va1.info/es/clients/login.php?verification
163.172.204.208301 Moved Permanently 258 B URL HTTP/1.1 va1.info/es/clients/login.php?verification
IP 163.172.204.208:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 112af8986911b611d90fc169e514e91a
f3c88e25c3191f5329fd29d70ca789fe5b68e366
825137ba59e9a9adf537a85ed06247f194165072e7b13534171b159c47697a23
GET /es/clients/login.php?verification HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 10 Dec 2022 00:24:31 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 258
Connection: keep-alive
Location: https://va1.info/es/clients/login.php?verification
Server: PH-nginx
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4356
Expires: Sat, 10 Dec 2022 01:37:08 GMT
Date: Sat, 10 Dec 2022 00:24:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9892
Expires: Sat, 10 Dec 2022 03:09:24 GMT
Date: Sat, 10 Dec 2022 00:24:32 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 23:33:15 GMT
content-type: application/json
age: 3077
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3341
Expires: Sat, 10 Dec 2022 01:20:13 GMT
Date: Sat, 10 Dec 2022 00:24:32 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: YIJ/WfsIV2QjQfSm6WFHKrJe5QXgGPhFgMOY8CM829JXRV+4YpWMaX4reUigFV3wBx7Tu5/FNik=
x-amz-request-id: YWY9M5MFP2C3PXBT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 23:48:34 GMT
age: 2158
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 00:24:32 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 10 Dec 2022 00:07:55 GMT
age: 997
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
va1.info/es/clients/login.php?verification
163.172.204.208404 Not Found 25 kB URL HTTP/2 va1.info/es/clients/login.php?verification
IP 163.172.204.208:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (62848)
Hash 6b971967cbea7af8dbd9bddf984ceb31
c146713e189bdbe166a8430fc4d9adfbe90d7dcd
1f75f9524bd9404a141417020addb77c8d1ebecea2bb81c254cb269267cef144
GET /es/clients/login.php?verification HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
date: Sat, 10 Dec 2022 00:24:32 GMT
content-type: text/html; charset=UTF-8
content-length: 24808
x-dns-prefetch-control: on
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://va1.info/wp-json/>; rel="https://api.w.org/"
x-litespeed-tag: 3b7_HTTP.404,3b7_404,3b7_URL.36614357fd7421edf1453a00b60c00d4,3b7_guest,3b7_,3b7_MIN.77a89cce39a8b913e4166ac5d86cf61c.css,3b7_MIN.67c415ab33b19dff0b876af0debe9360.js
set-cookie: stl_script=lat; expires=Fri, 10-Mar-2023 00:24:32 GMT; Max-Age=7776000; path=/; domain=va1.info; secure
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4929
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 00:24:33 GMT
Last-Modified: Fri, 09 Dec 2022 23:02:24 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
va1.info/wp-content/uploads/2022/11/logo2-2.png
163.172.204.208200 OK 17 kB URL HTTP/2 va1.info/wp-content/uploads/2022/11/logo2-2.png
IP 163.172.204.208:0
File type PNG image data, 542 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash dafd99fb22d3e5e84e7a895653ecb487
f2d0bfb4fecef463f30af18de8d6ac4c74de7add
5e1f5827ab81626c24946151ed2a306aa10c5c3bd73a26ffc094b1931f2e9e73
GET /wp-content/uploads/2022/11/logo2-2.png HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:32 GMT
content-type: image/png
content-length: 17274
last-modified: Sun, 06 Nov 2022 14:38:42 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 05:41:22 GMT
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/uploads/2022/11/logo2retina.png
163.172.204.208200 OK 31 kB URL HTTP/2 va1.info/wp-content/uploads/2022/11/logo2retina.png
IP 163.172.204.208:0
File type PNG image data, 787 x 173, 8-bit/color RGBA, non-interlaced\012- data
Hash 8015bb1af8b362e558f3c3b03fe4f9b1
31edfc81dd58b990fd3d3b790e2d34740f0518bc
08a99a8baf70430316b0d1dc4a06eb9c2d11fdfa247c9ce6ea06817a732714e6
GET /wp-content/uploads/2022/11/logo2retina.png HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:32 GMT
content-type: image/png
content-length: 31298
last-modified: Sun, 06 Nov 2022 14:39:09 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 05:41:22 GMT
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/uploads/2022/11/logonovi.png
163.172.204.208200 OK 16 kB URL HTTP/2 va1.info/wp-content/uploads/2022/11/logonovi.png
IP 163.172.204.208:0
File type PNG image data, 542 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash f034ddd7028d79d3dff6e53e444129db
e2a686230829e5cae713425203bc5f6dc3b31cb3
61af3660dd22925c4676b4e1a5f25bb0e38abb23896aa251c8b4d29199441f7a
GET /wp-content/uploads/2022/11/logonovi.png HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:32 GMT
content-type: image/png
content-length: 15733
last-modified: Sun, 06 Nov 2022 14:38:16 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 05:41:22 GMT
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 00:24:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
172.217.21.170200 OK 5.4 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
IP 172.217.21.170:0
File type ASCII text, with very long lines (2134)
Hash 30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Dec 2022 12:56:59 GMT
expires: Mon, 04 Dec 2023 12:56:59 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 473254
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 00:24:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
va1.info/wp-content/litespeed/css/77a89cce39a8b913e4166ac5d86cf61c.css?ver=b12b2
163.172.204.208200 OK 44 kB URL HTTP/2 va1.info/wp-content/litespeed/css/77a89cce39a8b913e4166ac5d86cf61c.css?ver=b12b2
IP 163.172.204.208:0
File type ASCII text, with very long lines (65501)
Hash f748e9ea33ee346603d0df517319e7b6
5d4eec14dfd3f00df95fd941f7a5e3de268847ca
f7b4e0cc27959f7589499e96bc377bc3927b41ee39ecfa06bb7ff584182921df
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/77a89cce39a8b913e4166ac5d86cf61c.css?ver=b12b2 HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:32 GMT
content-type: text/css
content-length: 44446
last-modified: Mon, 28 Nov 2022 19:12:32 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:33 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/themes/jannah/assets/ilightbox/smooth-skin/skin.css
163.172.204.208200 OK 2.4 kB URL HTTP/2 va1.info/wp-content/themes/jannah/assets/ilightbox/smooth-skin/skin.css
IP 163.172.204.208:0
File type ASCII text, with very long lines (4936), with CRLF line terminators
Hash 2f2cd496db752789df49610a43aa3b1d
efd7c71b873e16b53ee84524fbd5041b059bb245
89ad915a9bdd796221de87a513c7012acfdf3056ef0778d118cebc89f3097ba8
GET /wp-content/themes/jannah/assets/ilightbox/smooth-skin/skin.css HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:32 GMT
content-type: text/css
content-length: 2351
last-modified: Tue, 01 Nov 2022 10:47:50 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:33 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/themes/jannah/assets/css/helpers.min.css
163.172.204.208200 OK 3.6 kB URL HTTP/2 va1.info/wp-content/themes/jannah/assets/css/helpers.min.css
IP 163.172.204.208:0
File type ASCII text, with very long lines (15223)
Hash 8df0fa70e5b545d683ea87497d38f7ea
68ac203a63741e52063bada6145d38abdbaf0e5b
c113fcca65462584e9585191cab7f19baee0e2e7f834994bed1a745719689103
GET /wp-content/themes/jannah/assets/css/helpers.min.css HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:32 GMT
content-type: text/css
content-length: 3617
last-modified: Tue, 01 Nov 2022 10:47:50 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:33 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/themes/jannah/assets/css/fontawesome.css
163.172.204.208200 OK 12 kB URL HTTP/2 va1.info/wp-content/themes/jannah/assets/css/fontawesome.css
IP 163.172.204.208:0
File type ASCII text, with very long lines (58661)
Hash 3909a0f74da2ae48a681267dfa2b1521
0333a05a8908bdff7e9a41fef5b7917253d20d1f
67bd3f2dcf0a0e9c8a7f60e04af665807a5a6d500c1a856b3781cf0c2ce90676
GET /wp-content/themes/jannah/assets/css/fontawesome.css HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:32 GMT
content-type: text/css
content-length: 12546
last-modified: Tue, 01 Nov 2022 10:47:50 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:33 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
163.172.204.208200 OK 24 kB URL HTTP/2 va1.info/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
IP 163.172.204.208:0
File type Web Open Font Format, TrueType, length 40536, version 2.0\012- data
Hash 5be2adc9398287d053ca1e5cd92e1def
bd77e12b6cb3da9da1c48e125803eddd0ad984df
473f88160728e70e6a1abafaefef17d8e30291f9ce0bedef1b18cbfa5e6b3119
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:32 GMT
content-type: font/woff
content-length: 23772
last-modified: Tue, 01 Nov 2022 10:47:50 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:33 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.39.62.124101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.62.124:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4lAHOUKCfXcWlPTnTbjdLQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YFwg6zK6zIwfqbi9AydwRtcfwXI=
va1.info/wp-content/plugins/litespeed-cache/guest.vary.php
163.172.204.208200 OK 36 B URL HTTP/2 va1.info/wp-content/plugins/litespeed-cache/guest.vary.php
IP 163.172.204.208:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2bb65d9198c8a7337055887f53032dba
dd6b94042a6529aad65e6e951f50dba7ed920c79
eba2e7eceb1c27018e4d2d1594abcb68a9b4a3237c456e6b2d90bfbd7f101867
Analyzer Verdict Alert fortinet Phishing
POST /wp-content/plugins/litespeed-cache/guest.vary.php HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://va1.info/es/clients/login.php?verification
Origin: https://va1.info
Connection: keep-alive
Cookie: stl_script=lat
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:32 GMT
content-type: text/html; charset=UTF-8
content-length: 36
x-litespeed-cache-control: no-cache
set-cookie: _lscache_vary=917aea3f46bfc94f9541847e06f43399; expires=Mon, 12-Dec-2022 00:24:33 GMT; Max-Age=172800; path=/; secure; HttpOnly
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f7aef7109978f8c1c53298563756a403
d610bb812b080710945dd47f9cccd794af9fe2f7
6366bc97e3f9ac9a6e8a294da60f2d961d2106180fd8ffaae97bc82ea399edb9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 00:24:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-213886338-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-213886338-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash bd92c898041840718678b8f211565b0d
e1fe911e61d547e3698a29458f8cd7a91efd010f
7b5ab139a38abcc04e62d170e93cd82836101f52bbb1dbf2ccc9855cdca25a6f
GET /gtag/js?id=UA-213886338-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 10 Dec 2022 00:24:33 GMT
expires: Sat, 10 Dec 2022 00:24:33 GMT
cache-control: private, max-age=900
last-modified: Sat, 10 Dec 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43631
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f7aef7109978f8c1c53298563756a403
d610bb812b080710945dd47f9cccd794af9fe2f7
6366bc97e3f9ac9a6e8a294da60f2d961d2106180fd8ffaae97bc82ea399edb9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 00:24:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 00:24:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Poppins:regular,500,600,700&subset=latin&display=swap
142.250.74.106200 OK 8.4 kB URL HTTP/2 fonts.googleapis.com/css?family=Poppins:regular,500,600,700&subset=latin&display=swap
IP 142.250.74.106:0
Hash 1ddb7cff969d03715e26fbbbed01a0f3
4448c2767f7bec5e7f99a7268ba24ce096fee908
071c0baf729300b35024ca47190fbc14f54d3e4b60907cb2b108c280cdf69170
GET /css?family=Poppins:regular,500,600,700&subset=latin&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 10 Dec 2022 00:24:33 GMT
date: Sat, 10 Dec 2022 00:24:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 00:24:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 00:24:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 00:24:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
216.58.207.227200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://va1.info
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:11 GMT
expires: Sat, 09 Dec 2023 13:33:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
age: 39082
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
216.58.207.227200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://va1.info
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:28:50 GMT
expires: Thu, 07 Dec 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 190543
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
216.58.207.227200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://va1.info
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:13 GMT
expires: Sat, 09 Dec 2023 13:33:13 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
age: 39080
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 00:24:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2
216.58.207.227200 OK 5.5 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 5512, version 1.0\012- data
Hash 72b3ae37567ee5efdf2254b657c36ba9
3a4cf2dc2cabd33b5b2c7cef3221131520f618a0
9c15f7b06458075c69b40e79f03e62d43017ecf4c618487add407ee47e438684
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://va1.info
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5512
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 15:45:23 GMT
expires: Wed, 06 Dec 2023 15:45:23 GMT
cache-control: public, max-age=31536000
age: 290350
last-modified: Wed, 27 Apr 2022 16:59:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 09 Dec 2022 22:41:08 GMT
expires: Sat, 10 Dec 2022 00:41:08 GMT
cache-control: public, max-age=7200
age: 6206
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-3S01SN2VHN>m=2oebu0&_p=2112461681&gdid=dZTNiMT&cid=419400610.1670631873&ul=en-us&sr=1280x1024&_s=1&sid=1670631872&sct=1&seg=0&dl=https%3A%2F%2Fva1.info%2Fes%2Fclients%2Flogin.php%3Fverification&dt=%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B8%D1%98%D0%B5%20%D0%BF%D1%80%D0%BE%D0%BD%D0%B0%D1%92%D0%B5%D0%BD%D0%B0%20-%20Va1.info&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-3S01SN2VHN>m=2oebu0&_p=2112461681&gdid=dZTNiMT&cid=419400610.1670631873&ul=en-us&sr=1280x1024&_s=1&sid=1670631872&sct=1&seg=0&dl=https%3A%2F%2Fva1.info%2Fes%2Fclients%2Flogin.php%3Fverification&dt=%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B8%D1%98%D0%B5%20%D0%BF%D1%80%D0%BE%D0%BD%D0%B0%D1%92%D0%B5%D0%BD%D0%B0%20-%20Va1.info&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-3S01SN2VHN>m=2oebu0&_p=2112461681&gdid=dZTNiMT&cid=419400610.1670631873&ul=en-us&sr=1280x1024&_s=1&sid=1670631872&sct=1&seg=0&dl=https%3A%2F%2Fva1.info%2Fes%2Fclients%2Flogin.php%3Fverification&dt=%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B8%D1%98%D0%B5%20%D0%BF%D1%80%D0%BE%D0%BD%D0%B0%D1%92%D0%B5%D0%BD%D0%B0%20-%20Va1.info&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://va1.info
Connection: keep-alive
Referer: https://va1.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://va1.info
date: Sat, 10 Dec 2022 00:24:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20544
Expires: Sat, 10 Dec 2022 06:06:58 GMT
Date: Sat, 10 Dec 2022 00:24:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20544
Expires: Sat, 10 Dec 2022 06:06:58 GMT
Date: Sat, 10 Dec 2022 00:24:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20544
Expires: Sat, 10 Dec 2022 06:06:58 GMT
Date: Sat, 10 Dec 2022 00:24:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20544
Expires: Sat, 10 Dec 2022 06:06:58 GMT
Date: Sat, 10 Dec 2022 00:24:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20544
Expires: Sat, 10 Dec 2022 06:06:58 GMT
Date: Sat, 10 Dec 2022 00:24:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32378252-8233-4d6b-b3d2-720e3ac2d0bd.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32378252-8233-4d6b-b3d2-720e3ac2d0bd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2b4c44cc196e1f4263a895ef54e6650
c5cea524045b3394c1dfe5e5fcac4637416f8587
e31f4b95811c01b2f2f181e11b7a8e1b4c57c3c7fc067c304e8dacc6fb176442
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32378252-8233-4d6b-b3d2-720e3ac2d0bd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3963
x-amzn-requestid: f067a6cf-758c-4c35-be64-3970b690ea7c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5e7VHdnoAMF0Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393ab7b-485a18b738763b2029f6c653;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:41:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: s34c1vAKHso9NwDfhOn5053VIDeRGdwNscoMDkkfcNx95irwIB9Hrg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:54:23 GMT
age: 9011
etag: "c5cea524045b3394c1dfe5e5fcac4637416f8587"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34fa3dbc-1a29-4161-8687-d9c7b1b04f14.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34fa3dbc-1a29-4161-8687-d9c7b1b04f14.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 386207bd6fea7388d5df993a32147431
d513b937a9be6e95bfe0fcea0f3f0cb7e611c0de
40fa6a8207008d1fceb11fc9fb37c458e1ed2deac83a2fb5fcac80d9b7ca32fa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34fa3dbc-1a29-4161-8687-d9c7b1b04f14.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9592
x-amzn-requestid: 1a8dca24-1776-4407-84d4-33fb975e49cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c3fOXFSxoAMF-EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6392df28-5ab03a853cf9c5ca57f4391f;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 07:09:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FW-CGlMPjenlq0gPVxsJzPU5muMwgH_nzzNoQItyyQPOBEJdOFLdsw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:34:25 GMT
age: 60609
etag: "d513b937a9be6e95bfe0fcea0f3f0cb7e611c0de"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:15 GMT
age: 61879
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c73a9d6-0f56-4366-b9bd-119b0034c1aa.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c73a9d6-0f56-4366-b9bd-119b0034c1aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 44ee520c9a084ee2a04638b6abbb2b0b
ed170b8b964db1163e02c21fe4e9dbfe58e9d42d
e4f33f6556c414b498f99d6b43c4d94fa15e9b235596647d4a8513c78c21e6eb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c73a9d6-0f56-4366-b9bd-119b0034c1aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5302
x-amzn-requestid: ababe39a-ea1a-4a20-9de4-ad71500d9c59
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMWE-eoAMFZJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4e-19c2e2c1445527c13b4b66e0;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w2vv_xDK6MNt2CX1nqsqt9mRjSOPMxVNrar2XcR44gJPtC0vaK68sg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:48:59 GMT
age: 5735
etag: "ed170b8b964db1163e02c21fe4e9dbfe58e9d42d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0df452512aae4c4c1f4a2cd263b16dfd
68bac75574641febc463bd0819392dae2da15811
e0a9301c5be849e116f1d98b819c2eb91f73e74d836f3e099f2cd266e8f0bb36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12743
x-amzn-requestid: 6ed8a5f4-45cd-45bd-9820-df450f612c34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eK4E_-IAMFf3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa45-31d928fc430577b463a68bd0;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: YTqJN92gTy04q3obEXe4P1gmG2h9b2IQjjSkkUXyqnfFOL67uobN4Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:58:18 GMT
age: 8776
etag: "68bac75574641febc463bd0819392dae2da15811"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa7dc969-e455-4530-98cb-51f59a291532.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa7dc969-e455-4530-98cb-51f59a291532.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4b1e76689036da0767b475294169149
7c27783f10e44b5c575616feafc6cae87beb916f
52170edde4c4494252ff0c830f21e20a62b2dfc30df2fab5feef5db9d26cf0bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa7dc969-e455-4530-98cb-51f59a291532.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6947
x-amzn-requestid: 365129c8-2e68-4a0d-8a1e-935d01cd2f0b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eNUH6ooAMF5BQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa55-4182ddcb68b36bf624d758e3;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dFZzPhvzdz_SnEOa6sSy8DY0R-qnACOezHXN84OSOtPzqlyQKnZ8dw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:28:48 GMT
age: 6946
etag: "7c27783f10e44b5c575616feafc6cae87beb916f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
va1.info/es/clients/login.php?verification
163.172.204.208404 Not Found 23 kB URL HTTP/2 va1.info/es/clients/login.php?verification
IP 163.172.204.208:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65470), with no line terminators
Hash f6fadb8e5a3f56890d3f59137f2bf765
aa656f07ef5671c3a862f0ff394c91cab2871002
cd487ca0117be899bfe1f431901d613a30a3d8e4d05181854445d1b0fc53ab4d
GET /es/clients/login.php?verification HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Sat, 10 Dec 2022 00:24:35 GMT
content-type: text/html; charset=UTF-8
content-length: 23218
x-dns-prefetch-control: on
x-litespeed-tag: 3b7_HTTP.404
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://va1.info/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
X-Firefox-Spdy: h2
va1.info/wp-content/uploads/2022/11/logo2-2.png
163.172.204.208200 OK 17 kB URL HTTP/2 va1.info/wp-content/uploads/2022/11/logo2-2.png
IP 163.172.204.208:0
File type PNG image data, 542 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash dafd99fb22d3e5e84e7a895653ecb487
f2d0bfb4fecef463f30af18de8d6ac4c74de7add
5e1f5827ab81626c24946151ed2a306aa10c5c3bd73a26ffc094b1931f2e9e73
GET /wp-content/uploads/2022/11/logo2-2.png HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:35 GMT
content-type: image/png
content-length: 17274
last-modified: Sun, 06 Nov 2022 14:38:42 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 05:41:22 GMT
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
172.217.21.170200 OK 5.4 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
IP 172.217.21.170:0
File type ASCII text, with very long lines (2134)
Hash 30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Dec 2022 12:56:59 GMT
expires: Mon, 04 Dec 2023 12:56:59 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 473257
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
X-Firefox-Early-Data: accepted
va1.info/wp-content/uploads/2022/11/logo2retina.png
163.172.204.208200 OK 31 kB URL HTTP/2 va1.info/wp-content/uploads/2022/11/logo2retina.png
IP 163.172.204.208:0
File type PNG image data, 787 x 173, 8-bit/color RGBA, non-interlaced\012- data
Hash 8015bb1af8b362e558f3c3b03fe4f9b1
31edfc81dd58b990fd3d3b790e2d34740f0518bc
08a99a8baf70430316b0d1dc4a06eb9c2d11fdfa247c9ce6ea06817a732714e6
GET /wp-content/uploads/2022/11/logo2retina.png HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:35 GMT
content-type: image/png
content-length: 31298
last-modified: Sun, 06 Nov 2022 14:39:09 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 05:41:22 GMT
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
163.172.204.208200 OK 24 kB URL HTTP/2 va1.info/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
IP 163.172.204.208:0
File type Web Open Font Format, TrueType, length 40536, version 2.0\012- data
Hash 5be2adc9398287d053ca1e5cd92e1def
bd77e12b6cb3da9da1c48e125803eddd0ad984df
473f88160728e70e6a1abafaefef17d8e30291f9ce0bedef1b18cbfa5e6b3119
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:35 GMT
content-type: font/woff
content-length: 23772
last-modified: Tue, 01 Nov 2022 10:47:50 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:33 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/uploads/2019/01/logo_2.png
163.172.204.208301 Moved Permanently 262 B URL HTTP/1.1 va1.info/wp-content/uploads/2019/01/logo_2.png
IP 163.172.204.208:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7eb0258200a3c5a823f61230b4d82565
f6e4cd789795d7644c79e5d905ff551bd4614de5
40fac042a3fb80d3ae140240a95df12a5089db313491713809b8c6da93d79950
GET /wp-content/uploads/2019/01/logo_2.png HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sat, 10 Dec 2022 00:24:35 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 262
Connection: keep-alive
Location: https://va1.info/wp-content/uploads/2019/01/logo_2.png
Server: PH-nginx
va1.info/wp-content/themes/jannah/assets/css/helpers.min.css
163.172.204.208200 OK 3.6 kB URL HTTP/2 va1.info/wp-content/themes/jannah/assets/css/helpers.min.css
IP 163.172.204.208:0
File type ASCII text, with very long lines (15223)
Hash 8df0fa70e5b545d683ea87497d38f7ea
68ac203a63741e52063bada6145d38abdbaf0e5b
c113fcca65462584e9585191cab7f19baee0e2e7f834994bed1a745719689103
GET /wp-content/themes/jannah/assets/css/helpers.min.css HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:35 GMT
content-type: text/css
content-length: 3617
last-modified: Tue, 01 Nov 2022 10:47:50 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:33 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/themes/jannah/assets/ilightbox/smooth-skin/skin.css
163.172.204.208200 OK 2.4 kB URL HTTP/2 va1.info/wp-content/themes/jannah/assets/ilightbox/smooth-skin/skin.css
IP 163.172.204.208:0
File type ASCII text, with very long lines (4936), with CRLF line terminators
Hash 2f2cd496db752789df49610a43aa3b1d
efd7c71b873e16b53ee84524fbd5041b059bb245
89ad915a9bdd796221de87a513c7012acfdf3056ef0778d118cebc89f3097ba8
GET /wp-content/themes/jannah/assets/ilightbox/smooth-skin/skin.css HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:35 GMT
content-type: text/css
content-length: 2351
last-modified: Tue, 01 Nov 2022 10:47:50 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:33 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/themes/jannah/assets/css/fontawesome.css
163.172.204.208200 OK 12 kB URL HTTP/2 va1.info/wp-content/themes/jannah/assets/css/fontawesome.css
IP 163.172.204.208:0
File type ASCII text, with very long lines (58661)
Hash 3909a0f74da2ae48a681267dfa2b1521
0333a05a8908bdff7e9a41fef5b7917253d20d1f
67bd3f2dcf0a0e9c8a7f60e04af665807a5a6d500c1a856b3781cf0c2ce90676
GET /wp-content/themes/jannah/assets/css/fontawesome.css HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:35 GMT
content-type: text/css
content-length: 12546
last-modified: Tue, 01 Nov 2022 10:47:50 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:33 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/litespeed/css/cfb79bbb75442443ae68b2e1d53aae7a.css?ver=aae7a
163.172.204.208200 OK 189 B URL HTTP/2 va1.info/wp-content/litespeed/css/cfb79bbb75442443ae68b2e1d53aae7a.css?ver=aae7a
IP 163.172.204.208:0
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/cfb79bbb75442443ae68b2e1d53aae7a.css?ver=aae7a HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:35 GMT
content-type: text/css
content-length: 189
last-modified: Sat, 10 Dec 2022 00:24:34 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:36 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/litespeed/css/777a850cc8bb6ed6a690e1caf0d24489.css?ver=24489
163.172.204.208200 OK 1.4 kB URL HTTP/2 va1.info/wp-content/litespeed/css/777a850cc8bb6ed6a690e1caf0d24489.css?ver=24489
IP 163.172.204.208:0
File type ASCII text, with very long lines (7525), with no line terminators
Hash d99117b9b95f17b5688553d5b91a876d
84a46a0d369c250b9a0eb9d83c631f5875955551
f66e9288fd89b93a0defa6a68c8516f97258a1bfdc2dddc147834dd2037c015b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/777a850cc8bb6ed6a690e1caf0d24489.css?ver=24489 HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:35 GMT
content-type: text/css
content-length: 1419
last-modified: Sat, 10 Dec 2022 00:24:34 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:36 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/litespeed/css/3bab39e9ad6d66eff8f69b4488cc60d8.css?ver=c60d8
163.172.204.208200 OK 1.6 kB URL HTTP/2 va1.info/wp-content/litespeed/css/3bab39e9ad6d66eff8f69b4488cc60d8.css?ver=c60d8
IP 163.172.204.208:0
File type ASCII text, with very long lines (6524), with no line terminators
Hash 919be974cef11e781d76b3c2410a37dc
6785225f9fa215105db4100ac4af4be68bffcbdf
bdc5d0ef8ac2a1233b1769b5e004e8129f0f0a2c7d325c7dfb055f6ca59d2c4a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/3bab39e9ad6d66eff8f69b4488cc60d8.css?ver=c60d8 HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:35 GMT
content-type: text/css
content-length: 1618
last-modified: Sat, 10 Dec 2022 00:24:35 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:36 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/litespeed/css/d1fe25fbff06d39b4b7b55814d74f2b9.css?ver=4f2b9
163.172.204.208200 OK 1.6 kB URL HTTP/2 va1.info/wp-content/litespeed/css/d1fe25fbff06d39b4b7b55814d74f2b9.css?ver=4f2b9
IP 163.172.204.208:0
File type ASCII text, with very long lines (17940), with no line terminators
Hash 3152001a37326dba39e3f624b0c649f8
622b076b352508cd4b7cdedd5aae71d3bd8995f5
40d17e99cc23c70db57306529a76071c43e5274d2a4aa557b802473a8052babf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/d1fe25fbff06d39b4b7b55814d74f2b9.css?ver=4f2b9 HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:35 GMT
content-type: text/css
content-length: 1590
last-modified: Sat, 10 Dec 2022 00:24:34 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:36 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/litespeed/css/c7e072624265b94100033cf24ae5e7f3.css?ver=5e7f3
163.172.204.208200 OK 2.8 kB URL HTTP/2 va1.info/wp-content/litespeed/css/c7e072624265b94100033cf24ae5e7f3.css?ver=5e7f3
IP 163.172.204.208:0
File type ASCII text, with very long lines (11672)
Hash 88ab2e5f8fbbfbea44e37416790c2ee3
cb61be9c254c2b852b00ee4c4bfcc3eeacd7088d
3766ce08743b996abf2beea917f30538eeb8d3a539656cc2d9acd10f9196c830
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/c7e072624265b94100033cf24ae5e7f3.css?ver=5e7f3 HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:35 GMT
content-type: text/css
content-length: 2799
last-modified: Sat, 10 Dec 2022 00:24:36 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:36 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/litespeed/css/a6188611ea848efc5011ff72b60ce020.css?ver=ce020
163.172.204.208200 OK 9.3 kB URL HTTP/2 va1.info/wp-content/litespeed/css/a6188611ea848efc5011ff72b60ce020.css?ver=ce020
IP 163.172.204.208:0
File type ASCII text, with very long lines (54141)
Hash 3dd26404c3145004725ad2c61ee8e5e1
39c01e327f499eafb58fe26f4ea8dc539bd7f05a
f2298a4dc5f3ef3ef63b96e8c0d305eafaf9d2de42edeb2cd0930bf65600ee37
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/a6188611ea848efc5011ff72b60ce020.css?ver=ce020 HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:35 GMT
content-type: text/css
content-length: 9257
last-modified: Sat, 10 Dec 2022 00:24:36 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:36 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/litespeed/css/700eb2149218d994c05b75f9b0a6d2eb.css?ver=6d2eb
163.172.204.208200 OK 30 kB URL HTTP/2 va1.info/wp-content/litespeed/css/700eb2149218d994c05b75f9b0a6d2eb.css?ver=6d2eb
IP 163.172.204.208:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7f99c3d9ee93e8c28d519dde23cc7af9
390c94d34c6d48398f0e58ebfa344011b543e4d4
7c3b3ac94a5bb6db3962218af1f5978dc0698bb99da487d1b84f012af689caf8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/700eb2149218d994c05b75f9b0a6d2eb.css?ver=6d2eb HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:35 GMT
content-type: text/css
content-length: 29644
last-modified: Sat, 10 Dec 2022 00:24:35 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:36 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2
163.172.204.208200 OK 14 kB URL HTTP/2 va1.info/wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2
IP 163.172.204.208:0
File type Web Open Font Format (Version 2), TrueType, length 13584, version 331.524\012- data
Hash 38bd6da6661dc7afc62ffd19c092f5b0
5d9084cf8714e828c2436d1487658d970a8360a2
f7553ce51f4bcc77953cab452f900417cd16de87f43fc7a8cd0ecd866d618f30
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2 HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:35 GMT
content-type: font/woff2
content-length: 13607
last-modified: Tue, 01 Nov 2022 10:47:50 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:33 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/litespeed/js/604c9b63b4e23ea95bf485667311be03.js?ver=1be03
163.172.204.208200 OK 671 B URL HTTP/2 va1.info/wp-content/litespeed/js/604c9b63b4e23ea95bf485667311be03.js?ver=1be03
IP 163.172.204.208:0
File type ASCII text, with very long lines (1036)
Hash 02d211e5683f3fd420f6a827189e60d5
5ce80fcbb0d38e01489a11928314a428ccbc46d8
f32712e2b4e03d178a3ead2fb73a73032bda01a08a4a431d3daca552f36db07e
GET /wp-content/litespeed/js/604c9b63b4e23ea95bf485667311be03.js?ver=1be03 HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:35 GMT
content-type: application/javascript
content-length: 671
last-modified: Sat, 10 Dec 2022 00:24:36 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:36 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/litespeed/js/9821c9a38453bd6a65f2bfb41c27d025.js?ver=7d025
163.172.204.208200 OK 7.0 kB URL HTTP/2 va1.info/wp-content/litespeed/js/9821c9a38453bd6a65f2bfb41c27d025.js?ver=7d025
IP 163.172.204.208:0
File type HTML document, ASCII text, with very long lines (22472)
Hash 6cc66ccc637591352f8c4e24646ce038
d8250e9c4f4aca59f683a603b5f2871d8880f510
fcea05aa6e172e5127e51fcdc0ced1d25d93af439827d59bb8df8b637b4ac6c6
GET /wp-content/litespeed/js/9821c9a38453bd6a65f2bfb41c27d025.js?ver=7d025 HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:35 GMT
content-type: application/javascript
content-length: 7005
last-modified: Sat, 10 Dec 2022 00:24:36 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:36 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/litespeed/js/67c415ab33b19dff0b876af0debe9360.js?ver=b12b2
163.172.204.208200 OK 75 kB URL HTTP/2 va1.info/wp-content/litespeed/js/67c415ab33b19dff0b876af0debe9360.js?ver=b12b2
IP 163.172.204.208:0
File type ASCII text, with very long lines (14632)
Hash b0cca1990c835f2efe04c3b543090589
d8ef7e370d2603f28861662d71367089f435e2f0
1a1b199bf001dcb7d0218f2895686c6b4e449ee6acf24dd5f0f8cf4a3d995a70
GET /wp-content/litespeed/js/67c415ab33b19dff0b876af0debe9360.js?ver=b12b2 HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:34 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 23:58:47 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:33 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
X-Firefox-Spdy: h2
va1.info/wp-content/litespeed/js/ebffa5d55e0fad18e91c79108de522c4.js?ver=522c4
163.172.204.208200 OK 12 kB URL HTTP/2 va1.info/wp-content/litespeed/js/ebffa5d55e0fad18e91c79108de522c4.js?ver=522c4
IP 163.172.204.208:0
File type ASCII text, with very long lines (32024)
Hash a42c9876a481ff0fde51ee22de6c57d8
8a2e5e5ae9613ae633dd4862519e1c304d0c544d
8e62cd937f13631b8d56d116a496e32b7aaa3dc4e8c94a78b3a65948488f3f37
GET /wp-content/litespeed/js/ebffa5d55e0fad18e91c79108de522c4.js?ver=522c4 HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:35 GMT
content-type: application/javascript
content-length: 11640
last-modified: Sat, 10 Dec 2022 00:24:36 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:36 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/litespeed/js/e2a857256be72fcc426a7c2d350b260c.js?ver=c3cd1
163.172.204.208200 OK 3.2 kB URL HTTP/2 va1.info/wp-content/litespeed/js/e2a857256be72fcc426a7c2d350b260c.js?ver=c3cd1
IP 163.172.204.208:0
File type ASCII text, with very long lines (1532)
Hash 24d407a65252417c6f9e57008c9e1224
b7dfbf376102a93d90c5f5caaa7bb6e210cb98bf
7ea6d92ab3fc240468bebb6191d115fc378e122aa794a1792e82c3f24dbb9898
GET /wp-content/litespeed/js/e2a857256be72fcc426a7c2d350b260c.js?ver=c3cd1 HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:35 GMT
content-type: application/javascript
content-length: 3205
last-modified: Sat, 10 Dec 2022 00:24:36 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:36 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/litespeed/js/fd15e60026a04f583d5dc5f416a42e24.js?ver=42e24
163.172.204.208200 OK 935 B URL HTTP/2 va1.info/wp-content/litespeed/js/fd15e60026a04f583d5dc5f416a42e24.js?ver=42e24
IP 163.172.204.208:0
File type ASCII text, with very long lines (4711)
Hash 3984741d9f3bdc941607fc80529d2700
5cd95b3531db40c456c65924e26f0bc3217b80d1
837f0aae8ac0a08cb60e7f5520b5b1da8bcc73ab9a8573a83ba3937f754dbe4d
GET /wp-content/litespeed/js/fd15e60026a04f583d5dc5f416a42e24.js?ver=42e24 HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:35 GMT
content-type: application/javascript
content-length: 935
last-modified: Sat, 10 Dec 2022 00:24:36 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:36 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/litespeed/js/26a4367f56ee8f2ba3ff8936fd8a60b6.js?ver=a60b6
163.172.204.208200 OK 25 kB URL HTTP/2 va1.info/wp-content/litespeed/js/26a4367f56ee8f2ba3ff8936fd8a60b6.js?ver=a60b6
IP 163.172.204.208:0
File type ASCII text, with very long lines (61170)
Hash e86cf54f4dd00253ab35854922c8eb3c
098a3fe83b4c41e56d381fdcdae5ca97cb274dad
ed54011d2b3ab54c1b43411a0ea27323a3675865478327a2c0c357c971d980c5
GET /wp-content/litespeed/js/26a4367f56ee8f2ba3ff8936fd8a60b6.js?ver=a60b6 HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:35 GMT
content-type: application/javascript
content-length: 24961
last-modified: Sat, 10 Dec 2022 00:24:36 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:36 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/litespeed/js/10290adc85b232d04a412ac8e182a150.js?ver=1a36e
163.172.204.208200 OK 3.2 kB URL HTTP/2 va1.info/wp-content/litespeed/js/10290adc85b232d04a412ac8e182a150.js?ver=1a36e
IP 163.172.204.208:0
File type ASCII text, with very long lines (901)
Hash 6ad522b589fbf29bd6d6ca73f0a1bed9
d8c3e7d26a20040b869d267d6f82f4e2f6e7899b
f978d0f611cb1be07e958454a1700bad4b597eee6626d9d4f9b39ec21bd46684
GET /wp-content/litespeed/js/10290adc85b232d04a412ac8e182a150.js?ver=1a36e HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:35 GMT
content-type: application/javascript
content-length: 3184
last-modified: Sat, 10 Dec 2022 00:24:36 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:36 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/litespeed/js/5665c4a031273c0b75544265edd9784e.js?ver=9784e
163.172.204.208200 OK 4.6 kB URL HTTP/2 va1.info/wp-content/litespeed/js/5665c4a031273c0b75544265edd9784e.js?ver=9784e
IP 163.172.204.208:0
File type ASCII text, with very long lines (14387)
Hash 9128f965e3e83b05d58b62c7cdd73e70
805e9a5eb241c2c41cb6c8a2b686e50243973e85
e042504077c5368d4e7dc3b10359e931963ab0d8f033a7d0ebc7bc66d911a972
GET /wp-content/litespeed/js/5665c4a031273c0b75544265edd9784e.js?ver=9784e HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:35 GMT
content-type: application/javascript
content-length: 4618
last-modified: Sat, 10 Dec 2022 00:24:36 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:36 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/litespeed/js/8054ad50260bd125b60a448e012f55cf.js?ver=f55cf
163.172.204.208200 OK 5.4 kB URL HTTP/2 va1.info/wp-content/litespeed/js/8054ad50260bd125b60a448e012f55cf.js?ver=f55cf
IP 163.172.204.208:0
File type ASCII text, with very long lines (16791)
Hash e7a9ffbe3c01e340f213fcc278fc57df
7e89cd0e946774169d5f46898f140152fc96d02f
fe96b19255e53f0bda65fb5528f30c792b0e888d3ab259509dd40e7d67c77b80
GET /wp-content/litespeed/js/8054ad50260bd125b60a448e012f55cf.js?ver=f55cf HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:35 GMT
content-type: application/javascript
content-length: 5445
last-modified: Sat, 10 Dec 2022 00:24:36 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:36 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/litespeed/js/972fda592624ae4165961c3ca3af68ef.js?ver=f68ef
163.172.204.208200 OK 3.7 kB URL HTTP/2 va1.info/wp-content/litespeed/js/972fda592624ae4165961c3ca3af68ef.js?ver=f68ef
IP 163.172.204.208:0
File type ASCII text, with very long lines (10527)
Hash 134ab7dc782d076f4f85bcdb2df04484
5dc2571a92ae06c384580ef2173bf5d8e6c7644e
4e024653bb3badfbecf15f1ea3a53863c6cb2c308efb1c2c7405e571c75dd07a
GET /wp-content/litespeed/js/972fda592624ae4165961c3ca3af68ef.js?ver=f68ef HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:35 GMT
content-type: application/javascript
content-length: 3747
last-modified: Sat, 10 Dec 2022 00:24:36 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:36 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/litespeed/js/bfc4d6519827ab7a9ba9e4cd950bcc9e.js?ver=bcc9e
163.172.204.208200 OK 11 kB URL HTTP/2 va1.info/wp-content/litespeed/js/bfc4d6519827ab7a9ba9e4cd950bcc9e.js?ver=bcc9e
IP 163.172.204.208:0
File type HTML document, ASCII text, with very long lines (705)
Hash 00d07a05ad21a81d11ac4ecc43256464
58e3924a15e73d085bd92969d4a689f325fd8979
e682cefdf292966a4e6d998142fb6c5e181a62e87c2667829fff521fb1d10621
GET /wp-content/litespeed/js/bfc4d6519827ab7a9ba9e4cd950bcc9e.js?ver=bcc9e HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:35 GMT
content-type: application/javascript
content-length: 11147
last-modified: Sat, 10 Dec 2022 00:24:36 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:36 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/uploads/2019/01/logo_2.png
163.172.204.208200 OK 27 kB URL HTTP/2 va1.info/wp-content/uploads/2019/01/logo_2.png
IP 163.172.204.208:0
File type PNG image data, 599 x 98, 8-bit/color RGBA, interlaced\012- data
Hash b71568968de34bd850b233f1a36e7369
c768e4d3f18ffdd15ee389c5fc0f5c536a4d3b76
a66d9b361c5ef7e6bb731e52c57e18b95afc729f842143694a27882c72cf0878
GET /wp-content/uploads/2019/01/logo_2.png HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:35 GMT
content-type: image/png
content-length: 26695
last-modified: Tue, 15 Jan 2019 22:49:44 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:15:25 GMT
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-includes/js/jquery/jquery.min.js
163.172.204.208200 OK 31 kB URL HTTP/2 va1.info/wp-includes/js/jquery/jquery.min.js
IP 163.172.204.208:0
File type ASCII text, with very long lines (65447)
Hash 1b5264c989379b828aff60f65a518a24
98641237f14ccb33ac114f54329a33bd0aa17eb7
6c8e7b78c6dbc13426810c905572db7589cf3e00264e30ce797fddb0b1092237
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:35 GMT
content-type: application/javascript
content-length: 30995
last-modified: Sat, 05 Nov 2022 18:34:01 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:36 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/uploads/2022/11/logonovi.png
163.172.204.208200 OK 16 kB URL HTTP/2 va1.info/wp-content/uploads/2022/11/logonovi.png
IP 163.172.204.208:0
File type PNG image data, 542 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash f034ddd7028d79d3dff6e53e444129db
e2a686230829e5cae713425203bc5f6dc3b31cb3
61af3660dd22925c4676b4e1a5f25bb0e38abb23896aa251c8b4d29199441f7a
GET /wp-content/uploads/2022/11/logonovi.png HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:36 GMT
content-type: image/png
content-length: 15733
last-modified: Sun, 06 Nov 2022 14:38:16 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 05:41:22 GMT
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/uploads/2022/12/img_191893-390x220.jpg
163.172.204.208200 OK 23 kB URL HTTP/2 va1.info/wp-content/uploads/2022/12/img_191893-390x220.jpg
IP 163.172.204.208:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 390x220, components 3\012- data
Hash e5d66300d15b91586437f1c1fbedc454
e7c0d7d9ba2561f08d70da1fe3ebe01bd1610d5e
f0a1e2b54ff5549ea58c933ca0fca2c7b11c3332b3a9004b375fbab223d17700
GET /wp-content/uploads/2022/12/img_191893-390x220.jpg HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:36 GMT
content-type: image/jpeg
content-length: 23145
last-modified: Fri, 09 Dec 2022 07:04:15 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:37 GMT
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/uploads/2022/12/gol4680-1920x720-1-390x220.jpg
163.172.204.208200 OK 16 kB URL HTTP/2 va1.info/wp-content/uploads/2022/12/gol4680-1920x720-1-390x220.jpg
IP 163.172.204.208:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 390x220, components 3\012- data
Hash ce499fff82f02d9de2a5a19378effb0e
d7f6bac82e77d860468a7c1442f2da88cc45a8e5
14a503549e4181ddc585c8f5384a2da6455a6ae4e99516293d964a71f7b408dc
GET /wp-content/uploads/2022/12/gol4680-1920x720-1-390x220.jpg HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:36 GMT
content-type: image/jpeg
content-length: 16401
last-modified: Fri, 09 Dec 2022 07:07:57 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:37 GMT
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/uploads/2022/12/img_191866-390x220.jpg
163.172.204.208200 OK 11 kB URL HTTP/2 va1.info/wp-content/uploads/2022/12/img_191866-390x220.jpg
IP 163.172.204.208:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 390x220, components 3\012- data
Hash b6dff44a552e39bd903b78c7b90cdfd3
7fdb6533dbe8a0392cbfa5ec383d00906d0d684e
cdd400f9d6c5fe76d211cac95d2fe9ad97ef3a2260386e9eeb42dd63929745c0
GET /wp-content/uploads/2022/12/img_191866-390x220.jpg HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:36 GMT
content-type: image/jpeg
content-length: 10803
last-modified: Fri, 09 Dec 2022 07:02:00 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:37 GMT
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/uploads/2022/12/Masa-Cvetkovic-526x675-1-e1670568680882-390x220.jpg
163.172.204.208200 OK 24 kB URL HTTP/2 va1.info/wp-content/uploads/2022/12/Masa-Cvetkovic-526x675-1-e1670568680882-390x220.jpg
IP 163.172.204.208:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 390x220, components 3\012- data
Hash 945d559d991694992b7f19c46881b93c
d25a8dea2f6020172bdccdb6c4415a7ad41f4c17
cb343e4e452d8d2d511f6cb8041b526d2603c7e51d427d2c999fcd6c6a7af0d6
GET /wp-content/uploads/2022/12/Masa-Cvetkovic-526x675-1-e1670568680882-390x220.jpg HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:36 GMT
content-type: image/jpeg
content-length: 23768
last-modified: Fri, 09 Dec 2022 06:51:20 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:37 GMT
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/uploads/2022/12/catsp-385x220.jpg
163.172.204.208200 OK 14 kB URL HTTP/2 va1.info/wp-content/uploads/2022/12/catsp-385x220.jpg
IP 163.172.204.208:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 385x220, components 3\012- data
Hash 15d11d9acb8a9d27ac40fddf8172d5ee
cc2e171753b7a0a571c59e506ee07905f2aea815
82c2714dddd6a3db48348a26c8dcaa3789b283b9a095a35df6709fbc3b95a5a4
GET /wp-content/uploads/2022/12/catsp-385x220.jpg HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:36 GMT
content-type: image/jpeg
content-length: 14515
last-modified: Fri, 09 Dec 2022 06:46:13 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:37 GMT
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2
163.172.204.208200 OK 101 kB URL HTTP/2 va1.info/wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2
IP 163.172.204.208:0
Size 101 kB (100692 bytes)
Hash 6fab82e6a7720ca848f81da413b751f9
c553eb9652a8f72ce26cb74471dfe45e5d6818f6
13e1aa09d66583e078e55e315de7b9ab677aaeccda9a48d82a18ffa526e743f3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2 HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:35 GMT
content-type: font/woff2
last-modified: Tue, 01 Nov 2022 10:47:50 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:33 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
X-Firefox-Spdy: h2
va1.info/wp-content/uploads/2022/12/idjphoto.rs-320-390x220.jpg
163.172.204.208200 OK 17 kB URL HTTP/2 va1.info/wp-content/uploads/2022/12/idjphoto.rs-320-390x220.jpg
IP 163.172.204.208:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 390x220, components 3\012- data
Hash 3c79c6a82b8db21113cc14a5721f35d7
d218add73bddfe7cb2053360eda8cc60ba1b98dc
72108869a997cc11c1c1e645af449973fc4bb2b4dab4b29115eaa6964cce9db5
GET /wp-content/uploads/2022/12/idjphoto.rs-320-390x220.jpg HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:36 GMT
content-type: image/jpeg
content-length: 17049
last-modified: Wed, 07 Dec 2022 11:32:42 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:37 GMT
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/uploads/2022/12/1670336208432-390x220.jpg
163.172.204.208200 OK 24 kB URL HTTP/2 va1.info/wp-content/uploads/2022/12/1670336208432-390x220.jpg
IP 163.172.204.208:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 390x220, components 3\012- data
Hash 5e738260f6fb3f4047cf95068dcf6404
681042a1803796615b356dc25028044e64a915b3
1c57a3245f43df2540eac49375d4bbe4f03d37bb7a1838ed624eaf6f24a0a8ad
GET /wp-content/uploads/2022/12/1670336208432-390x220.jpg HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:36 GMT
content-type: image/jpeg
content-length: 23875
last-modified: Wed, 07 Dec 2022 11:26:15 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:37 GMT
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/uploads/2022/12/img_191704-390x220.jpg
163.172.204.208200 OK 18 kB URL HTTP/2 va1.info/wp-content/uploads/2022/12/img_191704-390x220.jpg
IP 163.172.204.208:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 390x220, components 3\012- data
Hash 7aa2b3903c8b3566a3de42985469f52c
6dc67176329368126ec9c4777502c5d4c0a01d5d
60f81fbbdfcbf76d583ad3557b1919f27c8f26cd7640a71de0465c1257cb6d64
GET /wp-content/uploads/2022/12/img_191704-390x220.jpg HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:36 GMT
content-type: image/jpeg
content-length: 18319
last-modified: Wed, 07 Dec 2022 11:19:06 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:37 GMT
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/themes/jannah/assets/fonts/fontawesome/fa-brands-400.woff2
163.172.204.208200 OK 77 kB URL HTTP/2 va1.info/wp-content/themes/jannah/assets/fonts/fontawesome/fa-brands-400.woff2
IP 163.172.204.208:0
File type Web Open Font Format (Version 2), TrueType, length 76612, version 331.524\012- data
Hash c3f92d39680174a074b0c724b32250ee
5800250eb8aa5cd89255e5bebacb1b7a83c84ba0
fa5763fd3dea15bf4e50dcdde6ab4f26cbc9f222e623f40edbfa75ac197332d6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/fonts/fontawesome/fa-brands-400.woff2 HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:35 GMT
content-type: font/woff2
last-modified: Tue, 01 Nov 2022 10:47:50 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:36 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
X-Firefox-Spdy: h2
va1.info/favicon.ico
163.172.204.208302 Found 0 B IP 163.172.204.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.0.1670631875.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Sat, 10 Dec 2022 00:24:36 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://va1.info/wp-includes/images/w-logo-blue-white-bg.png
x-dns-prefetch-control: on
link: <https://va1.info/wp-json/>; rel="https://api.w.org/"
x-litespeed-tag: 3b7_HTTP.200,3b7_HTTP.302
x-redirect-by: WordPress
vary: User-Agent
server: PH-nginx
X-Firefox-Spdy: h2
va1.info/wp-includes/images/w-logo-blue-white-bg.png
163.172.204.208200 OK 4.1 kB URL HTTP/2 va1.info/wp-includes/images/w-logo-blue-white-bg.png
IP 163.172.204.208:0
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://va1.info/es/clients/login.php?verification
Connection: keep-alive
Cookie: stl_script=lat; _lscache_vary=917aea3f46bfc94f9541847e06f43399; _ga_3S01SN2VHN=GS1.1.1670631872.1.1.1670631876.0.0.0; _ga=GA1.2.419400610.1670631873; _gid=GA1.2.93729473.1670631873; _gat_gtag_UA_213886338_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:38 GMT
content-type: image/png
content-length: 4119
last-modified: Sat, 05 Nov 2022 18:34:01 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:37 GMT
server: PH-nginx
accept-ranges: bytes
X-Firefox-Spdy: h2
va1.info/wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2
163.172.204.208200 OK 0 B URL HTTP/2 va1.info/wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2
IP 163.172.204.208:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2 HTTP/1.1
Host: va1.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://va1.info/es/clients/login.php?verification
Cookie: stl_script=lat
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 00:24:32 GMT
content-type: font/woff2
last-modified: Tue, 01 Nov 2022 10:47:50 GMT
cache-control: max-age=31557600
expires: Sun, 10 Dec 2023 06:24:33 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
server: PH-nginx
X-Firefox-Spdy: h2