217.92:0
GET /wp-content/plugins/responsive-full-width-background-slider/css/rfwbs_slider.css HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Sun, 20 Sep 2020 13:10:47 GMT
cache-control: public, max-age=31536000
expires: Wed, 07 Jun 2023 00:33:02 GMT
etag: W/"5f6754d7-840"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 21053648
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tUrGXc6QvWxyU9tb8Yn8VHWioeviunTHVp5qhXebUNiyX81Ao1k%2Bl55a16APxZawDbFuuJW9s822yBkmKepUL%2BX%2FllfgR8CTYGSUaeqSSmcUmb8V%2BljXza3m1SYg%2BM6r04Ki3tE7Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d20580846b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/bbpress/templates/default/css/bbpress.min.css?ver=2.6.9
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/bbpress/templates/default/css/bbpress.min.css?ver=2.6.9
IP 172.67.217.92:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bbpress/templates/default/css/bbpress.min.css?ver=2.6.9 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 30 Apr 2022 22:47:23 GMT
cache-control: public, max-age=31536000
expires: Sun, 30 Apr 2023 22:56:51 GMT
etag: W/"626dbc7b-761c"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 24256219
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fjufi%2FJzZ8EKjoPiPTtRvca8AB4y7FpYstL2wDjp%2BzYvUSQTTXT7dnT4C%2F7Vs8XMPwaiZXNCJAUt8tYKuBKSk%2B0hvBkjVz%2Fmob7jOx9y2Is%2BDyL%2F5EbgU%2F1yoYk2%2BSsVt1ML9XXD1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d2058083db505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/buddypress.css?ver=11.0.0
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/buddypress.css?ver=11.0.0
IP 172.67.217.92:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/skidrowcodex-main/css/buddypress.css?ver=11.0.0 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 20 Jul 2022 22:26:07 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Sat, 06 Jan 2024 09:01:19 GMT
etag: W/"62d880ff-e393"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2619813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jWQT48kwo0Jqe%2FOpnr%2FQL7YlL6lI5DQxvFBQCPStVNP8RtSBM52ouj5NEchYVJtgMAb6dbwEadBHPSd2mlC92AI3p3keNsaMXq%2BtHIiB4mVcvswnoZbM7uAx5RvcHQQepUdeyf6d3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d20580844b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
steamcdn-a.akamaihd.net/steam/apps/256663246/movie_max.webm?_=1
23.33.119.11206 Partial Content 0 B URL HTTP/2 steamcdn-a.akamaihd.net/steam/apps/256663246/movie_max.webm?_=1
IP 23.33.119.11:0
ASN #20940 Akamai International B.V.
GET /steam/apps/256663246/movie_max.webm?_=1 HTTP/1.1
Host: steamcdn-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.skidrowcodex.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
server: nginx
content-type: video/webm
last-modified: Wed, 20 Apr 2016 10:53:14 GMT
etag: "57175f9a-143f556"
accept-ranges: bytes
date: Sun, 05 Feb 2023 16:47:13 GMT
content-range: bytes 0-21230933/21230934
content-length: 21230934
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/jquery.bxslider.css?ver=20150401
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/jquery.bxslider.css?ver=20150401
IP 172.67.217.92:0
GET /wp-content/themes/skidrowcodex-main/css/jquery.bxslider.css?ver=20150401 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Sun, 20 Sep 2020 13:10:50 GMT
cache-control: public, max-age=31536000
expires: Tue, 06 Jun 2023 23:01:36 GMT
etag: W/"5f6754da-1eae"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 21059134
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yV03tTpvBUBrZMMSLsQ3N%2FgBHzSQCMbh3mVTvYNGb4PAbkdW702tq3Zbdlm%2BFer3lZiINGgpQlCnEYw1s3R3kMkHymeyaYgDLGdiARzvLhAuWuQIOarbpPyrY%2FI70MCqdVuDdZEBiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d20582882b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-core.js?ver=4756
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-core.js?ver=4756
IP 172.67.217.92:0
GET /wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-core.js?ver=4756 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 10 Jan 2023 21:52:54 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Wed, 10 Jan 2024 21:58:20 GMT
etag: W/"63bdde36-9b34"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2227731
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nsHyYEn17cSLpm7s48%2BhT5gkbATmE9MZw%2BuO2RXhx3IJayBwY025j%2FjNrLQXz2zLaNkAQMnM70XkqsNoZGBMnBUTST3A9rvHC41Sl1BoE26drNp7yQpTBx07reC54rRUBDwkQPp3Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d20595ac1b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-includes/js/mediaelement/renderers/vimeo.min.js?ver=4.2.16
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-includes/js/mediaelement/renderers/vimeo.min.js?ver=4.2.16
IP 172.67.217.92:0
GET /wp-includes/js/mediaelement/renderers/vimeo.min.js?ver=4.2.16 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 20 Jul 2022 22:26:08 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Sun, 26 Nov 2023 10:22:34 GMT
etag: W/"62d88100-1940"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 6157384
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OBjQvsm5VQebatPQk48xg4KeyKU3vyLXUMhKJu2s6i0oa5VA3agOO0QWxLGKXnruTAVy7EZDSOcL%2Bbu9JUq5eWcy5DAUs8C9heOmQl8R8Qa%2Fy8b6BrlUZU3BKlxCpazBfmMkmEIsHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d20596ac8b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
c.sharethis.mgr.consensu.org/v1.0/cmp/portal.html
54.230.111.107200 OK 0 B URL HTTP/2 c.sharethis.mgr.consensu.org/v1.0/cmp/portal.html
IP 54.230.111.107:0
GET /v1.0/cmp/portal.html HTTP/1.1
Host: c.sharethis.mgr.consensu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-encoding: gzip
date: Sun, 05 Feb 2023 16:40:05 GMT
cache-control: max-age=3600, public
etag: W/"3a06-5IC5GomJdIO1QMFFecGlooy3O1I"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aq9FVLPmfBgm3MEV71nrWDLBoaig50kGU8cwT_trBZQNzzWugGjwPQ==
age: 433
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/buddypress/bp-templates/bp-legacy/js/buddypress.min.js?ver=11.0.0
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/buddypress/bp-templates/bp-legacy/js/buddypress.min.js?ver=11.0.0
IP 172.67.217.92:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/buddypress/bp-templates/bp-legacy/js/buddypress.min.js?ver=11.0.0 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 31 Jan 2023 06:55:07 GMT
cache-control: public, max-age=31536000
expires: Sat, 03 Feb 2024 23:32:59 GMT
etag: W/"63d8bb4b-853a"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 148451
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1tZ%2BQwLoHdh%2FFdylJltI%2BoS7r8qAYVcPTvlnOX3g%2B9U0WLsyk1bWkW9zZE6Gs8xCizOJrkpoLu2iMl%2F4azxGJoeqzMIHrQtz5B1DX%2BmeY22rLnKDT03ssHYalKwkj1nHRrPF7gbyDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d205858f8b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/buddypress/bp-core/js/widget-members.min.js?ver=11.0.0
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/buddypress/bp-core/js/widget-members.min.js?ver=11.0.0
IP 172.67.217.92:0
GET /wp-content/plugins/buddypress/bp-core/js/widget-members.min.js?ver=11.0.0 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 06 Jan 2023 08:34:10 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Sat, 06 Jan 2024 09:01:19 GMT
etag: W/"63b7dd02-4ae"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2619813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEc02Zt4SswGXFqmi4CGiS5Cb1ge%2Bzjn5Y239lhBhJhYBmtFljFqd5I0R6bxiby8H%2FRj4TcC8VOYLdl9JBHZ%2FFUx6JrGgrGJ3agyaB%2BebImAb77feUwm3LPCCFRLZqisr80bcC%2B83w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d205858e8b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-includes/js/dist/i18n.min.js?ver=5f1269854226b4dd90450db411a12b79
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-includes/js/dist/i18n.min.js?ver=5f1269854226b4dd90450db411a12b79
IP 172.67.217.92:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/i18n.min.js?ver=5f1269854226b4dd90450db411a12b79 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Nov 2022 10:21:48 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Sat, 20 Jan 2024 06:34:59 GMT
etag: W/"6381e8bc-268a"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 1419132
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJgeR2CBdBlJs2k2J5anqoO4P1jmG93X0%2F0KFZXm1XQj%2FbNG8PiqrtbM99uy%2FaakRbIsD7gEQzefSVG%2BsgXy%2FcPHk8pq7kv6bNi6MzFrQNejEPdyW6Cq1mppgvzbDcs4%2Bg%2FsYKLubQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d20595ab7b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
104.16.173.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
IP 104.16.173.188:0
GET /resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:18 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Fri, 27 Nov 2020 14:00:02 GMT
etag: W/"0x8D892DCBC6EB927"
x-ms-request-id: 0c05a17a-201e-0074-2dff-f626f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 176
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d208b6a7d0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/addons/clan-wars/js/public.js?ver=1.5.5
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/addons/clan-wars/js/public.js?ver=1.5.5
IP 172.67.217.92:0
GET /wp-content/themes/skidrowcodex-main/addons/clan-wars/js/public.js?ver=1.5.5 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Wed, 20 Jul 2022 22:26:07 GMT
cache-control: public, max-age=31536000
expires: Sun, 07 Jan 2024 20:36:01 GMT
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2491870
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iLTC3%2B91PCKmFo2ig6ylOnrT0KeMHunOUzJQgFVOWTgcBIsZkJOP9nTrewYcNrX%2B6Hi2YL00IHKWUjgokM23LQH%2Ba7qfoAuXvsrvrINmhIaEYaLnFEyU7m%2BsJ0S%2B3KvB%2BdmkeRl8Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d205858dcb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/responsive-full-width-background-slider/js/jquery.superslides.js
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/responsive-full-width-background-slider/js/jquery.superslides.js
IP 172.67.217.92:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/responsive-full-width-background-slider/js/jquery.superslides.js HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 20 Jul 2022 22:26:07 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Sun, 07 Jan 2024 19:47:50 GMT
etag: W/"62d880ff-3816"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2494761
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bmvb5h1I%2FexVSJecg7DP4g33LZatCVXL10O4DcSYWo%2F84o%2FGqAYyIZVJtE09VZ06uZJNqA2fYJcuI60l2eMtDHq5IUProEf1rzKvYIWQUINh1qsy6TBaC2hr9jY9%2FR%2B1JDubxZ0cbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d20591a2eb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-wrapper.js?ver=4756
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-wrapper.js?ver=4756
IP 172.67.217.92:0
GET /wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-wrapper.js?ver=4756 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 10 Jan 2023 21:52:54 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Fri, 19 Jan 2024 04:17:15 GMT
etag: W/"63bdde36-13c9"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 1513797
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBWX0Laxge5dN4EptdVIKMCw%2BftTiR5zx3XgEmFVV%2BABwbeQ21VUs%2F6rMAqvia5ZBHZnOCB4PdTm121DW7EDD4kYFwt%2B4eThA3k%2B9PESSFgfiMNqYJf3K7azvSr4OgYe9STti2321A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d20596ac4b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B36D29EF91A841C0A6F976F264C459F2&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675615636194)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251647%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228786180287%7c1%22%7d%5d; btag=127656177_B36D29EF91A841C0A6F976F264C459F2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:16 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF99173FAB3F"
x-ms-request-id: af16bb2e-701e-0046-1c81-312685000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 274609
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d20811e32fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/easy-slider.css?ver=20160930
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/easy-slider.css?ver=20160930
IP 172.67.217.92:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/skidrowcodex-main/css/easy-slider.css?ver=20160930 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Sun, 20 Sep 2020 13:10:50 GMT
cache-control: public, max-age=31536000
expires: Thu, 02 Mar 2023 03:17:53 GMT
x-powered-by: PleskLin
cf-cache-status: HIT
age: 29424557
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0T4IMl3eqPKy4UcxjSxQvZpt1xz2Pw5%2B8p6zVWfO7Cw0uLR9%2FPgOMh1GNEka8sKfz3rcn68n58I%2FDjyhb6iUUkYYPPlN71FfCDroZ0rm3QUi9SuVstj4UDXMA%2BiEgRFYdmDSsUImA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d2058185cb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/css/all.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP 172.64.132.15:0
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:16 GMT
content-type: text/css
x-amz-id-2: kBpjnAujkCQOW3Zr0P8Ew6IrWjg48N7+8LpZ64VVWljlBbzpY3QoGqj3PKT7OmPBh8WXfTwfBYk=
x-amz-request-id: F3FX4D4WZDEMXQ23
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 41083
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4shaW2qKUj2u6r9top%2Fj9uUYMtCZo4lsesmtxYonNvIsLLqiE%2BLGJrQtCGB7JIMzBriUW26nqDSb8WlGxPoJQbIJIWo17UOPCQ3KBinikEpK35MuD5CZKc2BAeMEGiZet4dEjkuV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d2081682a24e3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/tooltip.css?ver=20160930
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/css/tooltip.css?ver=20160930
IP 172.67.217.92:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/skidrowcodex-main/css/tooltip.css?ver=20160930 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 20 Jul 2022 22:26:07 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Fri, 19 Jan 2024 05:38:17 GMT
etag: W/"62d880ff-8a2"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 1508934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FRDUV16ikkjzvU28jx%2BNDAWHeSEI2EnEo08X3G0C0GRXbU9jZ5%2FRigcQVfYzj1fV507%2BjAVhzOfA2eKaBVfz173qBpAWKQ%2B2772N8826tmJti%2BBttonSRnmuhOenhR24ks26mx6dXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d2058185eb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B36D29EF91A841C0A6F976F264C459F2&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675615636194)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251647%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228786180287%7c1%22%7d%5d; btag=127656177_B36D29EF91A841C0A6F976F264C459F2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:16 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF9915A7459F"
x-ms-request-id: e677fb13-901e-0061-5581-313141000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 274610
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d20810e25fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/addons/clan-wars/css/site.css?ver=1.5.5
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/addons/clan-wars/css/site.css?ver=1.5.5
IP 172.67.217.92:0
GET /wp-content/themes/skidrowcodex-main/addons/clan-wars/css/site.css?ver=1.5.5 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Sun, 20 Sep 2020 13:10:50 GMT
cache-control: public, max-age=31536000
expires: Tue, 06 Jun 2023 23:01:35 GMT
etag: W/"5f6754da-1548"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 21059135
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQZhKp5sevXDN1JwjeABLycdtimkVY9ZX0ntsELQpzc2GEjXF14uGHeEgAx7Y7LY0uJKNJ3wYtJ0OpMh1kB7wL4Qz0byG6EMRxJngP0RTSjvdIHDp5gvPjCGC0khw4Thdx4NK55IqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d2058084cb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-includes/js/media-audiovideo.min.js
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-includes/js/media-audiovideo.min.js
IP 172.67.217.92:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/media-audiovideo.min.js HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 25 May 2022 22:03:40 GMT
cache-control: public, max-age=31536000
expires: Tue, 04 Jul 2023 17:33:08 GMT
etag: W/"628ea7bc-32a4"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 18659642
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrNA%2Fk3gk4q%2B%2FH84veMmHvVfFR6QBq2lwy1wF4RRGdyhIprXedIw5Rt99PCwUOpaEZMnUVCticLRp5OopdaDePkNkNhgE%2FgT0dxzmaEvJV1WPc%2FyUY81wS%2BcWjN6QH2nSRXVWPZN5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d20595abeb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B36D29EF91A841C0A6F976F264C459F2&bid=37950&campaignId=2799402&pid=68246908
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B36D29EF91A841C0A6F976F264C459F2&bid=37950&campaignId=2799402&pid=68246908
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B36D29EF91A841C0A6F976F264C459F2&bid=37950&campaignId=2799402&pid=68246908 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675615636194)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251647%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:16 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: djoKeCzytkLU3NSdQsOPbQ==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
x-ms-request-id: 387b0a85-901e-002c-7581-39fead000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
set-cookie: btag=127656177_B36D29EF91A841C0A6F976F264C459F2;max-age=2592000; domain=.unibet.com;path=/;secure;samesite=none;httponly
server: cloudflare
cf-ray: 794d20802d71fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
104.16.173.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
IP 104.16.173.188:0
GET /resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:18 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
etag: W/"0x8D89A9A12E2A33B"
x-ms-request-id: aecbdf5c-c01e-0126-115e-a51c52000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 360
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d208b6a880b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-child/style.css
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-child/style.css
IP 172.67.217.92:0
GET /wp-content/themes/skidrowcodex-child/style.css HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 31 Jan 2023 06:55:07 GMT
cache-control: max-age=31536000, public
expires: Mon, 05 Feb 2024 16:47:09 GMT
etag: W/"63d8bb4b-6871"
x-powered-by: PleskLin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDTe3gDTnwWwPUs1ShnoNmvrO%2BzOXgntm8qUBz1kvgrqRmUchAZiB4fHmFAaAEwHHqekhw1bAkFFxaiX39DHyI2d%2BleAczrei9xx%2B9FDPyyO1AB0dgI19NJiCgdw37XnZKh2JBfYsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d205838b1b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/style.css
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/style.css
IP 172.67.217.92:0
GET /wp-content/themes/skidrowcodex-main/style.css HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
x-accel-version: 0.01
last-modified: Wed, 20 Jul 2022 22:26:07 GMT
cache-control: public, max-age=31536000
expires: Sun, 07 Jan 2024 19:54:19 GMT
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2494373
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vift1m%2B1iFJyj4BgNkuimUjHkI68E0UGzDIrgvU9Di3ChByeD7jB15hn5FJPF%2FY1QEMEMXbdyyYNj9qep0pH7dxXdc8yGpPaN%2BXG5us6Apr84e7If5lujzO71%2B99UUS9rXw4nyjklw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d205838aab505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/addons/clan-wars/js/jquery.cookie.pack.js?ver=1.5.5
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/addons/clan-wars/js/jquery.cookie.pack.js?ver=1.5.5
IP 172.67.217.92:0
GET /wp-content/themes/skidrowcodex-main/addons/clan-wars/js/jquery.cookie.pack.js?ver=1.5.5 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 20 Jul 2022 22:26:07 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Sun, 07 Jan 2024 20:37:25 GMT
etag: W/"62d880ff-421"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2491787
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OycrRuFEjHioCOHMD1XkxXED3zOx3di1ufpG%2Blu9mPtf9S99OhCfI%2F7YLteDE%2B%2BQIqmsyHSBhPzGc4kby1PV%2BGJURQ3Z1hCYv1hJx4rPa72gzBqrwejuaf6lIaFjMQzx7hmzJ81cJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d205838c4b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/favicon.ico HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B36D29EF91A841C0A6F976F264C459F2&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675615636194)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251647%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228786180287%7c1%22%7d%5d; btag=127656177_B36D29EF91A841C0A6F976F264C459F2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:16 GMT
content-type: image/x-icon
cache-control: public, max-age=900, immutable
content-md5: rS2fRBxmkqgGx7Qnuz5TbQ==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
etag: W/"0x8DAFF9914F4D898"
x-ms-request-id: e6735b96-c01e-0021-0381-313679000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 274601
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d208318bafac4-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-includes/js/plupload/plupload.min.js?ver=2.1.9
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-includes/js/plupload/plupload.min.js?ver=2.1.9
IP 172.67.217.92:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/plupload/plupload.min.js?ver=2.1.9 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 25 May 2022 22:03:40 GMT
cache-control: public, max-age=31536000
expires: Tue, 06 Jun 2023 23:01:36 GMT
etag: W/"628ea7bc-3cfc"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 21059134
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKjOg1OOZKolAj8me%2FAA2sSSS3K5htt%2F10PEc49fz64ZADwClY65nyxyDMxf431nVGt2XLFjAQnB1L9J8Tl1Jna%2Bh8cp%2BQ9%2Fcw8ySz%2F1p%2BJ8lwFNB28IIClVzCanhWz1Sdb7TAYkkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d2058590fb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/total-war-warhammer-steampunks/
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/total-war-warhammer-steampunks/
IP 172.67.217.92:0
Analyzer Verdict Alert fortinet Malware
GET /total-war-warhammer-steampunks/ HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:09 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33, PleskLin
last-modified: Sun, 05 Feb 2023 01:08:26 GMT
vary: Accept-Encoding
cache-control: max-age=0
expires: Sun, 05 Feb 2023 16:47:08 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ug9HWHPKRoWi%2F6mFqO6sJoZisNoTWCAIBB0sVlKNSAJm%2FDb3wyG1IPaS%2B8qh%2FsNInE%2B8%2FBdkVz01iqekEsBb8kB9nH0dNwq8iZhQJv6pKiYVAbhvl1%2BILXF9VvteiMHeq%2BG35laEZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d20559c08b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
ws.sharethis.com/secure/js/st.7a24464cfcb26c391791f13a4d721c9e.js
54.230.111.78200 OK 0 B URL HTTP/2 ws.sharethis.com/secure/js/st.7a24464cfcb26c391791f13a4d721c9e.js
IP 54.230.111.78:0
GET /secure/js/st.7a24464cfcb26c391791f13a4d721c9e.js HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws.sharethis.com/secure/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
cache-control: max-age=31536000
content-encoding: gzip
date: Wed, 01 Feb 2023 01:02:53 GMT
etag: W/"63d989f3-25687"
expires: Thu, 01 Feb 2024 01:02:53 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nWb5QfOfbGNflgEBgrhZzDbGjy1LBFPFBH7HPbiUCWnX8ecC5vOueA==
age: 402262
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/buddypress/bp-core/js/jquery-query.min.js?ver=11.0.0
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/buddypress/bp-core/js/jquery-query.min.js?ver=11.0.0
IP 172.67.217.92:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/buddypress/bp-core/js/jquery-query.min.js?ver=11.0.0 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Fri, 06 Jan 2023 08:34:10 GMT
cache-control: public, max-age=31536000
expires: Sat, 06 Jan 2024 09:01:19 GMT
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2619813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2qFo%2BHgi2mdplGBxpZIVqOdwV0HutTblBK5x7lw1IEixXM8ub5%2B0fGuswsfXVbFvhyELbsw3nLJW%2FcR6nsWYCLRNMM6u9wtDCaPx5MxPJQqrAbBqhZC1u%2B%2BZ9peAJEI9m8%2FzAJirlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d205858efb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-includes/js/comment-reply.min.js
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-includes/js/comment-reply.min.js
IP 172.67.217.92:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/comment-reply.min.js HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 31 Jan 2023 06:55:09 GMT
cache-control: public, max-age=31536000
expires: Wed, 31 Jan 2024 07:12:47 GMT
etag: W/"63d8bb4d-ba8"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 466463
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xADtCrLDjqHIuz%2BGIZAbbUwlhgPqeGBlRNxUjHib5NxsCDG8eivag3GwXQkAiLNeV1SgZYSTJ%2FvEy%2BZaa0g8GQ7GHbvUZyDwVFYax5%2Fq%2FXR6rUTUkVWn%2BggxjhdtkgpGhxhr8ye5Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d20591a28b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
104.16.173.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
IP 104.16.173.188:0
GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:18 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: f9c36029-201e-0105-665e-a57399000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 358
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d208b6a8d0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-results-vertical.js?ver=4756
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-results-vertical.js?ver=4756
IP 172.67.217.92:0
GET /wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-results-vertical.js?ver=4756 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 10 Jan 2023 21:52:54 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Wed, 10 Jan 2024 21:58:20 GMT
etag: W/"63bdde36-566"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2227731
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2Fml9gXr3Gpxx7xwYOPH9K%2FxsFkWJ%2BnyFTsmm8mE3s%2B4NYudLSIbFb3inQr2Pl4vdZAS91cLydhqskYd74wASfv0iq1MoUiyBMOYLcnZud6yfXu6GmH2e6R%2F0SVgeMcnjaBOYTGsew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d20596ac2b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/google-captcha/js/script.js?ver=1.70
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/google-captcha/js/script.js?ver=1.70
IP 172.67.217.92:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/google-captcha/js/script.js?ver=1.70 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 11 Dec 2022 10:09:58 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Mon, 11 Dec 2023 10:10:15 GMT
etag: W/"6395ac76-23a9"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 4862106
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oBMZXvAHhGL%2Bzb%2FmqsRuMvAVChjdZ38sVbE9Ag8A9rOePLZgMCX4ZwEMBgR62ifrQ3Mzlck%2FZFUfZ9LRYH5Z28i17MTmUKZD6FjZV4Fwveo%2BHbEvRDqOSLv541SMlzOIVfy%2BhLB8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d20596aceb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-includes/js/underscore.min.js?ver=1.13.1
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-includes/js/underscore.min.js?ver=1.13.1
IP 172.67.217.92:0
GET /wp-includes/js/underscore.min.js?ver=1.13.1 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Nov 2022 10:21:49 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Fri, 19 Jan 2024 05:38:18 GMT
etag: W/"6381e8bd-4a84"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 1508934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xp6sGermKxOOTj3kvVEoaogtVH4f8GUdXik442w3Ff3qJwGVDYB05jmbuN%2BDH9GDej1GdOldFG0uD5cpRa%2F%2BUeTJeFj2kBsy8ZONrPpWb88TYkxeaxjKn9oDNlqqgmKZV%2FHOXwS1KA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d20594a7eb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/addons/clan-wars/js/tipsy/jquery.tipsy.js?ver=0.1.7
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/addons/clan-wars/js/tipsy/jquery.tipsy.js?ver=0.1.7
IP 172.67.217.92:0
GET /wp-content/themes/skidrowcodex-main/addons/clan-wars/js/tipsy/jquery.tipsy.js?ver=0.1.7 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 20 Sep 2020 13:10:50 GMT
cache-control: public, max-age=31536000
expires: Tue, 06 Jun 2023 21:32:26 GMT
etag: W/"5f6754da-1113"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 21064484
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQXYdiz8CWJRoJPa2ZPEXRRSDLeInnXPGXn7xCgIIXwX8L8ZXQrj0G2xdApxSmnPbwdyBY4moRtDuJyRO76IUi83%2Fvfs%2FovyRFT6U0I5QzISsB8aADuL6AE5IoTeL7qbpLYtLeMnxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d205848d7b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/buddypress/bp-core/js/vendor/jquery-scroll-to.min.js?ver=11.0.0
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/buddypress/bp-core/js/vendor/jquery-scroll-to.min.js?ver=11.0.0
IP 172.67.217.92:0
GET /wp-content/plugins/buddypress/bp-core/js/vendor/jquery-scroll-to.min.js?ver=11.0.0 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 06 Jan 2023 08:34:10 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Sat, 06 Jan 2024 09:01:19 GMT
etag: W/"63b7dd02-8e1"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2619813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcpH1y6FBKY%2FiEDbTpyFwgwrsB%2FIm8GNlPPR2juYXg53t%2B1vVY3jyaKLy5bvSXIo%2Bfyx8o7gA10BacEkQFgPlqm4mlpM0cjMNk55SAgcrCGoGeb%2BvLSz4gmDlIMLyTjyI4jZq3jsbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d205858f4b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/countdown-timer/js/webtoolkit.sprintf.js?ver=3.0.7
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/countdown-timer/js/webtoolkit.sprintf.js?ver=3.0.7
IP 172.67.217.92:0
GET /wp-content/plugins/countdown-timer/js/webtoolkit.sprintf.js?ver=3.0.7 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 05 Jan 2022 14:58:08 GMT
cache-control: public, max-age=31536000
expires: Wed, 07 Jun 2023 00:33:02 GMT
etag: W/"61d5b200-864"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 21053648
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TSn4nPif1tglLUh%2FRYj94f6kb0%2FwPgw5qFaDGdQmgE0lApsqIqHjHWDAS6lQB9cD6qZiC1teu9wjZuL6vu7RBkZzDfl0445oMBFuymgSPGPsZAWGrwAmBamVnStvfVDdVPOV8QICjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d20585911b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/buddypress/bp-messages/css/blocks/sitewide-notices.min.css?ver=11.0.0
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/buddypress/bp-messages/css/blocks/sitewide-notices.min.css?ver=11.0.0
IP 172.67.217.92:0
GET /wp-content/plugins/buddypress/bp-messages/css/blocks/sitewide-notices.min.css?ver=11.0.0 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 06 Jan 2023 08:34:10 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Sat, 06 Jan 2024 09:01:19 GMT
etag: W/"63b7dd02-57e"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2619813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WaDVlRhrokLo%2FcqTg7Go%2F8N3ot7nCxArvp%2BiRJ9kbuCiyDrB9JMtBE8fSUve1RfLGMDnTMFFHcbseW6Zu821Dvm2sKHII8y1%2B2ttsWNv2%2B%2FNLpjz3%2FCbKkOGLTuJUwI6xAKJkqOtpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d2058083bb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-includes/js/plupload/moxie.min.js?ver=1.3.5
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-includes/js/plupload/moxie.min.js?ver=1.3.5
IP 172.67.217.92:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/plupload/moxie.min.js?ver=1.3.5 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 31 Jan 2022 17:44:17 GMT
cache-control: public, max-age=31536000
expires: Thu, 02 Mar 2023 03:17:52 GMT
etag: W/"61f81ff1-15666"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 29424557
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JW3SVVjY%2F7%2FCnO0o1UMPF%2F0xKJSXNEAD%2Ftj93hOKAiGhaEGx9KlGknE6cYz7x8%2FCZZhCzDOwRHIDoUHdEnDpqKCfV%2Fefd2bf4CuSqrv9wfTzbXSamAsj9JV10uw%2F8PPZ19IM3A4r%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d20585903b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-includes/js/dist/hooks.min.js?ver=a7edae857aab69d69fa10d5aef23a5de
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-includes/js/dist/hooks.min.js?ver=a7edae857aab69d69fa10d5aef23a5de
IP 172.67.217.92:0
GET /wp-includes/js/dist/hooks.min.js?ver=a7edae857aab69d69fa10d5aef23a5de HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Nov 2022 10:21:48 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Sun, 26 Nov 2023 10:22:34 GMT
etag: W/"6381e8bc-1540"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 6157384
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7rMuUmTsyaVdXQv0OakPICzonXVjMcTlZoMUD6BY8U9hv97G%2BU6VQgQcFO2Fau6IHaHS%2FTtIuKBd7jlHgG7YhOvag%2F6nuNVoOdsNgZKCOEtVHdyupMuoDeDQFbDRVD%2Frq15U4ItUfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d20595ab6b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Oswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%20%20%20%20%20%20%20%20%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%20%20%20%20%20%20%20%20%7COpen%2BSans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen%20Sans&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Oswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%20%20%20%20%20%20%20%20%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%20%20%20%20%20%20%20%20%7COpen%2BSans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen%20Sans&display=swap
IP 142.250.74.106:0
GET /css?family=Oswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%20%20%20%20%20%20%20%20%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%20%20%20%20%20%20%20%20%7COpen%2BSans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen%20Sans&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 Feb 2023 16:47:10 GMT
date: Sun, 05 Feb 2023 16:47:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
script.crazyegg.com/pages/scripts/0012/9242.js
104.19.147.8200 OK 0 B URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js
IP 104.19.147.8:0
GET /pages/scripts/0012/9242.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:17 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.22
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Fri, 03 Feb 2023 18:01:45 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 168332
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d20838bcbb51e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/addons/clan-wars/js/tipsy/tipsy.css?ver=0.1.7
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-main/addons/clan-wars/js/tipsy/tipsy.css?ver=0.1.7
IP 172.67.217.92:0
GET /wp-content/themes/skidrowcodex-main/addons/clan-wars/js/tipsy/tipsy.css?ver=0.1.7 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Wed, 20 Jul 2022 22:26:07 GMT
cache-control: public, max-age=31536000
expires: Sun, 07 Jan 2024 20:25:15 GMT
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2492516
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DrIcUnN4W3S1nOIlTxu11rW68QrE1c7X8wxGm38MjOuh7Ue%2BrZhl3j6PhTd7KiGeDLcru0YiCndGwdWkPFXffEOHSg8%2BvOluzM02MdjKBDQLLjh%2BQ%2BlDgsWeWlAzDBS%2Bx9cPvtxAaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d2057e808b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-includes/js/utils.min.js
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-includes/js/utils.min.js
IP 172.67.217.92:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/utils.min.js HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Nov 2022 10:21:49 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Sun, 07 Jan 2024 19:12:10 GMT
etag: W/"6381e8bd-748"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2496901
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uz2Xbti9ZBv3swfu%2B6HOS7GXXElnC1ndYAO%2BE64VOLqBBgkSpuacdiDSpr1GDFSaH28hTXSRxlThkMrxqZkFx2IfWtcY%2B4J9ga3sW40IDu1%2BYhh32ADdHwDOMjlMNhfsOLRzZgau2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d205858fdb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-includes/js/media-editor.min.js
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-includes/js/media-editor.min.js
IP 172.67.217.92:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/media-editor.min.js HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 25 May 2022 22:03:40 GMT
cache-control: public, max-age=31536000
expires: Tue, 06 Jun 2023 22:15:02 GMT
etag: W/"628ea7bc-2a9d"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 21061928
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upK98GkCkGDk1c%2F%2BTwfbWTafcKRiLLJHX0Ukl8rItmeYozJypMoUTAJKzmr9xvxDuisQqBuiDv%2F%2FCs4mD%2BBRVnK7NxV6JOQxzLgqBHL%2F3mevg6i67Iu2C3%2B1Fid%2Fn5LypEb4G6uK4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d20595abcb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B36D29EF91A841C0A6F976F264C459F2&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675615636194)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251647%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228786180287%7c1%22%7d%5d; btag=127656177_B36D29EF91A841C0A6F976F264C459F2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:16 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Thu, 26 Jan 2023 12:30:23 GMT
etag: W/"0x8DAFF991898A021"
x-ms-request-id: e9253db8-601e-0075-8081-31792e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 274604
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d20810e21fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/buddypress/bp-core/css/blocks/login-form.min.css?ver=11.0.0
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/buddypress/bp-core/css/blocks/login-form.min.css?ver=11.0.0
IP 172.67.217.92:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/buddypress/bp-core/css/blocks/login-form.min.css?ver=11.0.0 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Fri, 06 Jan 2023 08:34:09 GMT
cache-control: public, max-age=31536000
expires: Sat, 06 Jan 2024 09:01:19 GMT
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2619813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7K%2BQ1bOtzKW6eJe0MsESGyyxEbqhaD0Mm9vJSZfnv1DZolZ02aDSYXW9ILjY5WYKE4fgeASM4bC5gIZ4p7ZxUJKSJT%2FEMWs0aESqi56IN146PxQq%2FA9JftF%2BAg5NIO7nW3uNCTzF6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d2057f814b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/themes/skidrowcodex-child/style.css?ver=20150401
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/themes/skidrowcodex-child/style.css?ver=20150401
IP 172.67.217.92:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/skidrowcodex-child/style.css?ver=20150401 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 20 May 2022 17:10:46 GMT
cache-control: public, max-age=31536000
expires: Tue, 06 Jun 2023 23:01:35 GMT
etag: W/"6287cb96-679a"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 21059134
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qsaMuVrGOFI30i6wbxgAXWlYTm6HlAa3iMf%2FG%2B03lRANEsXAn%2FlSoH1jeTPTsfLhsu5LXSjXLybnW3%2BctskqBDLkxyTp4W0geLpA8xs4KZQ5NBNoRVXMky0i%2FgBe5A5XS3rvF69spg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794d20580847b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/buddypress/bp-core/js/confirm.min.js?ver=11.0.0
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/buddypress/bp-core/js/confirm.min.js?ver=11.0.0
IP 172.67.217.92:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/buddypress/bp-core/js/confirm.min.js?ver=11.0.0 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Fri, 06 Jan 2023 08:34:10 GMT
cache-control: public, max-age=31536000
expires: Sat, 06 Jan 2024 09:01:19 GMT
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2619813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzttlfGCvhnrllQBtqJmysztoImQaYtMl2UV%2FdHQFprUV5mwGtSxen4xyUA9OkQUl8LWvyyEOytqTigO29gSMJJwgIdEK45lXP7lFladxVGVMhGhdFqMNtmIqrCOwg3hBYjdvuC22g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d205858e2b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.skidrowcodex.net/wp-content/plugins/buddypress/bp-core/js/vendor/jquery-cookie.min.js?ver=11.0.0
172.67.217.92200 OK 0 B URL HTTP/2 www.skidrowcodex.net/wp-content/plugins/buddypress/bp-core/js/vendor/jquery-cookie.min.js?ver=11.0.0
IP 172.67.217.92:0
GET /wp-content/plugins/buddypress/bp-core/js/vendor/jquery-cookie.min.js?ver=11.0.0 HTTP/1.1
Host: www.skidrowcodex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skidrowcodex.net/total-war-warhammer-steampunks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:47:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 06 Jan 2023 08:34:10 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Sat, 06 Jan 2024 09:01:19 GMT
etag: W/"63b7dd02-4cd"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2619813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p6rljD%2BE3teLzCX7a2dtBaLCOx53CoQLX5Tk1JuAo8rZx1FtfoBZMCZ5dOiHP7Do7vjJAmshQjVJWrYnyHNVCC4PGzNYa73FW67%2BL%2F5xiS8KEgUUHSUuDgIXRp31Hv9syaDtD5UMuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794d205858f1b505-OSL
content-encoding: br
X-Firefox-Spdy: h2