r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7564
Expires: Fri, 09 Dec 2022 22:33:11 GMT
Date: Fri, 09 Dec 2022 20:27:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4598
Expires: Fri, 09 Dec 2022 21:43:45 GMT
Date: Fri, 09 Dec 2022 20:27:07 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 19:33:14 GMT
content-type: application/json
age: 3233
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13537
Expires: Sat, 10 Dec 2022 00:12:44 GMT
Date: Fri, 09 Dec 2022 20:27:07 GMT
Connection: keep-alive
homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
162.213.253.54301 Moved Permanently 707 B URL HTTP/1.1 homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
IP 162.213.253.54:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
GET /native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/ HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Fri, 09 Dec 2022 20:27:07 GMT
server: LiteSpeed
location: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
x-turbo-charged-by: LiteSpeed
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: aVbUYz/jPX+JNL6GfeT6MYpdMXiw4ZESaobA2gTCrhQ2EMIQlwygIEdNMK6es1+FH+rBzQ0Swls=
x-amz-request-id: RMNFDT8XQ4XTJHPC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 19:48:29 GMT
age: 2318
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 20:27:07 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 20:07:55 GMT
age: 1153
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3890
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 20:27:08 GMT
Last-Modified: Fri, 09 Dec 2022 19:22:18 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 10e710a217954b9ce1df25f1e04a9b80
34fd9b796447e2df73182a16e0ec304e15480bea
1022b9fd50841f4de80373dcd71e9480681400ccde2441a3ec3bf54696201c1c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 20:27:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 08 Dec 2022 07:39:03 GMT
Expires: Thu, 15 Dec 2022 07:39:02 GMT
Etag: "34fd9b796447e2df73182a16e0ec304e15480bea"
Cache-Control: max-age=471713,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77707ad07b9e0b65-OSL
push.services.mozilla.com/
44.242.3.166101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.242.3.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MB7tYLjnt5Zj5VUUyCoxWw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IUt3nCSylEkN4Sl86j/gm8flPLQ=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 20:27:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 795e67bdfadc3c890a663080413b56b7
fdefde3befb6aceac3c337c34c8d738f5091908c
8375b55cfc13989b0cf96293b7bead2ce5811a993b3445da1776ca7015c36985
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 20:27:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-225627445-1
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-225627445-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash 250276d7fea98992ed5a08803191a38a
506d9042493f6db34dfa64c04a5aaa9aac730c8e
8336a183a8005b6ed4acd444c3c4eec974e52a98f2b409a7a6d6018cca4589d8
GET /gtag/js?id=UA-225627445-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Dec 2022 20:27:09 GMT
expires: Fri, 09 Dec 2022 20:27:09 GMT
cache-control: private, max-age=900
last-modified: Fri, 09 Dec 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43633
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f7aef7109978f8c1c53298563756a403
d610bb812b080710945dd47f9cccd794af9fe2f7
6366bc97e3f9ac9a6e8a294da60f2d961d2106180fd8ffaae97bc82ea399edb9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 20:27:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 20:27:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
homesolarpowersolution.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
162.213.253.54200 OK 2.4 kB URL HTTP/2 homesolarpowersolution.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
IP 162.213.253.54:0
File type ASCII text, with very long lines (11256), with no line terminators
Hash ce94f62588d05264ac0148712111cb11
518bcd922f54169aeb199c0ccbc5877165ac218e
84ab658a69c39f424be0b27f61d612447d01606fce33beb962cbea53627d8c81
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:09 GMT
content-type: text/css
last-modified: Wed, 30 Sep 2020 01:23:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2394
date: Fri, 09 Dec 2022 20:27:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
homesolarpowersolution.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
162.213.253.54200 OK 12 kB URL HTTP/2 homesolarpowersolution.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 162.213.253.54:0
File type ASCII text, with very long lines (47826)
Hash c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:09 GMT
content-type: text/css
last-modified: Wed, 16 Nov 2022 02:48:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Fri, 09 Dec 2022 20:27:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
homesolarpowersolution.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
162.213.253.54200 OK 848 B URL HTTP/2 homesolarpowersolution.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP 162.213.253.54:0
Hash c962ba8e7d42ff9da18392b41dad5151
7b89bc5e6ad161df2e6d7f7fb3ad894aa04b827f
322a4949c5bdd82eb80c13bbbd407ce30a7ad226685c54270d246cb6960e524e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:09 GMT
content-type: text/css
last-modified: Wed, 19 Oct 2022 14:48:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 848
date: Fri, 09 Dec 2022 20:27:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
homesolarpowersolution.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=bcb4f14ba9142ca1fd172c7d9de6043b
162.213.253.54200 OK 4.4 kB URL HTTP/2 homesolarpowersolution.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=bcb4f14ba9142ca1fd172c7d9de6043b
IP 162.213.253.54:0
File type ASCII text, with very long lines (37612), with no line terminators
Hash 4df29c95b736edeeeb33bc7693a99b37
2c41e37aedc03a40d919cba6c90029082d222899
6b7be65cdd77f9d800f56a7c4827f598b866f0fde41a6bd5d297d3bbeb5aedf7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=bcb4f14ba9142ca1fd172c7d9de6043b HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:09 GMT
content-type: text/css
last-modified: Tue, 12 Apr 2022 15:48:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4410
date: Fri, 09 Dec 2022 20:27:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
homesolarpowersolution.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
162.213.253.54200 OK 982 B URL HTTP/2 homesolarpowersolution.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
IP 162.213.253.54:0
File type ASCII text, with very long lines (4186), with no line terminators
Hash 24f4d7f425e792ab35adaab50816e54a
9e25bf79b674ddb7ba09ad7f118c50ec473c02c8
1c78bfb4d523785a4ebd37bb1f79f214f9bdb16673f7cc50805f7f1a26ad7f83
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1 HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:09 GMT
content-type: text/css
last-modified: Sat, 08 Jun 2019 06:15:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 982
date: Fri, 09 Dec 2022 20:27:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
homesolarpowersolution.com/wp-includes/css/classic-themes.min.css?ver=1
162.213.253.54200 OK 217 B URL HTTP/2 homesolarpowersolution.com/wp-includes/css/classic-themes.min.css?ver=1
IP 162.213.253.54:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:09 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 02:51:09 GMT
accept-ranges: bytes
content-length: 217
date: Fri, 09 Dec 2022 20:27:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
homesolarpowersolution.com/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0
162.213.253.54200 OK 537 B URL HTTP/2 homesolarpowersolution.com/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0
IP 162.213.253.54:0
Hash 912417e2f1dc528315cd897c614a4728
b1a691de86c05ef439850bf18cc5747b1c777d0a
ff745eec876a0fe33c5b164e90a1196970ee2c5ce79a269002d6b928b993f469
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0 HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:09 GMT
content-type: text/css
last-modified: Mon, 11 Apr 2022 08:11:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 537
date: Fri, 09 Dec 2022 20:27:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ae930664787e0d63f247eaf2cdf5f067
7fd675ecd0e30262eb2f3cf9f87d983e32ed779e
08c61813373b17ee51fec317648c02ab60f6fd69a71b8fe89beba0d589390cd4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08C61813373B17EE51FEC317648C02AB60F6FD69A71B8FE89BEBA0D589390CD4"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1133
Expires: Fri, 09 Dec 2022 20:46:02 GMT
Date: Fri, 09 Dec 2022 20:27:09 GMT
Connection: keep-alive
homesolarpowersolution.com/wp-content/themes/Newspaper/style.css?ver=11.4.3
162.213.253.54200 OK 24 kB URL HTTP/2 homesolarpowersolution.com/wp-content/themes/Newspaper/style.css?ver=11.4.3
IP 162.213.253.54:0
File type ASCII text, with very long lines (378)
Hash 0e27785124e7d59b95182680b8490296
44de39c62bb644e2a64ead0afd63c7b211d4e80c
f614fa522aef6fee1159b8c63090e1533296fca8c0968a55cd33dc009917ecb2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Newspaper/style.css?ver=11.4.3 HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:09 GMT
content-type: text/css
last-modified: Tue, 12 Apr 2022 15:48:35 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 24019
date: Fri, 09 Dec 2022 20:27:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
homesolarpowersolution.com/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.css?ver=bcb4f14ba9142ca1fd172c7d9de6043b
162.213.253.54200 OK 1.9 kB URL HTTP/2 homesolarpowersolution.com/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.css?ver=bcb4f14ba9142ca1fd172c7d9de6043b
IP 162.213.253.54:0
File type ASCII text, with CRLF line terminators
Hash 122940b2e9f0fdf9f85272f6cac32738
b4bfca77c742db68605b52880d981d9f3a4a00d4
bafb917d1856a39b7faa3df5048fa6bb21e128ad8f18d0faa5adb660bf509abb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.css?ver=bcb4f14ba9142ca1fd172c7d9de6043b HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:09 GMT
content-type: text/css
last-modified: Tue, 12 Apr 2022 15:48:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1867
date: Fri, 09 Dec 2022 20:27:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
homesolarpowersolution.com/wp-content/plugins/td-subscription/assets/css/tds-front.css?ver=1.3.3
162.213.253.54200 OK 6.2 kB URL HTTP/2 homesolarpowersolution.com/wp-content/plugins/td-subscription/assets/css/tds-front.css?ver=1.3.3
IP 162.213.253.54:0
File type ASCII text, with very long lines (1273)
Hash 1aab00a0c7772bdc57741af99f36bd68
578a920ec0f383d957e86a176bca2e5162bf648b
52a9add6e549ea0de4a3e1b9429a74b8247d2b134ca2b850d42f292610addd4f
GET /wp-content/plugins/td-subscription/assets/css/tds-front.css?ver=1.3.3 HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:09 GMT
content-type: text/css
last-modified: Tue, 08 Nov 2022 14:49:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6170
date: Fri, 09 Dec 2022 20:27:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
homesolarpowersolution.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=bcb4f14ba9142ca1fd172c7d9de6043b
162.213.253.54200 OK 23 kB URL HTTP/2 homesolarpowersolution.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=bcb4f14ba9142ca1fd172c7d9de6043b
IP 162.213.253.54:0
Hash 625cece8f2db2a7637ae619c1c87a89b
a5d76a8d83401d2f77e93ea9e8020a4774f924e0
1eba9623796614fd3a86a44396f47e00852ccec4bbfdec6394f212e8623df4eb
GET /wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=bcb4f14ba9142ca1fd172c7d9de6043b HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:09 GMT
content-type: text/css
last-modified: Tue, 12 Apr 2022 15:48:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 23076
date: Fri, 09 Dec 2022 20:27:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
homesolarpowersolution.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.6
162.213.253.54200 OK 16 kB URL HTTP/2 homesolarpowersolution.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.6
IP 162.213.253.54:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 4665bddda8e451a96fcf12b30e896ebe
0bf609d8ea847ba195480a7534495da0d133aceb
32375ba04c4dbbc81f4d6b812dfd5225b484333f87a6cb1841fd69a4aaa8b208
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=11.6 HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:09 GMT
content-type: text/css
last-modified: Tue, 29 Nov 2022 01:32:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15678
date: Fri, 09 Dec 2022 20:27:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
homesolarpowersolution.com/wp-content/plugins/jetpack/_inc/build/related-posts/related-posts.min.js?ver=20211209
162.213.253.54200 OK 1.7 kB URL HTTP/2 homesolarpowersolution.com/wp-content/plugins/jetpack/_inc/build/related-posts/related-posts.min.js?ver=20211209
IP 162.213.253.54:0
File type ASCII text, with very long lines (5644), with no line terminators
Hash ad08d958b0fa0818040307e031417654
d935244350d3b819dc83b1f4d53c13a91982b6aa
caf7c41eef8e467500a6651b592a62701484fdbeb93b92c01aaa497af1d4f434
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/jetpack/_inc/build/related-posts/related-posts.min.js?ver=20211209 HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:09 GMT
content-type: application/javascript
last-modified: Tue, 07 Dec 2021 21:56:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1729
date: Fri, 09 Dec 2022 20:27:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
homesolarpowersolution.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
162.213.253.54200 OK 4.0 kB URL HTTP/2 homesolarpowersolution.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 162.213.253.54:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:09 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Fri, 09 Dec 2022 20:27:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
homesolarpowersolution.com/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.1.1
162.213.253.54200 OK 316 B URL HTTP/2 homesolarpowersolution.com/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.1.1
IP 162.213.253.54:0
Hash 98562a00d396f4e497bd060365515379
b6e09dd87b22b6a7293551423b3e318d4a504ada
da6c3b5ec1baea8dfefe9a30abfa3ee6ba64464cb5ff44856d0704fb45323d40
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-automatic/js/main-front.js?ver=6.1.1 HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:09 GMT
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 08:11:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 316
date: Fri, 09 Dec 2022 20:27:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
way.specialblueitems.com/src/main.js?v=4.0.4
159.69.234.10200 OK 2.5 kB URL HTTP/1.1 way.specialblueitems.com/src/main.js?v=4.0.4
IP 159.69.234.10:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2461), with no line terminators
Hash d7e0500e7bb22b8c5bb130e431edec48
04255bae091b82fdeae138378966a827af1b601c
a33c56f5e58f4353d56d77fc020a92fbb8dd9c6e8aa001bf6a05dbfb9a013d8c
GET /src/main.js?v=4.0.4 HTTP/1.1
Host: way.specialblueitems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 20:27:09 GMT
Content-Type: application/javascript
Content-Length: 2461
Last-Modified: Fri, 09 Dec 2022 11:45:49 GMT
Connection: keep-alive
ETag: "63931fed-99d"
Expires: Mon, 19 Dec 2022 20:27:09 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
way.specialblueitems.com/cQr4Rv?&se_referrer=&default_keyword=&&frm639317151a8ac=script639317151a8ae&_cid=cd0fa365-cd5a-1ed9-e213-8e1ce3b6bb97
159.69.234.10200 OK 3.0 kB URL HTTP/1.1 way.specialblueitems.com/cQr4Rv?&se_referrer=&default_keyword=&&frm639317151a8ac=script639317151a8ae&_cid=cd0fa365-cd5a-1ed9-e213-8e1ce3b6bb97
IP 159.69.234.10:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (9683), with no line terminators
Hash 90f5d7a6c6b5af4dd780da954aa49260
6fec38437297491cecd2316066ff4e8d9d7b6095
41e9cd9b0f4a83292384c45f1c6eb1c28da77d7c42bcb594d7de863dc62b9030
GET /cQr4Rv?&se_referrer=&default_keyword=&&frm639317151a8ac=script639317151a8ae&_cid=cd0fa365-cd5a-1ed9-e213-8e1ce3b6bb97 HTTP/1.1
Host: way.specialblueitems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 20:27:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Expires: 0
Pragma: no-cache
Set-Cookie: _subid=s8hnpamonb;Expires=Monday, 09-Jan-2023 20:27:09 GMT;Max-Age=2678400;Path=/
674be=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNjcwNjE3NjI5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNjcwNjE3NjI5fSxcInRpbWVcIjoxNjcwNjE3NjI5fSJ9.xOyycbq_O1VSp4psCCUQ0VBxi6SNtVMjq7lk_-ZCCcw;Expires=Monday, 18-Nov-2075 16:54:18 GMT;Max-Age=1670704029;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15390
Expires: Sat, 10 Dec 2022 00:43:39 GMT
Date: Fri, 09 Dec 2022 20:27:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15390
Expires: Sat, 10 Dec 2022 00:43:39 GMT
Date: Fri, 09 Dec 2022 20:27:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15390
Expires: Sat, 10 Dec 2022 00:43:39 GMT
Date: Fri, 09 Dec 2022 20:27:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15390
Expires: Sat, 10 Dec 2022 00:43:39 GMT
Date: Fri, 09 Dec 2022 20:27:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15390
Expires: Sat, 10 Dec 2022 00:43:39 GMT
Date: Fri, 09 Dec 2022 20:27:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 730ba1a8edb79ba6f83b46d1ba5aed7b
55a236fedf6f5f7ca2bb88ae13e20846a50fd36d
f8043e76265c59073d111987fd4c08d05a3ac80989af9269cca9ebcc21af4013
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12748
x-amzn-requestid: edd028e3-c23e-4985-b12d-d3ebe760df47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjuciEptIAMFj9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af783-1c151eb66f590c9c0e0c4c82;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:15:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -y4-_OwHl5_OFykJYYZSqwIopjKoYy1MhaGTpVXd4Grq2EsUP2c3IA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:44:29 GMT
age: 45760
etag: "55a236fedf6f5f7ca2bb88ae13e20846a50fd36d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: N-zFZ8yeL7RrOZ5xfqvfBaE3zcXWecvr6Jd-93nKiUZlCXp2n2_Bgw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:41:46 GMT
age: 60323
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
homesolarpowersolution.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
162.213.253.54200 OK 2.8 kB URL HTTP/2 homesolarpowersolution.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 162.213.253.54:0
File type ASCII text, with very long lines (9937), with no line terminators
Hash 4317b1c024df372435f6482deadddeb3
5c8824a17e40a44ea8fc51568b98bdb1e2e7fab5
3798fb16289ba55459fb6d3b2efa915e3c019c5942759abb7bd19a0ef622b85d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:09 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 14:48:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2817
date: Fri, 09 Dec 2022 20:27:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
homesolarpowersolution.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
162.213.253.54200 OK 3.7 kB URL HTTP/2 homesolarpowersolution.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 162.213.253.54:0
File type HTML document, ASCII text, with very long lines (12310), with no line terminators
Hash dc6411bfa6891b75944f0074c945752d
03c1a8b686c287068c61ab90f58d905496d65085
96abeabc9cc7b4c2b7d46579f2827c67ccd02fbaef0343ae052f71accd381b0d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:09 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 14:48:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3706
date: Fri, 09 Dec 2022 20:27:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
homesolarpowersolution.com/wp-includes/js/underscore.min.js?ver=1.13.4
162.213.253.54200 OK 7.2 kB URL HTTP/2 homesolarpowersolution.com/wp-includes/js/underscore.min.js?ver=1.13.4
IP 162.213.253.54:0
File type ASCII text, with very long lines (18798)
Hash f4bb18d2e152ba945cb63980362f40e9
925f93a6c4ee411e97d8dc3186f9d66c4b5169ab
16ab496a6c74f5f272f7a5c31e9cb69c753fea994396ef6deacf641180ad317b
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:09 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 02:51:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7179
date: Fri, 09 Dec 2022 20:27:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
homesolarpowersolution.com/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=b2e02a383c117d2c27b181e37c1c9e0e
162.213.253.54200 OK 1.9 kB URL HTTP/2 homesolarpowersolution.com/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=b2e02a383c117d2c27b181e37c1c9e0e
IP 162.213.253.54:0
File type ASCII text, with very long lines (543)
Hash 4edbc729d471a199d42fcdf85bda8867
20c0716dffdb5e2bce8083056dad81dbeec41730
2fed1eb5bc5274920feef94c205ed209f94d23953cff4ab014dad6206f8733c3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=b2e02a383c117d2c27b181e37c1c9e0e HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:09 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 15:48:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1853
date: Fri, 09 Dec 2022 20:27:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
homesolarpowersolution.com/wp-includes/js/comment-reply.min.js?ver=6.1.1
162.213.253.54200 OK 1.2 kB URL HTTP/2 homesolarpowersolution.com/wp-includes/js/comment-reply.min.js?ver=6.1.1
IP 162.213.253.54:0
File type ASCII text, with very long lines (2946)
Hash 7d8acf37582bf5212cbf4e31105de2ac
19581f31ceed66b11804eb6a2b3d00d43f73f071
d48d28cdb9d3dd8b812129663e5cc8b373b67629e2e65988d2b274960f7b847f
GET /wp-includes/js/comment-reply.min.js?ver=6.1.1 HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:09 GMT
content-type: application/javascript
last-modified: Wed, 25 May 2022 02:50:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1228
date: Fri, 09 Dec 2022 20:27:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
homesolarpowersolution.com/wp-content/plugins/td-subscription/assets/js/js_files_for_front.min.js?ver=1.3.3
162.213.253.54200 OK 7.7 kB URL HTTP/2 homesolarpowersolution.com/wp-content/plugins/td-subscription/assets/js/js_files_for_front.min.js?ver=1.3.3
IP 162.213.253.54:0
File type ASCII text, with very long lines (545)
Hash ef6d8050fcf1a3d07694692be9ecb1b8
02746c8f495c1e68a1b959f6060a58b4ea97b065
74da44019313a12bced599cc8bcb0514cbb7cbbc787954def1f50bf9118fd504
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/td-subscription/assets/js/js_files_for_front.min.js?ver=1.3.3 HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:09 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 14:49:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7734
date: Fri, 09 Dec 2022 20:27:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8546542f00ea29ef4df6ab8d3c7c2164
5c8ffe91490006a9890188b53f875568c2b6bd8f
7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H067kZXU_djWxbWO34bYMqa0xZ-WF9ntEBhZ-kV_TDoJFXQL_J1hqQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:34:27 GMT
age: 60762
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 400d1465-ecbf-4d95-8aa8-4dce5dca0716
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctluwGo4oAMFhTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee991-6dba29ae7065d5347a1a420d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Lazl-stakC-31gMuQ2WzH9uFkIb0g7HaaM3xkwSFdFJMWKTaKqrBEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:07:07 GMT
age: 58802
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7Dp35PIr_WYUI1bBa21AvmCMEPi0d3jnhuS8eEk3Q3CXRcGWAnkD8g==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 16:56:53 GMT
age: 12616
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
homesolarpowersolution.com/wp-content/uploads/2022/04/728X90_V1.jpg
162.213.253.54301 Moved Permanently 707 B URL HTTP/1.1 homesolarpowersolution.com/wp-content/uploads/2022/04/728X90_V1.jpg
IP 162.213.253.54:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/uploads/2022/04/728X90_V1.jpg HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Fri, 09 Dec 2022 20:27:09 GMT
server: LiteSpeed
location: https://homesolarpowersolution.com/wp-content/uploads/2022/04/728X90_V1.jpg
x-turbo-charged-by: LiteSpeed
homesolarpowersolution.com/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=b2e02a383c117d2c27b181e37c1c9e0e
162.213.253.54200 OK 8.7 kB URL HTTP/2 homesolarpowersolution.com/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=b2e02a383c117d2c27b181e37c1c9e0e
IP 162.213.253.54:0
File type ASCII text, with very long lines (1037)
Hash b2830919095b66ca1622284f15edd59a
d3bd664f45db360422843c72705a05a042e2bcf0
fd70e0b7ba4616fb51542f90c13d8b607725e729730f1dd158fe817414e55337
GET /wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=b2e02a383c117d2c27b181e37c1c9e0e HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:09 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 15:48:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8689
date: Fri, 09 Dec 2022 20:27:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
homesolarpowersolution.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
162.213.253.54200 OK 30 kB URL HTTP/2 homesolarpowersolution.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 162.213.253.54:0
File type ASCII text, with very long lines (65447)
Hash 3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:09 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 02:51:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Fri, 09 Dec 2022 20:27:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
homesolarpowersolution.com/wp-content/uploads/2022/04/Home-Solar-Power-Solution-e1649784351445-removebg-preview.png
162.213.253.54200 OK 27 kB URL HTTP/2 homesolarpowersolution.com/wp-content/uploads/2022/04/Home-Solar-Power-Solution-e1649784351445-removebg-preview.png
IP 162.213.253.54:0
File type PNG image data, 446 x 247, 8-bit/color RGBA, non-interlaced\012- data
Hash 6573a4c5ea2a3a3fd296c0e09d84d98a
79505aa14aa7039669c50d1a257391449385c853
dcf0e828be445dd4113eb97267009b36167f1416cf391e953a391b8de2e28ea0
GET /wp-content/uploads/2022/04/Home-Solar-Power-Solution-e1649784351445-removebg-preview.png HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:09 GMT
content-type: image/png
last-modified: Tue, 12 Apr 2022 17:27:08 GMT
accept-ranges: bytes
content-length: 27292
date: Fri, 09 Dec 2022 20:27:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
homesolarpowersolution.com/wp-content/uploads/2022/04/Home-Solar-Power-Solution-e1649784351445.png
162.213.253.54200 OK 17 kB URL HTTP/2 homesolarpowersolution.com/wp-content/uploads/2022/04/Home-Solar-Power-Solution-e1649784351445.png
IP 162.213.253.54:0
File type PNG image data, 446 x 247, 8-bit/color RGBA, non-interlaced\012- data
Hash 6ce4f0b4df4f999e0dffac1245059160
aa717a82904c206e10451b179c0f4fb9cd297323
19a7b239d60d5410fb533cd1cc47b1118a2083bfb1c4ea79b3dccff55d5feeb9
GET /wp-content/uploads/2022/04/Home-Solar-Power-Solution-e1649784351445.png HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:09 GMT
content-type: image/png
last-modified: Tue, 12 Apr 2022 17:25:51 GMT
accept-ranges: bytes
content-length: 17430
date: Fri, 09 Dec 2022 20:27:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
homesolarpowersolution.com/wp-content/uploads/2022/04/240X400_V3.jpg
162.213.253.54200 OK 41 kB URL HTTP/2 homesolarpowersolution.com/wp-content/uploads/2022/04/240X400_V3.jpg
IP 162.213.253.54:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 240x400, components 3\012- data
Hash 0632af9d8d0ae87010fad189e8ff293f
f34c0fbaf18aba684f3e7718ecdc494a35c79ace
224e2efda9f725537b9b777e2757f569af6a57c8a3527c0685109dce309f9ce7
GET /wp-content/uploads/2022/04/240X400_V3.jpg HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:09 GMT
content-type: image/jpeg
last-modified: Tue, 12 Apr 2022 08:49:55 GMT
accept-ranges: bytes
content-length: 41228
date: Fri, 09 Dec 2022 20:27:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
homesolarpowersolution.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.4.3
162.213.253.54200 OK 62 kB URL HTTP/2 homesolarpowersolution.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.4.3
IP 162.213.253.54:0
File type ASCII text, with very long lines (670)
Hash d4ec48b4b62d3bc41c607337a1a3bb81
879abea474533d1361403698977c4a3a0c88cefc
442606417474ed246c6a0cfcedad38caff662177f1d817f04d0cb77ecbe800c7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.4.3 HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:09 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 15:48:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 61873
date: Fri, 09 Dec 2022 20:27:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
homesolarpowersolution.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
162.213.253.54200 OK 4.6 kB URL HTTP/2 homesolarpowersolution.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 162.213.253.54:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:09 GMT
content-type: application/javascript
last-modified: Wed, 25 May 2022 02:50:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Fri, 09 Dec 2022 20:27:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
homesolarpowersolution.com/wp-content/uploads/2022/04/728X90_V1.jpg
162.213.253.54200 OK 27 kB URL HTTP/2 homesolarpowersolution.com/wp-content/uploads/2022/04/728X90_V1.jpg
IP 162.213.253.54:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 728x90, components 3\012- data
Hash e13899e710f9b8dc74c4e140ccb1d4fd
7a6b807cf7abbc042f8d18af513c62051aed63e7
c2d5f455f5f06fde6f770bb71b050b3f6444548240066bfa418597dc6103611f
GET /wp-content/uploads/2022/04/728X90_V1.jpg HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:10 GMT
content-type: image/jpeg
last-modified: Tue, 12 Apr 2022 10:26:11 GMT
accept-ranges: bytes
content-length: 26909
date: Fri, 09 Dec 2022 20:27:10 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 101b88a5a141e4659cc3150b7ca565b6
898ea48b6bb3c316e651cb4bc6451be06c050ab9
5ae54f788fa6724f16af03528f24db2ecbbefd8e5fc9af7fb2a79551911ca09f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4607
Cache-Control: max-age=162144
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 20:27:10 GMT
Etag: "63935e7f-1d7"
Expires: Sun, 11 Dec 2022 17:29:34 GMT
Last-Modified: Fri, 09 Dec 2022 16:12:47 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
www.facebook.com/plugins/like.php?href=https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: PGZKY3L90vMQu5y1OwkOWkj3xoxMZ0UOfJUHR1qsYVkFs5HssITjHuwD5RjksOhF20+0m9FywlQ7y3VxfpVE2w==
content-length: 0
date: Fri, 09 Dec 2022 20:27:10 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c9208747f2926b414bae65ed0e18fac5
3b25f459b1fe1a63689880699450305a8aee8b77
2c5333a23ade630e8dd8242aa59e371fa2208e265c58916e6fa799683d53f196
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 20:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 20:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 101b88a5a141e4659cc3150b7ca565b6
898ea48b6bb3c316e651cb4bc6451be06c050ab9
5ae54f788fa6724f16af03528f24db2ecbbefd8e5fc9af7fb2a79551911ca09f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4607
Cache-Control: max-age=162144
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 20:27:10 GMT
Etag: "63935e7f-1d7"
Expires: Sun, 11 Dec 2022 17:29:34 GMT
Last-Modified: Fri, 09 Dec 2022 16:12:47 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://homesolarpowersolution.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:54 GMT
expires: Thu, 07 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 175996
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c9208747f2926b414bae65ed0e18fac5
3b25f459b1fe1a63689880699450305a8aee8b77
2c5333a23ade630e8dd8242aa59e371fa2208e265c58916e6fa799683d53f196
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 20:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 20:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 20:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2
216.58.207.227200 OK 33 kB URL HTTP/2 fonts.gstatic.com/s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 32900, version 1.0\012- data
Hash fda3323314d895ae39de612559f6fad9
644dbb14f599920fdc8f8260b6e67bd1f8770e89
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
GET /s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://homesolarpowersolution.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:41:39 GMT
expires: Thu, 07 Dec 2023 19:41:39 GMT
cache-control: public, max-age=31536000
age: 175531
last-modified: Wed, 27 Apr 2022 15:44:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://homesolarpowersolution.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:56 GMT
expires: Thu, 07 Dec 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 175994
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://homesolarpowersolution.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:13 GMT
expires: Sat, 09 Dec 2023 13:33:13 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 24837
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg
34.120.237.76200 OK 18 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg
IP 34.120.237.76:0
File type Web Open Font Format (Version 2), TrueType, length 17912, version 1.0\012- data
Hash 4116d9a86a2889032aaca45779a997ca
c99f3ea2bd016a259a1cb864aa31b38def9cb667
3c46b18a1ccba221be436881e1649ef1bfd1e656184fcd535e84bc77c77e8e5d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7801
x-amzn-requestid: cb8d5aab-409f-4b39-b498-b1ba84f34e06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFRNHX4oAMFvoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c07-7c6e3bfa3f81082b48f43fa9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8QHhEAFHTHd-5UqS1S5qwJj_h4WNfix2CgS4MO4zR_psrzgMP3SZ5g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 17:48:23 GMT
age: 9526
etag: "3446450df60d732f9021d5bfd5f5f7c6c870d9ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://homesolarpowersolution.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:52:41 GMT
expires: Tue, 05 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 351269
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 20:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pixel.wp.com/g.gif?v=ext&blog=205419254&post=6428&tz=-8&srv=homesolarpowersolution.com&j=1%3A11.6&host=homesolarpowersolution.com&ref=&fcp=2742&rand=0.63599589542955
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&blog=205419254&post=6428&tz=-8&srv=homesolarpowersolution.com&j=1%3A11.6&host=homesolarpowersolution.com&ref=&fcp=2742&rand=0.63599589542955
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&blog=205419254&post=6428&tz=-8&srv=homesolarpowersolution.com&j=1%3A11.6&host=homesolarpowersolution.com&ref=&fcp=2742&rand=0.63599589542955 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 20:27:10 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
homesolarpowersolution.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?20
162.213.253.54200 OK 29 kB URL HTTP/2 homesolarpowersolution.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?20
IP 162.213.253.54:0
File type Web Open Font Format, TrueType, length 28732, version 0.0\012- data
Hash 2192d5f834e8b672a73d67cad66e79f6
ddf3eb377defc2ca0a2a09d3f41da2d006303e13
c70da34747fb31860fa118ff5d6736f81661838a0f50f077aa29d63ad7b00e4a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Newspaper/images/icons/newspaper.woff?20 HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://homesolarpowersolution.com/wp-content/themes/Newspaper/style.css?ver=11.4.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:10 GMT
content-type: font/woff
last-modified: Tue, 12 Apr 2022 15:48:35 GMT
accept-ranges: bytes
content-length: 28732
date: Fri, 09 Dec 2022 20:27:10 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8c8bbc37fb6204d86b8ffaea110feb3e
724c135c50f498fa7c41b27b659ea412fc9f2746
e1c6f456040e268ade591ad73bcba29e41b6920f419b45a68febdcdcec465e4f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E1C6F456040E268ADE591AD73BCBA29E41B6920F419B45A68FEBDCDCEC465E4F"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16853
Expires: Sat, 10 Dec 2022 01:08:03 GMT
Date: Fri, 09 Dec 2022 20:27:10 GMT
Connection: keep-alive
homesolarpowersolution.com/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.ttf
162.213.253.54200 OK 130 kB URL HTTP/2 homesolarpowersolution.com/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.ttf
IP 162.213.253.54:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Size 130 kB (129596 bytes)
Hash d298563afb36ab47c7ad74da6eb85ae7
a1b856e0f086653b9e602c9d619e5b4394caf0ec
95c06a3e6c28a512b08155b23f867f4699ce33d79ef8ef7a229ee6a33a6c83f6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.ttf HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.css?ver=bcb4f14ba9142ca1fd172c7d9de6043b
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:10 GMT
content-type: font/ttf
last-modified: Tue, 12 Apr 2022 15:48:40 GMT
accept-ranges: bytes
content-length: 129596
date: Fri, 09 Dec 2022 20:27:10 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
news.weatherplllatform.com/counters.js?v=11.23
89.22.228.250200 OK 1.5 kB URL HTTP/1.1 news.weatherplllatform.com/counters.js?v=11.23
IP 89.22.228.250:0
File type ASCII text, with very long lines (4140), with no line terminators
Hash 8ecb46e68d7ee2b249a6f0bd4ecabc88
e0d5a9f07ca629f4c4ac7154095bd419826ed245
16f62d801d81aa35dcebf8da2b88904663904c38d6ae8830be4f5db1d66bd22f
GET /counters.js?v=11.23 HTTP/1.1
Host: news.weatherplllatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 20:27:10 GMT
Content-Type: application/javascript
Last-Modified: Fri, 25 Nov 2022 04:49:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"63804953-102c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/?relatedposts=1
162.213.253.54200 OK 3.2 kB URL HTTP/2 homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/?relatedposts=1
IP 162.213.253.54:0
File type JSON data\012- , ASCII text, with very long lines (3176), with no line terminators
Hash 8738b3185b0f8a4cc75065f7b25fbb77
5568ce48a2e8b4590522d3f0c6013283903bea1e
8783f266602a639216f42d59ba6e738c63371fa2e7b1e8060111374f85f8c164
Analyzer Verdict Alert fortinet Malware
GET /native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/?relatedposts=1 HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-requested-with: XMLHttpRequest
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-pingback: https://homesolarpowersolution.com/xmlrpc.php
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
content-length: 3176
date: Fri, 09 Dec 2022 20:27:10 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2f943b056f66bfee7e2bffd74467a139
9dbc5296ffb9e4f405d3eadfb9e5fe74f7a49fff
7f5bfb7d4dd9dfb0a73b8c29966c5c3b8459b9853e3e660244840bea1ef6d59d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7F5BFB7D4DD9DFB0A73B8C29966C5C3B8459B9853E3E660244840BEA1EF6D59D"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19763
Expires: Sat, 10 Dec 2022 01:56:33 GMT
Date: Fri, 09 Dec 2022 20:27:10 GMT
Connection: keep-alive
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 09 Dec 2022 18:41:08 GMT
expires: Fri, 09 Dec 2022 20:41:08 GMT
cache-control: public, max-age=7200
age: 6362
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 20:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6779411575421693&host=ca-host-pub-2644536267352236
142.250.74.98200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6779411575421693&host=ca-host-pub-2644536267352236
IP 142.250.74.98:0
File type ASCII text, with very long lines (4885)
Hash 3d39aa2b99052259c6034601b0240b22
196de02f8f3fdc4f4bdc69e8461e62f21f19b706
cee8cc38e30b161d38ead6c2ed0d7e8a067971eb4ac5c38aef75b82238de6030
GET /pagead/js/adsbygoogle.js?client=ca-pub-6779411575421693&host=ca-host-pub-2644536267352236 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://homesolarpowersolution.com
Connection: keep-alive
Referer: https://homesolarpowersolution.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 09 Dec 2022 20:27:11 GMT
expires: Fri, 09 Dec 2022 20:27:11 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 15369050683344819513
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49239
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 20:27:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.interestmoments.com/scripts/trimpc.js
193.169.194.63200 OK 2.2 kB URL HTTP/1.1 js.interestmoments.com/scripts/trimpc.js
IP 193.169.194.63:0
ASN #50321 FOP Reznichenko Sergey Mykolayovich
File type ASCII text, with very long lines (6273), with no line terminators
Hash bd5f69c2542e83fddf47867c10bccc0a
746fb3432ba9279a97b8a9a32695aafac1504ad7
a8d57ffe103fc0d3d7bc988916ee4315fca1d1be8de43f9d62981450a44ea10f
Analyzer Verdict Alert fortinet Malware
GET /scripts/trimpc.js HTTP/1.1
Host: js.interestmoments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 20:27:11 GMT
Content-Type: application/javascript
Last-Modified: Fri, 09 Dec 2022 11:25:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63931b0c-1881"
Expires: Mon, 19 Dec 2022 20:27:11 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
homesolarpowersolution.com/wp-content/uploads/2022/04/cropped-cropped-favicon-removebg-preview-32x32.png
162.213.253.54200 OK 1.4 kB URL HTTP/2 homesolarpowersolution.com/wp-content/uploads/2022/04/cropped-cropped-favicon-removebg-preview-32x32.png
IP 162.213.253.54:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 944d082fa4d1a15c1013dd578da1df35
f94cd435d65437ae79209a41b859ca0c5637d685
1727a379e43cbf3bd305c2893bbb6d4d25cc98630b6a893bee111c73da688ce6
GET /wp-content/uploads/2022/04/cropped-cropped-favicon-removebg-preview-32x32.png HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Cookie: _ga_2RY07WLCCC=GS1.1.1670617629.1.0.1670617629.0.0.0; _ga=GA1.1.1204031919.1670617630
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:11 GMT
content-type: image/png
last-modified: Tue, 12 Apr 2022 21:17:17 GMT
accept-ranges: bytes
content-length: 1374
date: Fri, 09 Dec 2022 20:27:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
homesolarpowersolution.com/wp-content/uploads/2022/04/cropped-cropped-favicon-removebg-preview-192x192.png
162.213.253.54200 OK 15 kB URL HTTP/2 homesolarpowersolution.com/wp-content/uploads/2022/04/cropped-cropped-favicon-removebg-preview-192x192.png
IP 162.213.253.54:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash d00ab43e2965807c60cb0139d7592a7d
23fdf1761e99e4fd1006cf15a12a7de68419bc54
d936860edd4117b8e95d2a16183c8911930e083270c1cab4513b6d2e225eb25d
GET /wp-content/uploads/2022/04/cropped-cropped-favicon-removebg-preview-192x192.png HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
Cookie: _ga_2RY07WLCCC=GS1.1.1670617629.1.0.1670617629.0.0.0; _ga=GA1.1.1204031919.1670617630
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 20:27:11 GMT
content-type: image/png
last-modified: Tue, 12 Apr 2022 21:17:17 GMT
accept-ranges: bytes
content-length: 14652
date: Fri, 09 Dec 2022 20:27:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-2RY07WLCCC>m=2oebu0&_p=994087879&gdid=dZTNiMT&cid=1204031919.1670617630&ul=en-us&sr=1280x1024&_s=1&sid=1670617629&sct=1&seg=0&dl=https%3A%2F%2Fhomesolarpowersolution.com%2Fnative-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette%2F&dt=Native%20Information%3A%20Proposed%20solar%20farm%20honors%20Sen.%20George%20Norris%20(12%2F1%2F22)%20-%20McCook%20Each%20day%20Gazette%20-%20Home%20Solar%20Power%20Solution&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-2RY07WLCCC>m=2oebu0&_p=994087879&gdid=dZTNiMT&cid=1204031919.1670617630&ul=en-us&sr=1280x1024&_s=1&sid=1670617629&sct=1&seg=0&dl=https%3A%2F%2Fhomesolarpowersolution.com%2Fnative-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette%2F&dt=Native%20Information%3A%20Proposed%20solar%20farm%20honors%20Sen.%20George%20Norris%20(12%2F1%2F22)%20-%20McCook%20Each%20day%20Gazette%20-%20Home%20Solar%20Power%20Solution&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-2RY07WLCCC>m=2oebu0&_p=994087879&gdid=dZTNiMT&cid=1204031919.1670617630&ul=en-us&sr=1280x1024&_s=1&sid=1670617629&sct=1&seg=0&dl=https%3A%2F%2Fhomesolarpowersolution.com%2Fnative-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette%2F&dt=Native%20Information%3A%20Proposed%20solar%20farm%20honors%20Sen.%20George%20Norris%20(12%2F1%2F22)%20-%20McCook%20Each%20day%20Gazette%20-%20Home%20Solar%20Power%20Solution&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://homesolarpowersolution.com
Connection: keep-alive
Referer: https://homesolarpowersolution.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://homesolarpowersolution.com
date: Fri, 09 Dec 2022 20:27:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4c016f47c9f5f4d879a4d01089fee585
6f9b5b2fe48c9769401ea5367d33cb51f57ea7e6
6f7dd84273e1ffb40ce8a97996038af95d949a2cfe6031feb866cb9d73fc54db
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6F7DD84273E1FFB40CE8A97996038AF95D949A2CFE6031FEB866CB9D73FC54DB"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20300
Expires: Sat, 10 Dec 2022 02:05:31 GMT
Date: Fri, 09 Dec 2022 20:27:11 GMT
Connection: keep-alive
long.interestmoments.com/go/fl-way.php?id=8568-11-4563432&pid=098
193.169.194.63302 Found 0 B URL HTTP/1.1 long.interestmoments.com/go/fl-way.php?id=8568-11-4563432&pid=098
IP 193.169.194.63:0
ASN #50321 FOP Reznichenko Sergey Mykolayovich
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/fl-way.php?id=8568-11-4563432&pid=098 HTTP/1.1
Host: long.interestmoments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 09 Dec 2022 20:27:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://long.interestmoments.com/go/fl-way.php?id=16477-22-569654345&pid=235&jid=473
Access-Control-Allow-Origin: *
long.interestmoments.com/go/fl-way.php?id=16477-22-569654345&pid=235&jid=473
193.169.194.63200 OK 440 B URL HTTP/1.1 long.interestmoments.com/go/fl-way.php?id=16477-22-569654345&pid=235&jid=473
IP 193.169.194.63:0
ASN #50321 FOP Reznichenko Sergey Mykolayovich
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash f5450b641683c45579121dc41689ccbb
6c07388ab822f19b46035df6e96afef93ecb97a9
286a779d2607338d9d7d9799a1f320187d58d497969f16150ac9bf57f9396c68
GET /go/fl-way.php?id=16477-22-569654345&pid=235&jid=473 HTTP/1.1
Host: long.interestmoments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://homesolarpowersolution.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 20:27:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2389558762c61ac49b8665c0f00642e8
fe87ee8c78f79b841f3dbfac1b79624bb133e2e8
a8792e17cbb2a055df67c5979f19e9cca003a8653f619b2677d7b85a475e4aa1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8792E17CBB2A055DF67C5979F19E9CCA003A8653F619B2677D7B85A475E4AA1"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17340
Expires: Sat, 10 Dec 2022 01:16:12 GMT
Date: Fri, 09 Dec 2022 20:27:12 GMT
Connection: keep-alive
latest-557011.funuzai.ru/click?node=448&winPrice=0.485&winCurrency=USD&id=1670617620000-2152
206.54.181.250200 OK 422 B URL HTTP/1.1 latest-557011.funuzai.ru/click?node=448&winPrice=0.485&winCurrency=USD&id=1670617620000-2152
IP 206.54.181.250:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 6c833434fb22e4a5f475f9d7f2d80f0c
d5f92b397d15846cd8735744d2c4e3dea6cbe8ee
3833138ce331dfef883607410d4967801ebe62215f290be18dfb8944143eda68
GET /click?node=448&winPrice=0.485&winCurrency=USD&id=1670617620000-2152 HTTP/1.1
Host: latest-557011.funuzai.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: -1
set-cookie: clickId_557011=1670617620000-15; path=/; samesite=none; secure; httponly
date: Fri, 09 Dec 2022 20:27:12 GMT
connection: close
transfer-encoding: chunked
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 642976730cff7369032b06f53c00690c
392b74f377352126021ee0f83cb9ed167cadb948
f8ec5a905d139dbf5476ef92b727b6b3f9391e9a1e3fd89da8de8d11e5f51451
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F8EC5A905D139DBF5476EF92B727B6B3F9391E9A1E3FD89DA8DE8D11E5F51451"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=702
Expires: Fri, 09 Dec 2022 20:38:54 GMT
Date: Fri, 09 Dec 2022 20:27:12 GMT
Connection: keep-alive
thirawogla.com/b/3AVh0.Pl3NpuvDbUmhVRJLZxDk0d0WNDTacW5GN/DVM/yuLFTUQY1vN/znkx0DM-zeMl
88.85.94.246200 OK 1.4 kB URL HTTP/2 thirawogla.com/b/3AVh0.Pl3NpuvDbUmhVRJLZxDk0d0WNDTacW5GN/DVM/yuLFTUQY1vN/znkx0DM-zeMl
IP 88.85.94.246:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (357)
Hash 732ffe1067b687ade89bb17a9463ab1d
ee7b3cb590b0e4bc899f178f99b5db9d7bddb48c
8599c80c69bb11a0c384bf57698697f7c8bcf6660cb2e93c74c7ceba8f27a8cc
GET /b/3AVh0.Pl3NpuvDbUmhVRJLZxDk0d0WNDTacW5GN/DVM/yuLFTUQY1vN/znkx0DM-zeMl HTTP/1.1
Host: thirawogla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://long.interestmoments.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 20:27:12 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
referrer-policy: no-referrer
p3p: CP="CUR ADM OUR NOR STA NID"
last-modified: Fri, 09 Dec 2022 20:27:12 GMT
x-frame-options: DENY
set-cookie: kadCCap=215297:1:1670576419;219484:1:1667715065;222513:1:1670219541;219652:1:1669330335;199455:1:1668245056;222582:1:1669973958;221352:1:1670163762;223255:1:1670393482;218693:1:1669515516;132751:1:1669884292;220790:1:1668460505;220335:1:1670435916;218665:1:1670219511;79610:1:1669272875;221398:1:1670525489;222775:1:1670485741;194136:1:1669413157;219047:1:1667194435;212269:1:1667199062; max-age=1702153632; path=/
kadACap=445735:1:1669286676;272913:1:1670219562;419303:1:1670595134;419323:1:1669947125;419295:1:1670440857;424441:1:1670396486;446013:1:1668228435;446531:1:1669270846;407100:1:1668246232;419301:1:1670560919;453831:1:1670506915;346329:1:1670226206;419291:1:1670459724;419293:1:1669526430;445499:1:1670164226;445506:1:1669286676;444748:1:1669841678;451724:1:1669565807;445788:1:1669918420;419321:1:1670561943;190964:1:1669272875;446714:1:1669965428;458045:1:1670528140;449523:1:1670210030;450649:1:1670060949;346327:2:1670576416;401659:1:1670416416;451139:1:1669898733;419299:1:1669735589;419297:1:1670425925;442019:1:1670498208;383700:1:1670617632;410252:1:1670471005;458041:1:1670526590; max-age=1702153632; path=/
kadCSCap=215297:1:1670576419; path=/
kadASCap=419321:1:1670561943;346327:2:1670576416;419303:1:1670595134;419301:1:1670560919;383700:1:1670617632; path=/
kadRPixJ=bnVsbA==; max-age=1702153632; path=/
kadUnP3=CAkQl/nKnAYaDQjVv5kBEAEYoPLLnAYaDQiatZYCEAEYo/LLnAYaDQjowJcCEAMYnKvOnAYaDQiqt5gCEAEYvoTNnAYiCggDEAcYoPLLnAYqDAiDvRIQARig8sucBioMCPb0JxABGL6EzZwGKgwI6IgoEAEYo/LLnAYqDAjzmigQAxicq86cBg==; max-age=1702153632; path=/
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7ae3c6430f243364966d349de5ef6c6b
1a2de2eccb7ddd8b958c8311a3b27ffed891daba
12e76a5f05c43c70acc9427cbdd9b6c6ec2a2791b7248b0e87393abbd3e4b325
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12E76A5F05C43C70ACC9427CBDD9B6C6EC2A2791B7248B0E87393ABBD3E4B325"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16309
Expires: Sat, 10 Dec 2022 00:59:02 GMT
Date: Fri, 09 Dec 2022 20:27:13 GMT
Connection: keep-alive
approved.website/favicon.ico
78.46.101.74404 Not Found 162 B URL HTTP/1.1 approved.website/favicon.ico
IP 78.46.101.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 70461da8b94c6ca5d2fda3260c5a8c3b
994bc667720c21257500e29038c1a5f61e25da1e
f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee
GET /favicon.ico HTTP/1.1
Host: approved.website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://approved.website/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 09 Dec 2022 20:27:12 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
schuster.marketing/t.php?u=aHR0cHM6Ly9jbGsudHJhZGVkb3VibGVyLmNvbS9jbGljaz9wPTMzMzI0NCZhPTMyNTI3MzYmdXRtX3NvdXJjZT10cmFkZWRvdWJsZXImdXRtX21lZGl1bT1hZmZpbGlhdGUmdXRtX2NhbXBhaWduPVREXzMzMzI0NF8wICZjbGlja3JlZj1URF8zMzMyNDRfMTY3MDYxNzYzMjgxOTg%3D&t=NDQ5MzAweHh4NDQ5MzAwLUUwSEhFRzRJSlY%3D&c=NO&tb=pu
78.46.101.118200 OK 622 B URL HTTP/1.1 schuster.marketing/t.php?u=aHR0cHM6Ly9jbGsudHJhZGVkb3VibGVyLmNvbS9jbGljaz9wPTMzMzI0NCZhPTMyNTI3MzYmdXRtX3NvdXJjZT10cmFkZWRvdWJsZXImdXRtX21lZGl1bT1hZmZpbGlhdGUmdXRtX2NhbXBhaWduPVREXzMzMzI0NF8wICZjbGlja3JlZj1URF8zMzMyNDRfMTY3MDYxNzYzMjgxOTg%3D&t=NDQ5MzAweHh4NDQ5MzAwLUUwSEhFRzRJSlY%3D&c=NO&tb=pu
IP 78.46.101.118:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (622), with no line terminators
Hash 88fd085b6aa5afe2a53f4aef6b0e8a53
11ced5e136aa4158fe418df9a530642a167b8ca4
e7967fb5bcd617a461edcc10f0c78cf496af445bd9f84adb99c2dd575a6fbdbc
GET /t.php?u=aHR0cHM6Ly9jbGsudHJhZGVkb3VibGVyLmNvbS9jbGljaz9wPTMzMzI0NCZhPTMyNTI3MzYmdXRtX3NvdXJjZT10cmFkZWRvdWJsZXImdXRtX21lZGl1bT1hZmZpbGlhdGUmdXRtX2NhbXBhaWduPVREXzMzMzI0NF8wICZjbGlja3JlZj1URF8zMzMyNDRfMTY3MDYxNzYzMjgxOTg%3D&t=NDQ5MzAweHh4NDQ5MzAwLUUwSEhFRzRJSlY%3D&c=NO&tb=pu HTTP/1.1
Host: schuster.marketing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://approved.website/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 20:27:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a5238d2ff9235737eccb3402ae038f4e
adc6821b88cabd37535914b4c31d3c7a0c0c2484
35d990140965690d067b5f294672509ebcfedf4a8d2d497b3163f06c9064d02f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35D990140965690D067B5F294672509EBCFEDF4A8D2D497B3163F06C9064D02F"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4099
Expires: Fri, 09 Dec 2022 21:35:32 GMT
Date: Fri, 09 Dec 2022 20:27:13 GMT
Connection: keep-alive
clk.tradedoubler.com/click?p=333244&a=3252736&utm_source=tradedoubler&utm_medium=affiliate&utm_campaign=TD_333244_0%20&clickref=TD_333244_16706176328198
35.186.231.97200 OK 1.1 kB URL HTTP/2 clk.tradedoubler.com/click?p=333244&a=3252736&utm_source=tradedoubler&utm_medium=affiliate&utm_campaign=TD_333244_0%20&clickref=TD_333244_16706176328198
IP 35.186.231.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (483)
Hash a82b650f7f9620c0dfee87690dd994c4
a0bec47f65f630f3a0359e8f02825d46d3c51c36
d5502710e5d21ad0582ce39aacbc9f5b42526b37fc40b20d089654fe3b665f86
GET /click?p=333244&a=3252736&utm_source=tradedoubler&utm_medium=affiliate&utm_campaign=TD_333244_0%20&clickref=TD_333244_16706176328198 HTTP/1.1
Host: clk.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schuster.marketing/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=ISO-8859-1
server: TXServerHttp
access-control-allow-origin: *
cache-control: private, max-age=0
pragma: no-cache
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy: origin
date: Fri, 09 Dec 2022 20:27:12 GMT
content-length: 1139
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a5238d2ff9235737eccb3402ae038f4e
adc6821b88cabd37535914b4c31d3c7a0c0c2484
35d990140965690d067b5f294672509ebcfedf4a8d2d497b3163f06c9064d02f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35D990140965690D067B5F294672509EBCFEDF4A8D2D497B3163F06C9064D02F"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4099
Expires: Fri, 09 Dec 2022 21:35:32 GMT
Date: Fri, 09 Dec 2022 20:27:13 GMT
Connection: keep-alive
vht.tradedoubler.com/fp/prefs.js
54.230.111.4200 OK 3.7 kB URL HTTP/1.1 vht.tradedoubler.com/fp/prefs.js
IP 54.230.111.4:0
File type ASCII text, with very long lines (764)
Hash 9042aeefa6b50fd89dafd065aee87148
0903b60da6faa7a16b30fe42a0974ae20c0e09bf
dcde81d721f2b5f9e932b434eff9f39b07ce0803a772c991296ddd4e9e8e0b30
GET /fp/prefs.js HTTP/1.1
Host: vht.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://clk.tradedoubler.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 3705
Connection: keep-alive
Date: Tue, 06 Dec 2022 01:52:16 GMT
Server: Apache
Strict-Transport-Security: max-age=15552000; includeSubDomains
Last-Modified: Mon, 15 Oct 2018 09:28:46 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CVdep0ZykRCKdv_rv6HpOSmJ8NWv1crL38SoPc6OXAtZfa6KUDBJHg==
Age: 326097
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
analytics.tradedoubler.com/
188.165.150.177200 OK 213 B URL HTTP/2 analytics.tradedoubler.com/
IP 188.165.150.177:0
Hash 71190bd3223b13ce1dcf2568550008e8
785d1521d98b6b8af771bca7968b38b4fbaacdf5
521779ccfd2ce63e1d4ab4566933c22e09470ab7bf8d4b4e2650b7561413c68f
POST / HTTP/1.1
Host: analytics.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://clk.tradedoubler.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 255
Origin: https://clk.tradedoubler.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 20:27:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-via-popn: primary
content-encoding: gzip
x-via-poph: replica1
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 80a15a39031a3995538cecde6de8375a
3a39aa16e5d8575e6b0732ea90016ce1755b8a19
533f36df916992d8697012558783ed92c3c61906752ed6c1d51fd3a3b8f54100
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "533F36DF916992D8697012558783ED92C3C61906752ED6C1D51FD3A3B8F54100"
Last-Modified: Wed, 07 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16279
Expires: Sat, 10 Dec 2022 00:58:32 GMT
Date: Fri, 09 Dec 2022 20:27:13 GMT
Connection: keep-alive
skinup.no/?333244_0%20=&333244_16706176328198=&tduid=296b155484fa839260313cee6c731b97
185.181.62.159301 Moved Permanently 0 B URL HTTP/2 skinup.no/?333244_0%20=&333244_16706176328198=&tduid=296b155484fa839260313cee6c731b97
IP 185.181.62.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?333244_0%20=&333244_16706176328198=&tduid=296b155484fa839260313cee6c731b97 HTTP/1.1
Host: skinup.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://clk.tradedoubler.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
x-dns-prefetch-control: on
x-frame-options: sameorigin
x-xss-protection: 1
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
permissions-policy: accelerometer=(self), autoplay=(self), camera=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self)
expires: Fri, 09 Dec 2022 21:27:14 GMT
cache-control: max-age=3600
x-redirect-by: AIOSEO Crawl Cleanup
location: https://skinup.no/
x-litespeed-cache: miss
content-length: 0
date: Fri, 09 Dec 2022 20:27:14 GMT
server: LiteSpeed
vary: User-Agent
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 80a15a39031a3995538cecde6de8375a
3a39aa16e5d8575e6b0732ea90016ce1755b8a19
533f36df916992d8697012558783ed92c3c61906752ed6c1d51fd3a3b8f54100
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "533F36DF916992D8697012558783ED92C3C61906752ED6C1D51FD3A3B8F54100"
Last-Modified: Wed, 07 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16278
Expires: Sat, 10 Dec 2022 00:58:32 GMT
Date: Fri, 09 Dec 2022 20:27:14 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 795ea63e33236b4d2e1f4553aa40c980
e1840a6df6312287ece747741b6007e0769e2d34
2d9bf70b8e5c9d0340c7cd126c65555d1a36b5146780299ba2412626f78de879
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 20:27:15 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 14:30:27 GMT
Expires: Fri, 16 Dec 2022 14:30:26 GMT
Etag: "e1840a6df6312287ece747741b6007e0769e2d34"
Cache-Control: max-age=582790,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77707afb7b95b527-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 795ea63e33236b4d2e1f4553aa40c980
e1840a6df6312287ece747741b6007e0769e2d34
2d9bf70b8e5c9d0340c7cd126c65555d1a36b5146780299ba2412626f78de879
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 20:27:15 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 14:30:27 GMT
Expires: Fri, 16 Dec 2022 14:30:26 GMT
Etag: "e1840a6df6312287ece747741b6007e0769e2d34"
Cache-Control: max-age=582790,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77707afb7f19b51e-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 795ea63e33236b4d2e1f4553aa40c980
e1840a6df6312287ece747741b6007e0769e2d34
2d9bf70b8e5c9d0340c7cd126c65555d1a36b5146780299ba2412626f78de879
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 20:27:15 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 14:30:27 GMT
Expires: Fri, 16 Dec 2022 14:30:26 GMT
Etag: "e1840a6df6312287ece747741b6007e0769e2d34"
Cache-Control: max-age=582790,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77707afb7f240b65-OSL
skinup.b-cdn.net/wp-content/uploads/sites/2/2022/09/koreansk-hudpleie-produkter-e1664097832728.png.webp
194.242.11.186200 OK 14 kB URL HTTP/2 skinup.b-cdn.net/wp-content/uploads/sites/2/2022/09/koreansk-hudpleie-produkter-e1664097832728.png.webp
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image\012- data
Hash 289f1562b7d7fd499c561882f29426e8
9f24c9eb7b92caf8a2b236c90549a9f65d90412d
4ae494db34f8ad0c7fd50b4251d2a3dd0bda8631261fa87d6404009dc3506023
GET /wp-content/uploads/sites/2/2022/09/koreansk-hudpleie-produkter-e1664097832728.png.webp HTTP/1.1
Host: skinup.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skinup.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 20:27:15 GMT
content-type: image/webp
content-length: 13902
server: BunnyCDN-NO1-830
cdn-pullzone: 947364
cdn-uid: 3a7565b8-8bb7-418c-ac34-c302258a09bf
cdn-requestcountrycode: NO
cache-control: public, max-age=31557600
etag: "364e-63301ebe-4ce73b27c02edd01;;;"
expires: Sun, 03 Dec 2023 14:42:25 GMT
last-modified: Sun, 25 Sep 2022 09:26:22 GMT
strict-transport-security: max-age=31536000
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 12/03/2022 08:42:25
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: d38f110dc8c3b9f999c20abc852b4a18
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
skinup.b-cdn.net/wp-content/uploads/sites/2/2022/09/cosrx-kbeauty-forsidebilde.png.webp
194.242.11.186200 OK 7.6 kB URL HTTP/2 skinup.b-cdn.net/wp-content/uploads/sites/2/2022/09/cosrx-kbeauty-forsidebilde.png.webp
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image\012- data
Hash e9b916305217489edc24a15c979ab91b
68d8ddbfba9b02fdf2b1ec53343927efb104fdcb
df996d68212ab7df41ade5310abd2e0da50f373b936175497af797813d6544c8
GET /wp-content/uploads/sites/2/2022/09/cosrx-kbeauty-forsidebilde.png.webp HTTP/1.1
Host: skinup.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skinup.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 20:27:15 GMT
content-type: image/webp
content-length: 7638
server: BunnyCDN-NO1-830
cdn-pullzone: 947364
cdn-uid: 3a7565b8-8bb7-418c-ac34-c302258a09bf
cdn-requestcountrycode: NO
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000
cache-control: public, max-age=31557600
etag: "1dd6-632eb74d-c8bf89ce93bbca83;;;"
expires: Sun, 03 Dec 2023 14:42:25 GMT
last-modified: Sat, 24 Sep 2022 07:52:45 GMT
strict-transport-security: max-age=31536000
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 12/03/2022 08:42:25
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: bfe4e96286ec0069383cb9f6f7e790d8
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
skinup.b-cdn.net/wp-content/uploads/sites/2/2022/09/Logo-SkinUp-Small.png.webp
194.242.11.186200 OK 1.7 kB URL HTTP/2 skinup.b-cdn.net/wp-content/uploads/sites/2/2022/09/Logo-SkinUp-Small.png.webp
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8a7342cc99bafed65594b50f93843ef4
e8816609d76b3c49e7788697eee2204bd1f49858
ce55d7e7ac827b89cb6ad90d807c309997ae92a2284a74d7caa010db461ae545
GET /wp-content/uploads/sites/2/2022/09/Logo-SkinUp-Small.png.webp HTTP/1.1
Host: skinup.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skinup.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 20:27:15 GMT
content-type: image/webp
content-length: 1676
server: BunnyCDN-NO1-830
cdn-pullzone: 947364
cdn-uid: 3a7565b8-8bb7-418c-ac34-c302258a09bf
cdn-requestcountrycode: NO
cache-control: public, max-age=31557600
etag: "68c-63271be7-ebbbb36f64e8e83f;;;"
expires: Sun, 03 Dec 2023 14:42:25 GMT
last-modified: Sun, 18 Sep 2022 13:23:51 GMT
strict-transport-security: max-age=31536000
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 12/03/2022 08:42:26
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 17b376067af58b2389c7b0bc183022c5
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
skinup.b-cdn.net/wp-content/fonts/roboto/KFOmCnqEu92Fr1Mu4mxMKTU1Kg.woff
194.242.11.186200 OK 14 kB URL HTTP/2 skinup.b-cdn.net/wp-content/fonts/roboto/KFOmCnqEu92Fr1Mu4mxMKTU1Kg.woff
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format, TrueType, length 14384, version 1.1\012- data
Hash c7ab406db23cf2d880297f07a0ae35d3
53c9df3243c24df8728a0dd5be3c9c82ab7a38af
a9fdbefae33b742c5c1379fabbfa02d3491a9095ef762d8e23f135b66eefd7c9
GET /wp-content/fonts/roboto/KFOmCnqEu92Fr1Mu4mxMKTU1Kg.woff HTTP/1.1
Host: skinup.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://skinup.no/
Origin: https://skinup.no
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 20:27:15 GMT
content-type: application/x-font-woff
content-length: 14384
server: BunnyCDN-NO1-830
cdn-pullzone: 947364
cdn-uid: 3a7565b8-8bb7-418c-ac34-c302258a09bf
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000
cache-control: public, max-age=31557600
etag: "3830-632ea129-b0193e742f8f07be;;;"
expires: Sat, 04 Nov 2023 21:41:43 GMT
last-modified: Sat, 24 Sep 2022 06:18:17 GMT
strict-transport-security: max-age=31536000
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/04/2022 15:41:43
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 4d5e230ea1ea3d4d253a167409e0b310
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
skinup.b-cdn.net/wp-content/fonts/roboto/KFOlCnqEu92Fr1MmSU5fBBc-AMP6lQ.woff
194.242.11.186200 OK 15 kB URL HTTP/2 skinup.b-cdn.net/wp-content/fonts/roboto/KFOlCnqEu92Fr1MmSU5fBBc-AMP6lQ.woff
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format, TrueType, length 14588, version 1.1\012- data
Hash b19cb2c7238e93631490a2a0cf0c0ec1
9cdad71bed54e9aa5751adc0b462616f68e1b39d
ddb5c61d8187e4b5e415a1b5addbd9133504a1709bd6334b8f0f304fd47ea66a
GET /wp-content/fonts/roboto/KFOlCnqEu92Fr1MmSU5fBBc-AMP6lQ.woff HTTP/1.1
Host: skinup.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://skinup.no/
Origin: https://skinup.no
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 20:27:15 GMT
content-type: application/x-font-woff
content-length: 14588
server: BunnyCDN-NO1-830
cdn-pullzone: 947364
cdn-uid: 3a7565b8-8bb7-418c-ac34-c302258a09bf
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000
cache-control: public, max-age=31557600
etag: "38fc-633be916-47a8d6da4146e4de;;;"
expires: Wed, 04 Oct 2023 14:21:06 GMT
last-modified: Tue, 04 Oct 2022 08:04:38 GMT
strict-transport-security: max-age=31536000
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/04/2022 08:21:06
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: ad80543e0fc2a7db51347fd8134f600d
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
skinup.b-cdn.net/wp-content/uploads/sites/2/2022/09/cropped-logo-favicon-512x512-1-192x192.png
194.242.11.186200 OK 6.4 kB URL HTTP/2 skinup.b-cdn.net/wp-content/uploads/sites/2/2022/09/cropped-logo-favicon-512x512-1-192x192.png
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 37eba2f51f19c7b8128c170dca9ded41
732c4ffdaacd4439b9459c2ceeb6c9191a385c5d
589805ecad6fa31760cc02db99e48481a9a342e64f9110386fb036edd10234aa
GET /wp-content/uploads/sites/2/2022/09/cropped-logo-favicon-512x512-1-192x192.png HTTP/1.1
Host: skinup.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skinup.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 20:27:15 GMT
content-type: image/png
content-length: 6386
server: BunnyCDN-NO1-830
cdn-pullzone: 947364
cdn-uid: 3a7565b8-8bb7-418c-ac34-c302258a09bf
cdn-requestcountrycode: NO
cache-control: public, max-age=31557600
etag: "18f2-632ea1fe-5b2bc8c8a369a65a;;;"
expires: Mon, 25 Sep 2023 15:48:17 GMT
last-modified: Sat, 24 Sep 2022 06:21:50 GMT
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/25/2022 09:48:17
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: a1774e50a30b4f344fd995e660e98bcd
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 795ea63e33236b4d2e1f4553aa40c980
e1840a6df6312287ece747741b6007e0769e2d34
2d9bf70b8e5c9d0340c7cd126c65555d1a36b5146780299ba2412626f78de879
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 20:27:15 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 14:30:27 GMT
Expires: Fri, 16 Dec 2022 14:30:26 GMT
Etag: "e1840a6df6312287ece747741b6007e0769e2d34"
Cache-Control: max-age=582790,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77707afb79f21c12-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 795ea63e33236b4d2e1f4553aa40c980
e1840a6df6312287ece747741b6007e0769e2d34
2d9bf70b8e5c9d0340c7cd126c65555d1a36b5146780299ba2412626f78de879
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 20:27:15 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 14:30:27 GMT
Expires: Fri, 16 Dec 2022 14:30:26 GMT
Etag: "e1840a6df6312287ece747741b6007e0769e2d34"
Cache-Control: max-age=582790,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77707afb8f3ab4fa-OSL
cdn.matomo.cloud/skinup.matomo.cloud/matomo.js
54.230.111.91200 OK 48 kB URL HTTP/2 cdn.matomo.cloud/skinup.matomo.cloud/matomo.js
IP 54.230.111.91:0
Hash 26b3b96b9d6246220667482bb6387f25
141b66ded7f3bd50fccfced6f35d60ad4cdc0602
ff47def6086c5c2a60670cf33465339832f29304e7e130f0c140ae5c45955af9
GET /skinup.matomo.cloud/matomo.js HTTP/1.1
Host: cdn.matomo.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skinup.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 09 Dec 2022 06:21:52 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 29 Nov 2022 11:52:10 GMT
etag: W/"df630c016b0a1d6d650d8d6a411f9d56"
x-amz-server-side-encryption: AES256
cache-control: max-age=691200
x-amz-version-id: JAckvSijUezUDM3cTL4CAyToXatjoZvE
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8-5MiQ51ReNN1AnHeGrVYD_OHa10uN1GmENvhKb_lD36HI2kPf9jhQ==
age: 50723
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 0d51f04ee3fcf28677891117bb19e7a4
ac9c8e3c24e3d2c9a5cddea0c6d6cc3f033b21e6
5b5eb6d5d7fccddc555d377292884eef66ffa5e6f24fd14cc170942a24931c16
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=162364
Date: Fri, 09 Dec 2022 20:27:15 GMT
Etag: "639358f9-1d7"
Expires: Sun, 11 Dec 2022 17:33:19 GMT
Last-Modified: Fri, 09 Dec 2022 15:49:13 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: M5rlnXS6JEWt_SDt4ncgOXyNc9dFbUPaHSbii41dsV1AU_lEqXKtOw==
Age: 6246
skinup.b-cdn.net/wp-content/uploads/sites/2/2018/11/cosrx-acne-pimple-master-patch-300x265.jpg.webp
194.242.11.186200 OK 3.4 kB URL HTTP/2 skinup.b-cdn.net/wp-content/uploads/sites/2/2018/11/cosrx-acne-pimple-master-patch-300x265.jpg.webp
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x265, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a35a8a3308ab4bc43ded65a0258d85b8
33f3263f5ec9a6fdabc80dfe6803fe1443127ef2
e88ce9de082ca2445c4d67a89c084b6b86931ca9aa4db8a93499ee5e829c1c18
GET /wp-content/uploads/sites/2/2018/11/cosrx-acne-pimple-master-patch-300x265.jpg.webp HTTP/1.1
Host: skinup.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skinup.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 20:27:15 GMT
content-type: image/webp
content-length: 3414
server: BunnyCDN-NO1-830
cdn-pullzone: 947364
cdn-uid: 3a7565b8-8bb7-418c-ac34-c302258a09bf
cdn-requestcountrycode: NO
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000
cache-control: public, max-age=31557600
etag: "d56-634512e4-b1b0225bf88e92df;;;"
expires: Thu, 07 Dec 2023 00:59:05 GMT
last-modified: Tue, 11 Oct 2022 06:53:24 GMT
strict-transport-security: max-age=31536000
edit: Set-Cookie (.*) "$1;SameSite=None; Secure"
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: all
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 12/06/2022 18:59:05
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: f0ff311fc291b84831b905c4260a60f1
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
skinup.b-cdn.net/wp-content/uploads/sites/2/2019/07/Sneglesekret--Hudpleiesett-300x265.webp
194.242.11.186200 OK 6.1 kB URL HTTP/2 skinup.b-cdn.net/wp-content/uploads/sites/2/2019/07/Sneglesekret--Hudpleiesett-300x265.webp
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x265, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fe31e837f967d00f5f7d806fa014836b
c672fbc77f95bf301cac601aac9881177103a945
7b0add0f727939c476c23a7a6552886a9b5cb40dcb942c3748d232fa1f1c4acb
GET /wp-content/uploads/sites/2/2019/07/Sneglesekret--Hudpleiesett-300x265.webp HTTP/1.1
Host: skinup.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skinup.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 20:27:15 GMT
content-type: image/webp
content-length: 6118
server: BunnyCDN-NO1-830
cdn-pullzone: 947364
cdn-uid: 3a7565b8-8bb7-418c-ac34-c302258a09bf
cdn-requestcountrycode: NO
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000
cache-control: public, max-age=31557600
etag: "17e6-634bc117-fa158453076cd869;;;"
expires: Sun, 03 Dec 2023 17:39:57 GMT
last-modified: Sun, 16 Oct 2022 08:30:15 GMT
strict-transport-security: max-age=31536000
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 12/03/2022 11:39:57
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: d2e6220ca95a10073a29467e2b72e43b
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
skinup.b-cdn.net/wp-content/uploads/sites/2/2022/09/products-Glod_-_kit-300x265.png
194.242.11.186200 OK 35 kB URL HTTP/2 skinup.b-cdn.net/wp-content/uploads/sites/2/2022/09/products-Glod_-_kit-300x265.png
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type PNG image data, 300 x 265, 8-bit/color RGB, non-interlaced\012- data
Hash 9dab822be10d5ca466814307b13b65a5
a5a47dae21ccae9532445ff2c5d8d1aa2ba6f063
162f7150f1de6c41dce17dff730912963de515890d808eadb3bf95b8ce0197ea
GET /wp-content/uploads/sites/2/2022/09/products-Glod_-_kit-300x265.png HTTP/1.1
Host: skinup.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skinup.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 20:27:15 GMT
content-type: image/png
content-length: 34918
server: BunnyCDN-NO1-830
cdn-pullzone: 947364
cdn-uid: 3a7565b8-8bb7-418c-ac34-c302258a09bf
cdn-requestcountrycode: NO
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000
cache-control: public, max-age=31557600
etag: "8866-632ee530-106c966bf3bf48d5;;;"
expires: Sun, 03 Dec 2023 15:18:13 GMT
last-modified: Sat, 24 Sep 2022 11:08:32 GMT
strict-transport-security: max-age=31536000
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 12/03/2022 09:18:13
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: d8444e609e65c569c2abadbc40f386dc
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
skinup.b-cdn.net/wp-content/uploads/sites/2/2022/09/products-Briskin_-_Sheet_mask_pakke_240ff9e2-3fb1-4242-ac7f-9bb1e1f3d3bc-300x265.png
194.242.11.186200 OK 28 kB URL HTTP/2 skinup.b-cdn.net/wp-content/uploads/sites/2/2022/09/products-Briskin_-_Sheet_mask_pakke_240ff9e2-3fb1-4242-ac7f-9bb1e1f3d3bc-300x265.png
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type PNG image data, 300 x 265, 8-bit/color RGB, non-interlaced\012- data
Hash 272452ddc85b063b64d3e2d781213948
3aaa16c0eedb567529c0a877d800395d7f0671ac
4797f3efa711e902972edf54246288286569ec8883d8e5c6054e3a8f97fba500
GET /wp-content/uploads/sites/2/2022/09/products-Briskin_-_Sheet_mask_pakke_240ff9e2-3fb1-4242-ac7f-9bb1e1f3d3bc-300x265.png HTTP/1.1
Host: skinup.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skinup.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 20:27:15 GMT
content-type: image/png
content-length: 28040
server: BunnyCDN-NO1-830
cdn-pullzone: 947364
cdn-uid: 3a7565b8-8bb7-418c-ac34-c302258a09bf
cdn-requestcountrycode: NO
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000
cache-control: public, max-age=31557600
etag: "6d88-632eb7a3-2511703c34f9a5f0;;;"
expires: Sun, 03 Dec 2023 15:18:07 GMT
last-modified: Sat, 24 Sep 2022 07:54:11 GMT
strict-transport-security: max-age=31536000
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 12/03/2022 09:18:08
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 31b6464b2359a8983fa16b0ff95f1c1a
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
beacon-v2.helpscout.net/
143.204.55.119200 OK 325 B IP 143.204.55.119:0
File type ASCII text, with very long lines (458), with no line terminators
Hash 31c65f22b125646ad62fdfd278a1638c
9917cf43ea0420bbf6e6ae0667998a9ced995cad
65525051286b153e7d581cd77a8dc436fe0520f80084b9c4c1379462327b9331
GET / HTTP/1.1
Host: beacon-v2.helpscout.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skinup.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 325
last-modified: Fri, 09 Dec 2022 12:13:04 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Dec 2022 20:26:30 GMT
cache-control: max-age=120, s-maxage=120, public
etag: "31c65f22b125646ad62fdfd278a1638c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ambEgZQ4HJWZURTbFnoKnflFlYtH5Eam3QmaYYwH_cv2isHnijwuMg==
age: 46
X-Firefox-Spdy: h2
skinup.b-cdn.net/wp-content/uploads/sites/2/2020/11/AHA-BHA-PHA-30-Days-Miracle-Starter-Kit-300x265.jpg
194.242.11.186200 OK 12 kB URL HTTP/2 skinup.b-cdn.net/wp-content/uploads/sites/2/2020/11/AHA-BHA-PHA-30-Days-Miracle-Starter-Kit-300x265.jpg
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x265, components 3\012- data
Hash 4a547d7e42e0a2ab7872c5843b3bd419
66a684c48f07f3cb89405c1370161bfd7340b64b
059e75f20d881bb3b97b4a71d86024b1bed5cfc9cc932021d3df279e4230e00a
GET /wp-content/uploads/sites/2/2020/11/AHA-BHA-PHA-30-Days-Miracle-Starter-Kit-300x265.jpg HTTP/1.1
Host: skinup.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skinup.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 20:27:15 GMT
content-type: image/jpeg
content-length: 11900
server: BunnyCDN-NO1-830
cdn-pullzone: 947364
cdn-uid: 3a7565b8-8bb7-418c-ac34-c302258a09bf
cdn-requestcountrycode: NO
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000
cache-control: public, max-age=31557600
etag: "2e7c-638b3954-acf84cc8d82890ae;;;"
expires: Sun, 03 Dec 2023 18:16:14 GMT
last-modified: Sat, 03 Dec 2022 11:56:04 GMT
strict-transport-security: max-age=31536000
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 12/03/2022 12:16:14
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 2ca07ac36c9cdb26dfb31fa7492e877b
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
skinup.b-cdn.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
194.242.11.186200 OK 55 kB URL HTTP/2 skinup.b-cdn.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (65447)
Hash 3440af5e275c2bb743047585b4347d5b
324e2df6fc352bd1dba32ab26e655e906f31289e
2519093cdbe3acce1e9ffa25b9690db7f0177893e903b9a1c1b9365601061f4c
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: skinup.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skinup.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 20:27:15 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 947364
cdn-uid: 3a7565b8-8bb7-418c-ac34-c302258a09bf
cdn-requestcountrycode: NO
vary: Accept-Encoding
cache-control: public, max-age=31557600
content-encoding: br
etag: "15db1-60f706dd-6abc6376576aec93;br"
expires: Mon, 25 Sep 2023 15:18:47 GMT
last-modified: Tue, 20 Jul 2021 17:24:45 GMT
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/25/2022 09:18:47
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: dac177eead12f4ee547a256920400d0d
cdn-cache: HIT
X-Firefox-Spdy: h2
skinup.b-cdn.net/wp-content/uploads/sites/2/2021/02/dobbeltrens-akne-300x265.jpg
194.242.11.186200 OK 8.8 kB URL HTTP/2 skinup.b-cdn.net/wp-content/uploads/sites/2/2021/02/dobbeltrens-akne-300x265.jpg
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x265, components 3\012- data
Hash 26e22c9c48586f83ab0387d965675356
a921b08def829bad16945920b8f0a7f6b70648c8
93b23c2410c6fa399ed613ab34c5e903b8e5b053d87f53de79ba5d7b4ab60f66
GET /wp-content/uploads/sites/2/2021/02/dobbeltrens-akne-300x265.jpg HTTP/1.1
Host: skinup.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skinup.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 20:27:15 GMT
content-type: image/jpeg
content-length: 8845
server: BunnyCDN-NO1-830
cdn-pullzone: 947364
cdn-uid: 3a7565b8-8bb7-418c-ac34-c302258a09bf
cdn-requestcountrycode: NO
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000
cache-control: public, max-age=31557600
etag: "228d-638b2f5f-b706dc094544827f;;;"
expires: Sun, 03 Dec 2023 17:39:22 GMT
last-modified: Sat, 03 Dec 2022 11:13:35 GMT
strict-transport-security: max-age=31536000
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 12/03/2022 11:39:22
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 80dc3518fa79c6426f8f4bb89ad9149d
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
skinup.b-cdn.net/wp-content/uploads/sites/2/2022/09/products-image_0fa3c4c6-3800-4d73-a8a5-e59b1b8f30af-300x265.png
194.242.11.186200 OK 44 kB URL HTTP/2 skinup.b-cdn.net/wp-content/uploads/sites/2/2022/09/products-image_0fa3c4c6-3800-4d73-a8a5-e59b1b8f30af-300x265.png
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type PNG image data, 300 x 265, 8-bit/color RGB, non-interlaced\012- data
Hash 9d8354ede131f0baf376289386544983
b6029f24a57b106662f26638dd4ed91b55ea0d46
26bbf5ab635d0ef7ee550ac276527086d31f2f3649bedabad8988d6f9b8845d2
GET /wp-content/uploads/sites/2/2022/09/products-image_0fa3c4c6-3800-4d73-a8a5-e59b1b8f30af-300x265.png HTTP/1.1
Host: skinup.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skinup.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 20:27:15 GMT
content-type: image/png
content-length: 44199
server: BunnyCDN-NO1-830
cdn-pullzone: 947364
cdn-uid: 3a7565b8-8bb7-418c-ac34-c302258a09bf
cdn-requestcountrycode: NO
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000
cache-control: public, max-age=31557600
etag: "aca7-632e9fc9-5bf825906cc7f37c;;;"
expires: Sun, 03 Dec 2023 12:29:58 GMT
last-modified: Sat, 24 Sep 2022 06:12:25 GMT
strict-transport-security: max-age=31536000
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 12/03/2022 06:29:58
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 6f9f489f9ac61ca9c360c2d15ac76e86
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
skinup.b-cdn.net/wp-content/uploads/sites/2/2022/11/Silkeslips-gavepakke-Silke-300x265.jpg
194.242.11.186200 OK 16 kB URL HTTP/2 skinup.b-cdn.net/wp-content/uploads/sites/2/2022/11/Silkeslips-gavepakke-Silke-300x265.jpg
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x265, components 3\012- data
Hash d72aab3905123c476e18332b38d8395f
fc9d2a12207b89bef117ff110b527167361baf30
c80fe91563dd3b301ceed9f8bb0dc1b8f651f2194e62b1ae36efa3f8249842ca
GET /wp-content/uploads/sites/2/2022/11/Silkeslips-gavepakke-Silke-300x265.jpg HTTP/1.1
Host: skinup.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skinup.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 20:27:15 GMT
content-type: image/jpeg
content-length: 16352
server: BunnyCDN-NO1-830
cdn-pullzone: 947364
cdn-uid: 3a7565b8-8bb7-418c-ac34-c302258a09bf
cdn-requestcountrycode: NO
cache-control: public, max-age=31557600
etag: "3fe0-63617094-5ee465576bd70ba8;;;"
expires: Sun, 03 Dec 2023 12:35:54 GMT
last-modified: Tue, 01 Nov 2022 19:16:36 GMT
strict-transport-security: max-age=31536000
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 12/03/2022 06:35:54
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 69639e54a49e4c8f8e6338da17a2a7c6
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
skinup.b-cdn.net/wp-content/uploads/sites/2/2022/11/kimono-silke-300x265.jpg
194.242.11.186200 OK 10 kB URL HTTP/2 skinup.b-cdn.net/wp-content/uploads/sites/2/2022/11/kimono-silke-300x265.jpg
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x265, components 3\012- data
Hash c20b9371bd9320ef4826273e0d0858dc
dfa8352a8d5878e5482f457e08dc9836c7950eb2
329a8f8eb1461dcfcf6094cbbf99b05142679d713179ea1cc3c12bab75a9552b
GET /wp-content/uploads/sites/2/2022/11/kimono-silke-300x265.jpg HTTP/1.1
Host: skinup.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skinup.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 20:27:15 GMT
content-type: image/jpeg
content-length: 10150
server: BunnyCDN-NO1-830
cdn-pullzone: 947364
cdn-uid: 3a7565b8-8bb7-418c-ac34-c302258a09bf
cdn-requestcountrycode: NO
cache-control: public, max-age=31557600
etag: "27a6-63615ff2-ce9d2512880ddce3;;;"
expires: Sun, 03 Dec 2023 15:25:25 GMT
last-modified: Tue, 01 Nov 2022 18:05:38 GMT
strict-transport-security: max-age=31536000
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 12/03/2022 09:25:25
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 96393680dc647c9c56ec5ef539967f97
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
beacon-v2.helpscout.net/static/js/vendor.ddc3f9c8.js
143.204.55.119200 OK 22 kB URL HTTP/2 beacon-v2.helpscout.net/static/js/vendor.ddc3f9c8.js
IP 143.204.55.119:0
File type ASCII text, with very long lines (64495), with no line terminators
Hash 4c71758a7a3b1975809a202503770fb0
1382704a13f28aa2587efe4a019ef0ba7c9be07b
925cfc228dff8aad3a5fbe4ec924715835df033a32ad06660d90d1abd243bcc9
GET /static/js/vendor.ddc3f9c8.js HTTP/1.1
Host: beacon-v2.helpscout.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skinup.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 22295
last-modified: Fri, 09 Dec 2022 12:13:04 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Dec 2022 20:06:17 GMT
cache-control: max-age=315360000, s-maxage=7200, public
etag: "4c71758a7a3b1975809a202503770fb0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: a3fIx96ibnbQmlvnRJL8y1JFG_Thcw4JyZE_Uftt-j9_35aimDuPCA==
age: 1259
X-Firefox-Spdy: h2
beacon-v2.helpscout.net/static/js/main.b94ad9d8.js
143.204.55.119200 OK 9.7 kB URL HTTP/2 beacon-v2.helpscout.net/static/js/main.b94ad9d8.js
IP 143.204.55.119:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (24954)
Hash 7d606f5fed059b89bafea306569ac18b
7edc305ab13f9f202d4176588f514f0b0e50569f
b78097e4432d5266888e92d839d46bf939016fbe3f6bbf3a2de152d24361e9ad
GET /static/js/main.b94ad9d8.js HTTP/1.1
Host: beacon-v2.helpscout.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skinup.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 9697
last-modified: Fri, 09 Dec 2022 12:13:04 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Dec 2022 20:06:17 GMT
cache-control: max-age=315360000, s-maxage=7200, public
etag: "7d606f5fed059b89bafea306569ac18b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fo8xmIa9mfoW8hRaRzVg_SVG7owip9y1XFTcjVYCrl5_RLYnIQcUZQ==
age: 1259
X-Firefox-Spdy: h2
skinup.matomo.cloud/matomo.php?action_name=Koreansk%20Hudpleie%20%7C%20Norsk%20nettbutikk%20-%20rask%20levering%20-%20SkinUp.no&idsite=2&rec=1&r=703728&h=20&m=27&s=14&url=https%3A%2F%2Fskinup.no%2F&urlref=https%3A%2F%2Fclk.tradedoubler.com%2F&_id=06f48ab6ac2e10fa&_idn=1&send_image=0&_refts=1670617635&_ref=https%3A%2F%2Fclk.tradedoubler.com%2F&cookie=1&res=1280x1024&pv_id=b94xuE&fa_pv=1&fa_fp[0][fa_vid]=McYXlF&fa_fp[0][fa_fv]=1&fa_fp[1][fa_vid]=geaiyb&fa_fp[1][fa_fv]=1&pf_net=0&pf_srv=943&pf_tfr=6&pf_dm1=138&uadata=%7B%7D
3.126.133.169204 No Content 0 B URL HTTP/2 skinup.matomo.cloud/matomo.php?action_name=Koreansk%20Hudpleie%20%7C%20Norsk%20nettbutikk%20-%20rask%20levering%20-%20SkinUp.no&idsite=2&rec=1&r=703728&h=20&m=27&s=14&url=https%3A%2F%2Fskinup.no%2F&urlref=https%3A%2F%2Fclk.tradedoubler.com%2F&_id=06f48ab6ac2e10fa&_idn=1&send_image=0&_refts=1670617635&_ref=https%3A%2F%2Fclk.tradedoubler.com%2F&cookie=1&res=1280x1024&pv_id=b94xuE&fa_pv=1&fa_fp[0][fa_vid]=McYXlF&fa_fp[0][fa_fv]=1&fa_fp[1][fa_vid]=geaiyb&fa_fp[1][fa_fv]=1&pf_net=0&pf_srv=943&pf_tfr=6&pf_dm1=138&uadata=%7B%7D
IP 3.126.133.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /matomo.php?action_name=Koreansk%20Hudpleie%20%7C%20Norsk%20nettbutikk%20-%20rask%20levering%20-%20SkinUp.no&idsite=2&rec=1&r=703728&h=20&m=27&s=14&url=https%3A%2F%2Fskinup.no%2F&urlref=https%3A%2F%2Fclk.tradedoubler.com%2F&_id=06f48ab6ac2e10fa&_idn=1&send_image=0&_refts=1670617635&_ref=https%3A%2F%2Fclk.tradedoubler.com%2F&cookie=1&res=1280x1024&pv_id=b94xuE&fa_pv=1&fa_fp[0][fa_vid]=McYXlF&fa_fp[0][fa_fv]=1&fa_fp[1][fa_vid]=geaiyb&fa_fp[1][fa_fv]=1&pf_net=0&pf_srv=943&pf_tfr=6&pf_dm1=138&uadata=%7B%7D HTTP/1.1
Host: skinup.matomo.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skinup.no/
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://skinup.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 09 Dec 2022 20:27:15 GMT
server: Apache
vary: Origin,X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent
access-control-allow-origin: https://skinup.no
access-control-allow-credentials: true
X-Firefox-Spdy: h2
skinup.b-cdn.net/wp-content/themes/shoptimizer/assets/css/main/main.min.css?ver=2.6.2
194.242.11.186200 OK 23 kB URL HTTP/2 skinup.b-cdn.net/wp-content/themes/shoptimizer/assets/css/main/main.min.css?ver=2.6.2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (65536), with no line terminators
Hash 80f3a18b1798fdf78ebe6e908934e1b4
4bad40647f352a45fcfb2e2a0ca58fa55e53de5f
cd131b746b7ad730f05fb9c663fc89dba0b6135bf87cb1f6e4fa7f92a5500040
GET /wp-content/themes/shoptimizer/assets/css/main/main.min.css?ver=2.6.2 HTTP/1.1
Host: skinup.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skinup.no/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 20:27:15 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 947364
cdn-uid: 3a7565b8-8bb7-418c-ac34-c302258a09bf
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31557600
content-encoding: br
etag: "1e672-631f8de7-9b2c616a16992853;br"
expires: Mon, 25 Sep 2023 15:18:47 GMT
last-modified: Mon, 12 Sep 2022 19:52:07 GMT
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/25/2022 09:18:47
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: b0e3b427b9f40a32e768e5fba49c9c16
cdn-cache: HIT
X-Firefox-Spdy: h2
d3hb14vkzrxvla.cloudfront.net/v1/5cb6fb86-7753-45d9-b0a9-ce2ce7658bb8
54.230.245.156200 OK 0 B URL HTTP/2 d3hb14vkzrxvla.cloudfront.net/v1/5cb6fb86-7753-45d9-b0a9-ce2ce7658bb8
IP 54.230.245.156:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/5cb6fb86-7753-45d9-b0a9-ce2ce7658bb8 HTTP/1.1
Host: d3hb14vkzrxvla.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: beacon-device-id,correlationid,helpscout-origin,helpscout-release
Referer: https://skinup.no/
Origin: https://skinup.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Fri, 09 Dec 2022 20:27:16 GMT
access-control-allow-origin: https://skinup.no
access-control-allow-methods: GET
access-control-allow-headers: beacon-device-id, correlationid, helpscout-origin, helpscout-release
access-control-allow-credentials: true
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
x-ratelimit-limit-conversations-hour: 10
x-ratelimit-remaining-conversations-hour: 10
x-ratelimit-limit-attachments-hour: 10
x-ratelimit-remaining-attachments-hour: 10
x-ratelimit-limit-chat-tokens-hour: 25
x-ratelimit-remaining-chat-tokens-hour: 25
x-ratelimit-limit-identify-hour: 25
x-ratelimit-remaining-identify-hour: 25
x-ratelimit-limit-general-minute: 60
x-ratelimit-remaining-general-minute: 60
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JShS4oJ33uleZRyxNX1TS1T_xbhYbydsA_G1Zmt5tsK1GeSgFidj1w==
X-Firefox-Spdy: h2
stats.wp.com/e-202249.js
192.0.76.3200 OK 0 B IP 192.0.76.3:0
GET /e-202249.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 20:27:09 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Sun, 26 Nov 2023 23:19:16 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
datar.tradedoubler.com/d.php?merchant_id=333244&url=https%3A%2F%2Fskinup.no%2F&o=json
188.165.150.178200 OK 0 B URL HTTP/2 datar.tradedoubler.com/d.php?merchant_id=333244&url=https%3A%2F%2Fskinup.no%2F&o=json
IP 188.165.150.178:0
GET /d.php?merchant_id=333244&url=https%3A%2F%2Fskinup.no%2F&o=json HTTP/1.1
Host: datar.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skinup.no/
Origin: https://skinup.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 20:27:16 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
x-via-popn: primary
content-encoding: gzip
x-via-poph: replica1
X-Firefox-Spdy: h2
d3hb14vkzrxvla.cloudfront.net/v1/5cb6fb86-7753-45d9-b0a9-ce2ce7658bb8
54.230.245.156200 OK 0 B URL HTTP/2 d3hb14vkzrxvla.cloudfront.net/v1/5cb6fb86-7753-45d9-b0a9-ce2ce7658bb8
IP 54.230.245.156:0
GET /v1/5cb6fb86-7753-45d9-b0a9-ce2ce7658bb8 HTTP/1.1
Host: d3hb14vkzrxvla.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skinup.no/
correlationId: b4b004b1-fda1-47b6-b927-f02e82989138
Helpscout-Origin: Beacon-Embed
Helpscout-Release: 2.2.38
Beacon-Device-ID: 4a77a3da-53e6-48d6-a9c2-49f803477563
Origin: https://skinup.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Fri, 09 Dec 2022 20:27:16 GMT
access-control-allow-origin: https://skinup.no
access-control-expose-headers: Resource-ID
access-control-allow-credentials: true
cache-control: max-age=300
x-ratelimit-limit-conversations-hour: 10
x-ratelimit-remaining-conversations-hour: 10
x-ratelimit-limit-attachments-hour: 10
x-ratelimit-remaining-attachments-hour: 10
x-ratelimit-limit-chat-tokens-hour: 25
x-ratelimit-remaining-chat-tokens-hour: 25
x-ratelimit-limit-identify-hour: 25
x-ratelimit-remaining-identify-hour: 25
x-ratelimit-limit-general-minute: 60
x-ratelimit-remaining-general-minute: 60
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AVxPokl-dI7mGVURir9-qIwTyzT6llh1kpXha7MtyUgDawQeubC9Nw==
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Work+Sans%3A400%7CPT+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=11.4.3
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Work+Sans%3A400%7CPT+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=11.4.3
IP 142.250.74.106:0
GET /css?family=Work+Sans%3A400%7CPT+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=11.4.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://homesolarpowersolution.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 20:27:09 GMT
date: Fri, 09 Dec 2022 20:27:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
skinup.no/
185.181.62.159200 OK 0 B IP 185.181.62.159:0
GET / HTTP/1.1
Host: skinup.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://clk.tradedoubler.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-dns-prefetch-control: on
content-type: text/html; charset=UTF-8
x-frame-options: sameorigin
x-xss-protection: 1
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
permissions-policy: accelerometer=(self), autoplay=(self), camera=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self)
link: <https://skinup.no/wp-json/>; rel="https://api.w.org/", <https://skinup.no/wp-json/wp/v2/pages/1131>; rel="alternate"; type="application/json", <https://skinup.no/>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: a572_HTTP.200,a572_front,a572_URL.6666cd76f96956469e7be39d750cc7d9,a572_F,a572_Po.1131,a572_PGS,a572_guest,a572_,a572_MIN.12094556b595ce95bdd245d6ae78d7f2.js
etag: "279524-1670617634;br"
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Fri, 09 Dec 2022 20:27:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
skinup.b-cdn.net/wp-content/litespeed/js/2/12094556b595ce95bdd245d6ae78d7f2.js?ver=e3412
194.242.11.186200 OK 0 B URL HTTP/2 skinup.b-cdn.net/wp-content/litespeed/js/2/12094556b595ce95bdd245d6ae78d7f2.js?ver=e3412
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /wp-content/litespeed/js/2/12094556b595ce95bdd245d6ae78d7f2.js?ver=e3412 HTTP/1.1
Host: skinup.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skinup.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 20:27:15 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 947364
cdn-uid: 3a7565b8-8bb7-418c-ac34-c302258a09bf
cdn-requestcountrycode: NO
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000
cache-control: public, max-age=31557600
content-encoding: br
etag: "179e97-639327dc-3c2067b2b7e4f33e;br"
expires: Sat, 09 Dec 2023 19:26:40 GMT
last-modified: Fri, 09 Dec 2022 12:19:40 GMT
strict-transport-security: max-age=31536000
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 12/09/2022 13:26:40
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 40f05ff407813b46691c3848898e5dcc
cdn-cache: HIT
X-Firefox-Spdy: h2
datar.tradedoubler.com/js/td-rd-o-sdk.js?t=1670616000
188.165.150.178200 OK 0 B URL HTTP/2 datar.tradedoubler.com/js/td-rd-o-sdk.js?t=1670616000
IP 188.165.150.178:0
GET /js/td-rd-o-sdk.js?t=1670616000 HTTP/1.1
Host: datar.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skinup.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 20:27:15 GMT
content-type: application/javascript
last-modified: Wed, 24 Feb 2021 15:45:15 GMT
vary: Accept-Encoding
etag: W/"6036748b-c76b"
expires: Sat, 10 Dec 2022 20:27:15 GMT
cache-control: max-age=86400, public
x-content-type-options: nosniff
content-encoding: gzip
x-via-poph: replica1
X-Firefox-Spdy: h2
homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
162.213.253.54200 OK 0 B URL HTTP/2 homesolarpowersolution.com/native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/
IP 162.213.253.54:0
Analyzer Verdict Alert fortinet Malware
GET /native-information-proposed-solar-farm-honors-sen-george-norris-12-1-22-mccook-each-day-gazette/ HTTP/1.1
Host: homesolarpowersolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
x-pingback: https://homesolarpowersolution.com/xmlrpc.php
link: <https://homesolarpowersolution.com/wp-json/>; rel="https://api.w.org/", <https://homesolarpowersolution.com/wp-json/wp/v2/posts/6428>; rel="alternate"; type="application/json", <https://homesolarpowersolution.com/?p=6428>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Dec 2022 20:27:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2