r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2421
Expires: Sun, 29 Jan 2023 16:36:25 GMT
Date: Sun, 29 Jan 2023 15:56:04 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16530
Expires: Sun, 29 Jan 2023 20:31:34 GMT
Date: Sun, 29 Jan 2023 15:56:04 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 15:35:38 GMT
content-type: application/json
age: 1227
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9315
Expires: Sun, 29 Jan 2023 18:31:20 GMT
Date: Sun, 29 Jan 2023 15:56:05 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: KKRRWp9Sg90VwWPappzCePU3tC1SPxCeEH2Nk6JCUfgrOBgTCaofso/o0xCB95Coy+/vK7USRow=
x-amz-request-id: GH1B9V5AZJCSXPQH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 15:50:22 GMT
age: 343
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 15:56:05 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 15:49:04 GMT
age: 421
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
rebeltrue.com/
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
x-powered-by: PHP/7.4.32
set-cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F; expires=Sun, 26-Feb-2023 15:56:05 GMT; Max-Age=2419200; path=/; secure; SameSite=Strict
content-type: text/html; charset=UTF-8
x-pingback: http://www.rebeltrue.com/xmlrpc.php
x-redirect-by: WordPress
location: https://www.rebeltrue.com/
content-length: 0
date: Sun, 29 Jan 2023 15:56:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15085
Expires: Sun, 29 Jan 2023 20:07:30 GMT
Date: Sun, 29 Jan 2023 15:56:05 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RMxAytrgFOh+NquNcZV1lg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NofajBLe0gN5MpGA4f4zcAwHITQ=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8510486c0edb39ffdfb0b3a06d1bad86
0f95b43ecdf7525dab5485f70478af0962891ff6
0193df64dddc2d7002de2e61cec2faea2eb7fb07b6faa1cff25113958d7185bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0193DF64DDDC2D7002DE2E61CEC2FAEA2EB7FB07B6FAA1CFF25113958D7185BC"
Last-Modified: Fri, 27 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21574
Expires: Sun, 29 Jan 2023 21:55:40 GMT
Date: Sun, 29 Jan 2023 15:56:06 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5020
Expires: Sun, 29 Jan 2023 17:19:47 GMT
Date: Sun, 29 Jan 2023 15:56:07 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5020
Expires: Sun, 29 Jan 2023 17:19:47 GMT
Date: Sun, 29 Jan 2023 15:56:07 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5020
Expires: Sun, 29 Jan 2023 17:19:47 GMT
Date: Sun, 29 Jan 2023 15:56:07 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5020
Expires: Sun, 29 Jan 2023 17:19:47 GMT
Date: Sun, 29 Jan 2023 15:56:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 20:46:16 GMT
age: 68991
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10a6491e2c1dfde68c7cd7297e70700f
d0f195319825a6d3e5e50ad15b2fcab27cb65896
4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11470
x-amzn-requestid: 62d61967-9380-4ca9-b11a-531425dbd2ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIf6WFgAIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce042-6d9fe51029094b7f37c0a648;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUIvvkZQ028ey3klplI-x9oZFugon5HsAWT-SN2GQo5hBeBJWqoMAg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 04:01:15 GMT
age: 42892
etag: "d0f195319825a6d3e5e50ad15b2fcab27cb65896"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c77437e3a7361861aed8bfecbfe6bd6
fefd238c13c0fdfb7d964c90fcc8a8cbbf953034
282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5594
x-amzn-requestid: a13a8181-5783-42c1-9fda-1fcf8db4f0f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVpetFv-oAMF_Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d222c4-68165b34525ca2a054f0b505;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 06:50:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rJbdYq3bZDatEVvC83VR5WiWOFwNwVZEB16ez21KdnQJJrgJ-yKPCg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 14:55:48 GMT
age: 3619
etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:56:46 GMT
age: 64761
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21dfd3ff-6ef1-481d-b7af-d5f7eb830cde.jpeg
200 OK 3.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21dfd3ff-6ef1-481d-b7af-d5f7eb830cde.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 801d4d643e2fe5f23a2dcaa77c133ab8
b4a01701d16b84047d7c62d5ffa5165865042c57
f4f6a4902c0703b901271a0360c7ebbdb33fe85a68203e10639ae655b2bbe004
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21dfd3ff-6ef1-481d-b7af-d5f7eb830cde.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3203
x-amzn-requestid: 50873744-cce9-4788-9f05-9e66ba943b2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fFEd_HBwoAMF-Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb8126-7e5f1963639215cb43992cd5;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 06:07:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ho5pTWplXBixyAs_iFwd0VPitF4IjOYaCNa_XdQ-BFH7kTuDIsca0g==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 22:03:16 GMT
age: 64371
etag: "b4a01701d16b84047d7c62d5ffa5165865042c57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43c4a8e963936a8064dbd2bd3c67b905
8508727c97127c98b886833af28b3470306216c2
070c29fe7c0a227029483d675eac863904ab6b291467acdf62167f4845699c21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8652
x-amzn-requestid: 21c734f0-cd73-4691-812e-7cd3908f8f89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRbH4HtPIAMFUGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d07232-291e20fb41c53db7664d04b2;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 00:05:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: j2zDtHz3pZLHJKG3-PaITyUzHOQBEELzuDIt7sbB8X_B10OxG394tg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 06:49:29 GMT
age: 32798
etag: "8508727c97127c98b886833af28b3470306216c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 15:56:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 15:56:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 15:56:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jqueryui/1.11.3/themes/smoothness/jquery-ui.css?ver=6.0.2
200 OK 8.1 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.11.3/themes/smoothness/jquery-ui.css?ver=6.0.2
IP
File type ASCII text, with very long lines (2363)
Hash 2f84e521c96f0f0cc5f98da6d4ce762d
e0a26edaad9f7f69f8c38e2c6c6caf22784824e0
cc0eed5341b7d7f5400841d655d4550c9c018aee1dc6ac0240056f497d3f1ff2
GET /ajax/libs/jqueryui/1.11.3/themes/smoothness/jquery-ui.css?ver=6.0.2 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 8060
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 02:33:27 GMT
expires: Sat, 27 Jan 2024 02:33:27 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/css; charset=UTF-8
age: 220961
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto+Condensed%3A300italic%2C400italic%2C700italic%2C300%2C400%2C700&ver=6.0.2
200 OK 1.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto+Condensed%3A300italic%2C400italic%2C700italic%2C300%2C400%2C700&ver=6.0.2
IP
Hash 87c5d2d4d984bb7343f8c43f7bcf316e
385ee8eab21bd2c90a512e4a677ac59e26e4368f
d99b28662b97a7deb9ebf0e0dae4f2d214b8663885e503df05660c3c60c87e17
GET /css?family=Roboto+Condensed%3A300italic%2C400italic%2C700italic%2C300%2C400%2C700&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 15:56:08 GMT
date: Sun, 29 Jan 2023 15:56:08 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A300italic%2C400italic%2C700italic%2C300%2C400%2C700&ver=6.0.2
200 OK 1.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A300italic%2C400italic%2C700italic%2C300%2C400%2C700&ver=6.0.2
IP
Hash d4de93f9e5989161a0e11eb631f3a6db
8a995496d76e0c6058b5a476b78ad5bb001de58c
2cc6bc3dc2b6e785337fb71fcfe052726d3cacb660984bacd572d19cfa9d45d9
GET /css?family=Roboto%3A300italic%2C400italic%2C700italic%2C300%2C400%2C700&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 15:56:08 GMT
date: Sun, 29 Jan 2023 15:56:08 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-includes/css/dashicons.min.css?ver=6.0.2
200 OK 35 kB URL HTTP/2 www.rebeltrue.com/wp-includes/css/dashicons.min.css?ver=6.0.2
IP
File type ASCII text, with very long lines (58981)
Hash 54c5bfb8a890d87139d9abfe01662c83
f9eddf5b8a3269e6d6fa40b4f13083705e6267c6
9685e5cabe4efc8c85e986725af8009b306416aad3ecc9086ca5bb12b84ce4ef
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dashicons.min.css?ver=6.0.2 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:08 GMT
content-type: text/css
last-modified: Sat, 21 Jan 2023 20:41:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 35110
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
200 OK 4.0 kB URL HTTP/2 www.rebeltrue.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:08 GMT
content-type: application/javascript
last-modified: Sat, 21 Jan 2023 20:41:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
200 OK 30 kB URL HTTP/2 www.rebeltrue.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
File type ASCII text, with very long lines (65447)
Hash 34f918ada1fe4f01c5a4b90065bbc37a
a731f6ce2d413805e39ae45994012b1bd5ea1e2b
eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:08 GMT
content-type: application/javascript
last-modified: Sat, 21 Jan 2023 20:41:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30273
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.9.4
200 OK 2.3 kB URL HTTP/2 www.rebeltrue.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.9.4
IP
File type HTML document, ASCII text, with very long lines (3059)
Hash 283eb62ba4f8a80e8ff2353c822f5667
0b325f66f1a89ab39ad37e145bf615daae3bddf9
d24797726e6c3eec5ef5ae5908873b305b869cb3ed73a9ad1d619adcde372886
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.9.4 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:08 GMT
content-type: application/javascript
last-modified: Fri, 30 Sep 2022 19:09:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2261
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/cache/autoptimize/js/autoptimize_single_81fbaa633684642257589d524a99bb07.js?ver=6.5.0
200 OK 1.4 kB URL HTTP/2 www.rebeltrue.com/wp-content/cache/autoptimize/js/autoptimize_single_81fbaa633684642257589d524a99bb07.js?ver=6.5.0
IP
File type ASCII text, with very long lines (756)
Hash 22dde8c662c1e37273149c81b76c3fd4
47f9d8c749bf24a5d6d4e1b2e6260abb8139afa6
66eba30fadbcb349e35372b857e7b1e71f856c02f46645f3e88f00d4d6d680b5
GET /wp-content/cache/autoptimize/js/autoptimize_single_81fbaa633684642257589d524a99bb07.js?ver=6.5.0 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30672000,public, immutable
expires: Fri, 19 Jan 2024 15:56:08 GMT
content-type: application/javascript
last-modified: Sat, 21 Jan 2023 20:41:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1360
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/cache/autoptimize/js/autoptimize_single_eca1ea6f7fa76b649830dadaa5c1fcc0.js?ver=1.0
200 OK 186 B URL HTTP/2 www.rebeltrue.com/wp-content/cache/autoptimize/js/autoptimize_single_eca1ea6f7fa76b649830dadaa5c1fcc0.js?ver=1.0
IP
File type ASCII text, with no line terminators
Hash cf96a619db03de6135b0cd8836c79f1a
88661240c14f088bb75de38f8928b9fe43d3a6aa
a6df0697fe5a200ef374cba7f4ff9ea74ac06117e47109dd83dba28b6e93cc3e
GET /wp-content/cache/autoptimize/js/autoptimize_single_eca1ea6f7fa76b649830dadaa5c1fcc0.js?ver=1.0 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30672000,public, immutable
expires: Fri, 19 Jan 2024 15:56:08 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 21:02:42 GMT
accept-ranges: bytes
content-length: 186
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/
200 OK 257 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (43794)
Size 257 kB (257430 bytes)
Hash 716938430a995e6fda89277533089223
e6cfdc7cbb25d6873c477862b9ad4337b7e54058
9017a95285fcdf1967c5ef0befe53b5f96c942e2ac75c4d041049e415871db64
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.4.32
set-cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F; expires=Sun, 26-Feb-2023 15:56:06 GMT; Max-Age=2419200; path=/; secure; SameSite=Strict
content-type: text/html; charset=UTF-8
x-pingback: https://www.rebeltrue.com/xmlrpc.php
link: <https://www.rebeltrue.com/wp-json/>; rel="https://api.w.org/", <https://www.rebeltrue.com/wp-json/wp/v2/pages/9825>; rel="alternate"; type="application/json", <https://www.rebeltrue.com/>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 15:56:07 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
i0.wp.com/www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MT-001-1.jpg?resize=330%2C330&ssl=1
200 OK 3.8 kB URL HTTP/2 i0.wp.com/www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MT-001-1.jpg?resize=330%2C330&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 330x330, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c9fc88d3093e5caa71e182947f84b5ca
29acb4c870cdd7f6b6c4ff5221bccb8fe7cb7c8f
977d99a6849fb62bceb40570bd5762a804e51c5fb21fd62dfb489307c6dfec55
GET /www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MT-001-1.jpg?resize=330%2C330&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 15:56:08 GMT
content-type: image/webp
content-length: 3778
last-modified: Sun, 29 Jan 2023 10:41:56 GMT
expires: Tue, 28 Jan 2025 22:41:56 GMT
cache-control: public, max-age=63115200
link: <https://www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MT-001-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "1baaab2dbb627dfb"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MS-001-1.jpg?resize=330%2C330&ssl=1
200 OK 3.2 kB URL HTTP/2 i0.wp.com/www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MS-001-1.jpg?resize=330%2C330&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 330x330, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b7ee06173589526c7ed0be125e71b84d
afde89be3469d20b156eb580ac96ec6c811a6122
1cd827584b42a76092d6dae558635d305d442ae3c1c1e18a89c0645a72f4a2d4
GET /www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MS-001-1.jpg?resize=330%2C330&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 15:56:08 GMT
content-type: image/webp
content-length: 3200
last-modified: Sun, 29 Jan 2023 10:41:56 GMT
expires: Tue, 28 Jan 2025 22:41:56 GMT
cache-control: public, max-age=63115200
link: <https://www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MS-001-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "4a66cd4c3e0248f9"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/www.rebeltrue.com/wp-content/plugins/revslider/public/assets/assets/dummy.png?resize=1140%2C388
200 OK 46 B URL HTTP/2 i0.wp.com/www.rebeltrue.com/wp-content/plugins/revslider/public/assets/assets/dummy.png?resize=1140%2C388
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash d18a8d50a1c57c6bf8c7e92bc38f9405
dee2d5d0c0ce506434bc59e5433dbaba21c1d214
32fdd3f1ef43e8794210b89eb6a39fb6d62a7050c23847a7ffe1bcce98d6c8c0
GET /www.rebeltrue.com/wp-content/plugins/revslider/public/assets/assets/dummy.png?resize=1140%2C388 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 15:56:08 GMT
content-type: image/webp
content-length: 46
last-modified: Sun, 29 Jan 2023 15:56:08 GMT
expires: Wed, 29 Jan 2025 03:56:08 GMT
cache-control: public, max-age=63115200
link: <http://www.rebeltrue.com/wp-content/plugins/revslider/public/assets/assets/dummy.png>; rel="canonical"
x-content-type-options: nosniff
etag: "fbb17f0cddeecbf3"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MT-003-1.jpg?resize=330%2C330&ssl=1
200 OK 2.5 kB URL HTTP/2 i0.wp.com/www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MT-003-1.jpg?resize=330%2C330&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 330x330, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c50a224def33388bf10ac0f6055151f4
2f19e3b3bb747b295c07e949c614da12b1c9a777
0ca2ce9e9a88e0988073b66768c1fe0ab60bfeeb01aad23badfc58bafad33a35
GET /www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MT-003-1.jpg?resize=330%2C330&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 15:56:08 GMT
content-type: image/webp
content-length: 2540
last-modified: Sun, 29 Jan 2023 15:56:08 GMT
expires: Wed, 29 Jan 2025 03:56:08 GMT
cache-control: public, max-age=63115200
link: <https://www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MT-003-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "897b87b394f39b09"
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MSP-002-1.jpg?resize=330%2C330&ssl=1
200 OK 3.7 kB URL HTTP/2 i0.wp.com/www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MSP-002-1.jpg?resize=330%2C330&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 330x330, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b5de133cfb9fc0963237f335ff4d387c
a37963af7383a02142fc65dc4f106d25178afe51
6778311f871481b006e80c5056009dd9d7fa53b8088f5ef77c04ec7ec630561a
GET /www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MSP-002-1.jpg?resize=330%2C330&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 15:56:08 GMT
content-type: image/webp
content-length: 3720
last-modified: Sun, 29 Jan 2023 15:56:08 GMT
expires: Wed, 29 Jan 2025 03:56:08 GMT
cache-control: public, max-age=63115200
link: <https://www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MSP-002-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "2ffcf552c44d8435"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
stats.wp.com/s-202304.js
200 OK 6.7 kB IP
File type ASCII text, with very long lines (9364), with no line terminators
Hash 01af83381db81b3a83f0dc60b029ca31
435b080226ca62595f484fda5a39fbd91f70b233
6621862d38b48d2667d36596f63e94b82b8e55050d9dd5d351bb2eba6e825fb4
GET /s-202304.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 15:56:08 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b688-2494"
content-encoding: br
expires: Mon, 22 Jan 2024 15:38:27 GMT
cache-control: max-age=31536000
x-nc: HIT arn
X-Firefox-Spdy: h2
i0.wp.com/www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MT-002-1.jpg?resize=330%2C330&ssl=1
200 OK 4.7 kB URL HTTP/2 i0.wp.com/www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MT-002-1.jpg?resize=330%2C330&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 330x330, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ff8709464a795df65910fe31e87cf523
f0cb4cbbc67133ae0e37937cb50e784b2f6f22b6
85093660f715042b7c66ddd784937557a8355f73933317d67da2507d747b2b7a
GET /www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MT-002-1.jpg?resize=330%2C330&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 15:56:08 GMT
content-type: image/webp
content-length: 4708
last-modified: Sun, 29 Jan 2023 15:56:08 GMT
expires: Wed, 29 Jan 2025 03:56:08 GMT
cache-control: public, max-age=63115200
link: <https://www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MT-002-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "647ece81839b4e12"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-BKPS-001-1.jpg?resize=330%2C330&ssl=1
200 OK 12 kB URL HTTP/2 i0.wp.com/www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-BKPS-001-1.jpg?resize=330%2C330&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 330x330, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bc5b691ef3c883e0fb62187b36fd7571
6e101ca5d341fbb9fdef389c8a83628d53bce153
8895fc115734e83e675c76d0542237c748ddd20066c30dc5c62b8efa66e8d573
GET /www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-BKPS-001-1.jpg?resize=330%2C330&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 15:56:08 GMT
content-type: image/webp
content-length: 11856
last-modified: Sun, 29 Jan 2023 15:56:08 GMT
expires: Wed, 29 Jan 2025 03:56:08 GMT
cache-control: public, max-age=63115200
link: <https://www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-BKPS-001-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "68af39bba8acfcf0"
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/www.rebeltrue.com/wp-content/uploads/2022/12/MM1022-MZH-002-1.jpg?resize=330%2C330&ssl=1
200 OK 2.6 kB URL HTTP/2 i0.wp.com/www.rebeltrue.com/wp-content/uploads/2022/12/MM1022-MZH-002-1.jpg?resize=330%2C330&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 330x330, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3d5aabcedaf650939cbfaee9a627b87f
c9cc100b1b46b3cbaa4ce7c064d7fef90d1d4268
1575c26cb863050c831eda4546c0ca1414a41c6a4eac61339598107e46b468d7
GET /www.rebeltrue.com/wp-content/uploads/2022/12/MM1022-MZH-002-1.jpg?resize=330%2C330&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 15:56:08 GMT
content-type: image/webp
content-length: 2602
last-modified: Sun, 29 Jan 2023 15:56:08 GMT
expires: Wed, 29 Jan 2025 03:56:08 GMT
cache-control: public, max-age=63115200
link: <https://www.rebeltrue.com/wp-content/uploads/2022/12/MM1022-MZH-002-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "34ae203e7b29de62"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 2.8 kB IP
File type gzip compressed data, max compression\012- data
Hash c06ce55fe38b59a6da4895427310ca27
b6f5a58427950fcec9e654b539380e4aa1def850
3e64726592456ef18b2356d7470dfe41359f157d5a30ae5c9c3bca5eacafb794
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 15:56:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MSP-004-1.jpg?resize=330%2C330&ssl=1
200 OK 4.7 kB URL HTTP/2 i0.wp.com/www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MSP-004-1.jpg?resize=330%2C330&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 330x330, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bfe158b8f45c0940eef7e2020c03bb1c
106f1f11644c39015e8b333afdc26eed84eb6ad1
ec4f7c080c0b3ed3fba1a73026c936680e923db43d8e297b7c7dcd868a7adbb2
GET /www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MSP-004-1.jpg?resize=330%2C330&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 15:56:08 GMT
content-type: image/webp
content-length: 4666
last-modified: Sun, 29 Jan 2023 15:56:08 GMT
expires: Wed, 29 Jan 2025 03:56:08 GMT
cache-control: public, max-age=63115200
link: <https://www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MSP-004-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "38c79ae3d210c8d9"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/www.rebeltrue.com/wp-content/uploads/2022/11/MM1122-BTS-01-1.jpg?resize=330%2C330&ssl=1
200 OK 7.8 kB URL HTTP/2 i0.wp.com/www.rebeltrue.com/wp-content/uploads/2022/11/MM1122-BTS-01-1.jpg?resize=330%2C330&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 330x330, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 75a6aac8eafa322d48f819e95668dd5b
e50ecae4602885cb3117eb5b33325adc3f3114b5
9d4dbbd6899b11e6de0581b720dbab7f548c51459df691c39796587a5fce5e6e
GET /www.rebeltrue.com/wp-content/uploads/2022/11/MM1122-BTS-01-1.jpg?resize=330%2C330&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 15:56:08 GMT
content-type: image/webp
content-length: 7800
last-modified: Sun, 29 Jan 2023 15:56:08 GMT
expires: Wed, 29 Jan 2025 03:56:08 GMT
cache-control: public, max-age=63115200
link: <https://www.rebeltrue.com/wp-content/uploads/2022/11/MM1122-BTS-01-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "066dc5fa2011d049"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/www.rebeltrue.com/wp-content/uploads/2022/12/MM1122-BTS-03-1.jpg?resize=330%2C330&ssl=1
200 OK 7.1 kB URL HTTP/2 i0.wp.com/www.rebeltrue.com/wp-content/uploads/2022/12/MM1122-BTS-03-1.jpg?resize=330%2C330&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 330x330, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2a658a3cf9cf8aa3fdc1f857818665ab
ef107094615e681b769155a89de23debcd11de19
8c1f402b867d4de32dac39b2a82f9eb89bccdc2af4f8e024330b158e13749b52
GET /www.rebeltrue.com/wp-content/uploads/2022/12/MM1122-BTS-03-1.jpg?resize=330%2C330&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 15:56:08 GMT
content-type: image/webp
content-length: 7120
last-modified: Sun, 29 Jan 2023 15:56:08 GMT
expires: Wed, 29 Jan 2025 03:56:08 GMT
cache-control: public, max-age=63115200
link: <https://www.rebeltrue.com/wp-content/uploads/2022/12/MM1122-BTS-03-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "32ddc460bd57b0e6"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MSP-001-1.jpg?resize=330%2C330&ssl=1
200 OK 5.7 kB URL HTTP/2 i0.wp.com/www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MSP-001-1.jpg?resize=330%2C330&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 330x330, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a1a13a345b323933c61f0126da910316
96b8eeb474b3d98a46c2d92254dee0e138705aa8
4b8ca7f1b04e1a8f3e0b0997a177a6f46a8fe21f8281d661137e32ec21776d75
GET /www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MSP-001-1.jpg?resize=330%2C330&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 15:56:08 GMT
content-type: image/webp
content-length: 5652
last-modified: Sun, 29 Jan 2023 15:56:08 GMT
expires: Wed, 29 Jan 2025 03:56:08 GMT
cache-control: public, max-age=63115200
link: <https://www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MSP-001-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "41ab4d6898f8534f"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.3.6
200 OK 47 kB URL HTTP/2 www.rebeltrue.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.3.6
IP
File type ASCII text, with very long lines (42889)
Hash ec1f108f14d70c06d5ce3b2a9fa0f1ec
f2820009c4bd7804668716824d0402b3f7ed201a
a8ad29f49f1fef26fbab32973be156d304fb723186af106713d182559dc8b3d8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.3.6 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:08 GMT
content-type: application/javascript
last-modified: Tue, 19 Jan 2021 10:11:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 46880
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
i0.wp.com/www.rebeltrue.com/wp-content/uploads/2022/12/MM1122-BTS-02-1.jpg?resize=330%2C330&ssl=1
200 OK 7.5 kB URL HTTP/2 i0.wp.com/www.rebeltrue.com/wp-content/uploads/2022/12/MM1122-BTS-02-1.jpg?resize=330%2C330&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 330x330, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash af6abe837d4857c47bfcc335a6362df0
aa3b8a9e94697cf57a6d286fe315fb426f96ec9e
ca954f07f1a215b6f3e2cdf600bd3d658fa691dfa7fd270c768474f6b191afd4
GET /www.rebeltrue.com/wp-content/uploads/2022/12/MM1122-BTS-02-1.jpg?resize=330%2C330&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 15:56:08 GMT
content-type: image/webp
content-length: 7450
last-modified: Sun, 29 Jan 2023 15:56:08 GMT
expires: Wed, 29 Jan 2025 03:56:08 GMT
cache-control: public, max-age=63115200
link: <https://www.rebeltrue.com/wp-content/uploads/2022/12/MM1122-BTS-02-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "6e485e969263fbda"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MSP-003-1.jpg?resize=330%2C330&ssl=1
200 OK 8.7 kB URL HTTP/2 i0.wp.com/www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MSP-003-1.jpg?resize=330%2C330&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 330x330, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e795e9836a20e7fdfc59bd5452bceb02
ad94cfec529d6a9de49fc4cbaaa5085271df249d
203d5d2b37f05d46a9d3346d179fa58484e314f4a4c986a901fd053b619474db
GET /www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MSP-003-1.jpg?resize=330%2C330&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 15:56:08 GMT
content-type: image/webp
content-length: 8686
last-modified: Sun, 29 Jan 2023 15:56:08 GMT
expires: Wed, 29 Jan 2025 03:56:08 GMT
cache-control: public, max-age=63115200
link: <https://www.rebeltrue.com/wp-content/uploads/2022/11/MM1022-MSP-003-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "261c7070c2f5e0e1"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/www.rebeltrue.com/wp-content/uploads/2022/12/MM1122-BTS-04-1.jpg?resize=330%2C330&ssl=1
200 OK 5.3 kB URL HTTP/2 i0.wp.com/www.rebeltrue.com/wp-content/uploads/2022/12/MM1122-BTS-04-1.jpg?resize=330%2C330&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 330x330, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 66300bff56386cfbe8dba108276e3d88
ecef680396959197e9c2f5e3fa560a0b7dde9b1c
778372133b518fc69b8969cfc84014df89d1d7f39e7ec33eaae6ad1108555b7f
GET /www.rebeltrue.com/wp-content/uploads/2022/12/MM1122-BTS-04-1.jpg?resize=330%2C330&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 15:56:08 GMT
content-type: image/webp
content-length: 5314
last-modified: Sun, 29 Jan 2023 15:56:08 GMT
expires: Wed, 29 Jan 2025 03:56:08 GMT
cache-control: public, max-age=63115200
link: <https://www.rebeltrue.com/wp-content/uploads/2022/12/MM1122-BTS-04-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "1bba67ab13a3f77c"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-YQFXHBPZXK
200 OK 80 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-YQFXHBPZXK
IP
File type ASCII text, with very long lines (27699)
Hash 6e7cb4b5398fd7ef02631560f94c6dc7
7d3234b92bfcf80094097a958ca78c9ee7ffd00d
9938c4751851afe1ea7cd995f4108e3f4365f88cc114c7ee4c8a31cf68dfb511
GET /gtag/js?id=G-YQFXHBPZXK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 15:56:08 GMT
expires: Sun, 29 Jan 2023 15:56:08 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79523
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 15:56:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 15:56:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 15:56:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data
Hash 3d7f7413fca69bff4d231ebdc50aaab0
cb18e7943b6a8a0e3672d7242197c19a226b92e8
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rebeltrue.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 09:52:09 GMT
expires: Sat, 27 Jan 2024 09:52:09 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
content-type: font/woff2
age: 194639
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 15:56:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
IP
File type gzip compressed data, max compression\012- data
Hash caf49055657edccc6c4996183bce1259
c4e3c3dbb7135188520d1d1ac2d6fda306fcaa25
0c0ef92c955702402fbf9d52b4b4455103d1566cdb009fc8c6c330dd358c2e48
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rebeltrue.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 15:20:07 GMT
expires: Thu, 25 Jan 2024 15:20:07 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
content-type: font/woff2
age: 347761
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Abril+FatFace%3A400%2C400i%2C700%2C700i%7CAlegreya%3A400%2C400i%2C700%2C700i%7CAlegreya+Sans%3A400%2C400i%2C700%2C700i%7CAmatic+SC%3A400%2C400i%2C700%2C700i%7CAnonymous+Pro%3A400%2C400i%2C700%2C700i%7CArchitects+Daughter%3A400%2C400i%2C700%2C700i%7CArchivo%3A400%2C400i%2C700%2C700i%7CArchivo+Narrow%3A400%2C400i%2C700%2C700i%7CAsap%3A400%2C400i%2C700%2C700i%7CBarlow%3A400%2C400i%2C700%2C700i%7CBioRhyme%3A400%2C400i%2C700%2C700i%7CBonbon%3A400%2C400i%2C700%2C700i%7CCabin%3A400%2C400i%2C700%2C700i%7CCairo%3A400%2C400i%2C700%2C700i%7CCardo%3A400%2C400i%2C700%2C700i%7CChivo%3A400%2C400i%2C700%2C700i%7CConcert+One%3A400%2C400i%2C700%2C700i%7CCormorant%3A400%2C400i%2C700%2C700i%7CCrimson+Text%3A400%2C400i%2C700%2C700i%7CEczar%3A400%2C400i%2C700%2C700i%7CExo+2%3A400%2C400i%2C700%2C700i%7CFira+Sans%3A400%2C400i%2C700%2C700i%7CFjalla+One%3A400%2C400i%2C700%2C700i%7CFrank+Ruhl+Libre%3A400%2C400i%2C700%2C700i%7CGreat+Vibes%3A400%2C400i%2C700%2C700i&ver=6.0.2
200 OK 20 kB URL HTTP/2 fonts.googleapis.com/css?family=Abril+FatFace%3A400%2C400i%2C700%2C700i%7CAlegreya%3A400%2C400i%2C700%2C700i%7CAlegreya+Sans%3A400%2C400i%2C700%2C700i%7CAmatic+SC%3A400%2C400i%2C700%2C700i%7CAnonymous+Pro%3A400%2C400i%2C700%2C700i%7CArchitects+Daughter%3A400%2C400i%2C700%2C700i%7CArchivo%3A400%2C400i%2C700%2C700i%7CArchivo+Narrow%3A400%2C400i%2C700%2C700i%7CAsap%3A400%2C400i%2C700%2C700i%7CBarlow%3A400%2C400i%2C700%2C700i%7CBioRhyme%3A400%2C400i%2C700%2C700i%7CBonbon%3A400%2C400i%2C700%2C700i%7CCabin%3A400%2C400i%2C700%2C700i%7CCairo%3A400%2C400i%2C700%2C700i%7CCardo%3A400%2C400i%2C700%2C700i%7CChivo%3A400%2C400i%2C700%2C700i%7CConcert+One%3A400%2C400i%2C700%2C700i%7CCormorant%3A400%2C400i%2C700%2C700i%7CCrimson+Text%3A400%2C400i%2C700%2C700i%7CEczar%3A400%2C400i%2C700%2C700i%7CExo+2%3A400%2C400i%2C700%2C700i%7CFira+Sans%3A400%2C400i%2C700%2C700i%7CFjalla+One%3A400%2C400i%2C700%2C700i%7CFrank+Ruhl+Libre%3A400%2C400i%2C700%2C700i%7CGreat+Vibes%3A400%2C400i%2C700%2C700i&ver=6.0.2
IP
Hash 3be1f1f56f614455e14de55ef50815ad
d66fd25cdf44366d0c037b33a6c907e5da943a06
fb669056dcf107bc94c300171005ab7883d8aadddbb870aff2adbf6b983096ba
GET /css?family=Abril+FatFace%3A400%2C400i%2C700%2C700i%7CAlegreya%3A400%2C400i%2C700%2C700i%7CAlegreya+Sans%3A400%2C400i%2C700%2C700i%7CAmatic+SC%3A400%2C400i%2C700%2C700i%7CAnonymous+Pro%3A400%2C400i%2C700%2C700i%7CArchitects+Daughter%3A400%2C400i%2C700%2C700i%7CArchivo%3A400%2C400i%2C700%2C700i%7CArchivo+Narrow%3A400%2C400i%2C700%2C700i%7CAsap%3A400%2C400i%2C700%2C700i%7CBarlow%3A400%2C400i%2C700%2C700i%7CBioRhyme%3A400%2C400i%2C700%2C700i%7CBonbon%3A400%2C400i%2C700%2C700i%7CCabin%3A400%2C400i%2C700%2C700i%7CCairo%3A400%2C400i%2C700%2C700i%7CCardo%3A400%2C400i%2C700%2C700i%7CChivo%3A400%2C400i%2C700%2C700i%7CConcert+One%3A400%2C400i%2C700%2C700i%7CCormorant%3A400%2C400i%2C700%2C700i%7CCrimson+Text%3A400%2C400i%2C700%2C700i%7CEczar%3A400%2C400i%2C700%2C700i%7CExo+2%3A400%2C400i%2C700%2C700i%7CFira+Sans%3A400%2C400i%2C700%2C700i%7CFjalla+One%3A400%2C400i%2C700%2C700i%7CFrank+Ruhl+Libre%3A400%2C400i%2C700%2C700i%7CGreat+Vibes%3A400%2C400i%2C700%2C700i&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 15:56:08 GMT
date: Sun, 29 Jan 2023 15:56:08 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 15:56:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rebeltrue.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:33:54 GMT
expires: Thu, 25 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 332534
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCoYb8td.woff2
200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCoYb8td.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 11736, version 1.0\012- data
Hash df6439b6349b0acdf98abe056304ab18
d87d58325b8b12d441ae905581e20e0d2bc148ce
4a4f58434b93fbf37fcc36c1c167d30a4b1dc1f5fe8fc8f74796cab974aabd65
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCoYb8td.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rebeltrue.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11736
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 02:15:30 GMT
expires: Sat, 27 Jan 2024 02:15:30 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 19:06:20 GMT
content-type: font/woff2
age: 222038
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rebeltrue.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 10:26:49 GMT
expires: Sun, 28 Jan 2024 10:26:49 GMT
cache-control: public, max-age=31536000
age: 106159
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 15:56:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.rebeltrue.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.3.6
200 OK 84 kB URL HTTP/2 www.rebeltrue.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.3.6
IP
File type ASCII text, with very long lines (64270)
Hash dc2db7e844838bc035ce1d8a98ec5b25
b131c920008a0835b4197c43e066768efbb07e17
a82869a2fa9a8dadf2781f53a5ca4d63c61aafc57008897b7352bd60870cefe2
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.3.6 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:08 GMT
content-type: application/javascript
last-modified: Tue, 19 Jan 2021 10:11:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 83674
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.9.4
200 OK 4.5 kB URL HTTP/2 www.rebeltrue.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.9.4
IP
File type ASCII text, with very long lines (9137)
Hash d6f3e082afedc76aaa62303172418d9a
13d7622b30ec8552ad48f111517b2f2f0d551253
1c1c74aa1dd8301b76255358d3798d35dfb2e553dd8e0a0f2b8ee2c187822665
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.9.4 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:08 GMT
content-type: application/javascript
last-modified: Fri, 30 Sep 2022 19:09:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4534
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.1.4
200 OK 4.0 kB URL HTTP/2 www.rebeltrue.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.1.4
IP
File type ASCII text, with very long lines (7862)
Hash f64c37a03402dbcd5e37926e4ab208f7
1ea9b348b24e971410a336e79f98fb06f9dc1ad4
f8a35bcdec2b53402db80d2573b31b7dc145c84851261c6a07011ea4fbb43dca
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.1.4 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:08 GMT
content-type: application/javascript
last-modified: Fri, 13 Jan 2023 19:25:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3973
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/cache/autoptimize/js/autoptimize_single_5d4894dfb5fa6ce16d2fdd4b48a59650.js?ver=1673637942
200 OK 1.6 kB URL HTTP/2 www.rebeltrue.com/wp-content/cache/autoptimize/js/autoptimize_single_5d4894dfb5fa6ce16d2fdd4b48a59650.js?ver=1673637942
IP
File type ASCII text, with very long lines (4184), with no line terminators
Hash 50cdada4fe286eb6c4cb5e02f3e9961b
2d77fe1757933bf3f63bb4b7edfa736cb0fd8237
a172d0557c2b7feb4d3889a5ec18ac04ea731edac832c31a323c492b78ec0af9
GET /wp-content/cache/autoptimize/js/autoptimize_single_5d4894dfb5fa6ce16d2fdd4b48a59650.js?ver=1673637942 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30672000,public, immutable
expires: Fri, 19 Jan 2024 15:56:08 GMT
content-type: application/javascript
last-modified: Sat, 21 Jan 2023 20:41:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1554
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
200 OK 315 B URL HTTP/2 www.rebeltrue.com/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
IP
File type ASCII text, with very long lines (685), with no line terminators
Hash d0bcfb49afd752fe42b5209cb8f73cb5
21be3aa4b3396d2ecb5a4976bb1bf27c16df47f3
1840ddebc161930e097719c750cae797280780a4c4cbc8cae1f8479fbc999157
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:08 GMT
content-type: application/javascript
last-modified: Fri, 13 Jan 2023 19:26:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 315
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
200 OK 4.8 kB URL HTTP/2 www.rebeltrue.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
IP
File type Unicode text, UTF-8 text, with very long lines (14946)
Hash 84c322221e8ffa483072dd5802554ec5
c9c94a686c4636f396b809f5eacec5de1d04e32a
f09fc75717a4b7567f39341ffacfd76a19a49df347eca9aa7231507edca84e5f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:08 GMT
content-type: application/javascript
last-modified: Tue, 15 Mar 2022 14:44:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4815
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6
200 OK 6.7 kB URL HTTP/2 www.rebeltrue.com/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6
IP
File type HTML document, ASCII text, with very long lines (21332)
Hash 4e472ad4ad81f7b2577f25ff3b7701f3
29afb63059ab9325cc06f0cc3ddc48952ae1d858
2c1a2cbe56f872aaf8a712173320da83d5bb96ee8bb8254b54bcde8fa6918b05
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:08 GMT
content-type: application/javascript
last-modified: Fri, 30 Sep 2022 19:09:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6672
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.7.0
200 OK 7.5 kB URL HTTP/2 www.rebeltrue.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.7.0
IP
File type HTML document, ASCII text, with very long lines (24753)
Hash 38e42d9019d80cf3c8fa314df9e504d6
9532859db10932831422049275f7faa16d4031b9
f7d4ac7695b161da0efbcec0f5906ab84ce5904412415b63e609d66592410d9c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.7.0 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:08 GMT
content-type: application/javascript
last-modified: Tue, 15 Mar 2022 14:44:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7530
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.9.4
200 OK 2.2 kB URL HTTP/2 www.rebeltrue.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.9.4
IP
File type ASCII text, with very long lines (2960)
Hash 2f442919b87083216ed507dfd83fc1d0
435442b880bee12ad6ebe44be3bc1afb5c9482ca
72555e46457b38d1f218d52a218e84a05ed9dcc894d85d4a9404040cbf825d9d
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.9.4 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:08 GMT
content-type: application/javascript
last-modified: Fri, 30 Sep 2022 19:09:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2222
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.9.4
200 OK 2.0 kB URL HTTP/2 www.rebeltrue.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.9.4
IP
File type ASCII text, with very long lines (2161)
Hash 2d49721d572ac583d26b764317c3263e
9bf8c9d74507aa36f227966bd18e934190491c1d
585ee4e6f46a04850ff38c195d30f09f536119d6f1f8b4b0d31e667d3f7dad9e
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.9.4 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:08 GMT
content-type: application/javascript
last-modified: Fri, 30 Sep 2022 19:09:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1958
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.9.4
200 OK 2.2 kB URL HTTP/2 www.rebeltrue.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.9.4
IP
File type ASCII text, with very long lines (1690)
Hash 70f3ea2daefc4857e9cb5bad514d39b7
e06807a1628ffb9cab1d030ada4ac205ed48b4bb
aba2cd42f7d45ef1f621edb160a6d0df5315d265ebe7620d9633ab9bf103dd01
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.9.4 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:08 GMT
content-type: application/javascript
last-modified: Fri, 30 Sep 2022 19:09:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2182
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/cache/autoptimize/js/autoptimize_single_d2da7c7dca1a638925d3ee396aa4e7a8.js?ver=3.1-20121105
200 OK 2.6 kB URL HTTP/2 www.rebeltrue.com/wp-content/cache/autoptimize/js/autoptimize_single_d2da7c7dca1a638925d3ee396aa4e7a8.js?ver=3.1-20121105
IP
File type HTML document, ASCII text, with very long lines (2324)
Hash e08f8f4abc017d64b0069a04a7c8337d
1dad9916c9ba84bc55643175035dbaebfe655b96
8f5ead5a66af364df332ff0d2208781e5e74a5093ecf1d94836eba62f0c4257e
GET /wp-content/cache/autoptimize/js/autoptimize_single_d2da7c7dca1a638925d3ee396aa4e7a8.js?ver=3.1-20121105 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30672000,public, immutable
expires: Fri, 19 Jan 2024 15:56:08 GMT
content-type: application/javascript
last-modified: Sat, 21 Jan 2023 20:41:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2587
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/cache/autoptimize/js/autoptimize_single_c9f3362f5f18efb768a90acee8f27ffe.js?ver=1.0.0
200 OK 2.0 kB URL HTTP/2 www.rebeltrue.com/wp-content/cache/autoptimize/js/autoptimize_single_c9f3362f5f18efb768a90acee8f27ffe.js?ver=1.0.0
IP
File type ASCII text, with very long lines (3353)
Hash c65a512f283a4cc8aeb11778d3e5c089
35bdd7d2ac6d3e94a81cd176fbb89181e8c7885d
c6ac65aaef16428ec84e868dbd2b0a6537cd5f3ede405a6ac05e8a16b33a035c
GET /wp-content/cache/autoptimize/js/autoptimize_single_c9f3362f5f18efb768a90acee8f27ffe.js?ver=1.0.0 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30672000,public, immutable
expires: Fri, 19 Jan 2024 15:56:08 GMT
content-type: application/javascript
last-modified: Sat, 21 Jan 2023 20:41:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2047
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
200 OK 6.6 kB URL HTTP/2 www.rebeltrue.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 139a41f01d192d239e7dce15ca307983
62a3e7c0c77209832dc649bc5583e5e0b4918bf5
d796462a5d212cd93b315b43dafb6e77dbe1c3aa567964dc40c1ab0e2c28f405
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:08 GMT
content-type: application/javascript
last-modified: Sat, 21 Jan 2023 20:41:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6637
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1
200 OK 3.8 kB URL HTTP/2 www.rebeltrue.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1
IP
File type ASCII text, with very long lines (11760)
Hash cf07f8ed6f9f97c95566c2b77872c681
6b9c0b5521255b6b1dd77c1a0569224de7cc351c
c31ec4601e031d50be0b5732b8b22ed7055c990de764617f37093de9004ef206
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:08 GMT
content-type: application/javascript
last-modified: Sat, 21 Jan 2023 20:41:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3760
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/cache/autoptimize/js/autoptimize_single_c393b51d186e31af4dac75a1350d4041.js?ver=1.0.0
2.0 kB URL www.rebeltrue.com/wp-content/cache/autoptimize/js/autoptimize_single_c393b51d186e31af4dac75a1350d4041.js?ver=1.0.0
IP
Hash cd45ac51d4b0d9ca8ba7afede6ecfb18
a705280e005e98c3f82b196defbaa582c20d370f
9eab9439d871aa7eaee3e9883322deb6e113c28d96ebe38da7d9bd1ab0ff9872
GET /wp-content/cache/autoptimize/js/autoptimize_single_c393b51d186e31af4dac75a1350d4041.js?ver=1.0.0 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
www.rebeltrue.com/wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.6.2.01
200 OK 3.3 kB URL HTTP/2 www.rebeltrue.com/wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.6.2.01
IP
File type ASCII text, with very long lines (6876)
Hash 24f05c2bc2e1ae406a550962ba9fca7f
a3e9261eb49f0e19858cc404ca6c6e0bb11b7af0
54c6bc41d205453f8b43812796a3407bb79077ec20057d525f316aca3c253a45
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.6.2.01 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:08 GMT
content-type: application/javascript
last-modified: Sat, 02 Apr 2022 18:32:39 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3277
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/themes/aurum/assets/js/bootstrap.min.js
200 OK 11 kB URL HTTP/2 www.rebeltrue.com/wp-content/themes/aurum/assets/js/bootstrap.min.js
IP
File type ASCII text, with very long lines (32033)
Hash 4d5467a3555816216f9b0be17bb031af
b9b2626d9774b3a7977c69e21ecb15c1c65301e1
d73f7ae8566f8ef7d8ec238ef59be61e40ec50e6b8aa028dd4f9e402b23ff7b9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/aurum/assets/js/bootstrap.min.js HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:08 GMT
content-type: application/javascript
last-modified: Mon, 25 Jul 2016 06:51:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10837
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/themes/aurum/assets/js/TweenMax.min.js
200 OK 39 kB URL HTTP/2 www.rebeltrue.com/wp-content/themes/aurum/assets/js/TweenMax.min.js
IP
File type ASCII text, with very long lines (32033)
Hash 0c7a01320cb472e52b2ace39016ecd74
3387d437debda3c780a3de2bfc51aaeb970b5282
dd6ad48983b8a470bac1168ee5cf26c520e4a485bdd26e9c4d8c53645ffc79e5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/aurum/assets/js/TweenMax.min.js HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:08 GMT
content-type: application/javascript
last-modified: Tue, 03 Oct 2017 05:58:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 38754
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.5.0
200 OK 6.9 kB URL HTTP/2 www.rebeltrue.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.5.0
IP
File type ASCII text, with very long lines (20443)
Hash 1b2a8e9c4e8b1eed8da5c808c337865d
b760744477af0c8f557d767399fb82cb07f7d66c
cc864b12ab5f809ec526c898b2b7b99c915de7b9bb895910cbe63423d29b39d9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.5.0 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:08 GMT
content-type: application/javascript
last-modified: Wed, 16 Dec 2020 11:24:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6864
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.5.0
200 OK 4.0 kB URL HTTP/2 www.rebeltrue.com/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.5.0
IP
File type Unicode text, UTF-8 text, with very long lines (8875)
Hash 976c377f9146a8227d925184b9597107
e36999e32317f77f4834b94ff69faf16da29cc64
41d4252ec2a54abf7cb7923e73f8dfb2503e554c5ee421505841e946d7f44e8c
GET /wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.5.0 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:08 GMT
content-type: application/javascript
last-modified: Wed, 16 Dec 2020 11:23:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3977
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/themes/aurum/assets/js/slick/slick.min.js?ver=3.12
200 OK 11 kB URL HTTP/2 www.rebeltrue.com/wp-content/themes/aurum/assets/js/slick/slick.min.js?ver=3.12
IP
File type ASCII text, with very long lines (42884)
Hash 082fca087bca9c55d92d3121a8992e2b
d30da106e634ca05fae9c88075ec8df05fbb25f1
217f0c0081cc39e4a40d58ae423f3d2413818549a8a5a7f5f50c6eddac2ca857
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/aurum/assets/js/slick/slick.min.js?ver=3.12 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:08 GMT
content-type: application/javascript
last-modified: Tue, 07 May 2019 10:30:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11440
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/themes/aurum/assets/js/aurum-custom.min.js?ver=3.12
200 OK 21 kB URL HTTP/2 www.rebeltrue.com/wp-content/themes/aurum/assets/js/aurum-custom.min.js?ver=3.12
IP
File type Unicode text, UTF-8 text, with very long lines (22966)
Hash 893ed76880cdd76cfe7504140b1ee784
e28f20b73e51318f97e180c32098ad7f1cccc02b
7a38710ec790407dc2c2a0308ea87a0e3918aa15779eb9284e703b5a4f559170
GET /wp-content/themes/aurum/assets/js/aurum-custom.min.js?ver=3.12 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:08 GMT
content-type: application/javascript
last-modified: Mon, 05 Oct 2020 13:49:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 21353
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/cache/autoptimize/js/autoptimize_single_c7dc6b64c4b0f3f84e391d455da54cda.js?ver=3.89.2
200 OK 30 kB URL HTTP/2 www.rebeltrue.com/wp-content/cache/autoptimize/js/autoptimize_single_c7dc6b64c4b0f3f84e391d455da54cda.js?ver=3.89.2
IP
File type ASCII text, with very long lines (65463)
Hash c1b6863f43ef46954fc670510c2e2908
ce69588c76e0b7f5ab46f820874c09c3f2358bdf
353ce4d56991842249038b2834b1ca04b4a860621149e912231ed38f0bfc0ec7
GET /wp-content/cache/autoptimize/js/autoptimize_single_c7dc6b64c4b0f3f84e391d455da54cda.js?ver=3.89.2 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30672000,public, immutable
expires: Fri, 19 Jan 2024 15:56:08 GMT
content-type: application/javascript
last-modified: Sat, 21 Jan 2023 20:41:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 29803
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
200 OK 4.6 kB URL HTTP/2 www.rebeltrue.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:08 GMT
content-type: application/javascript
last-modified: Sat, 21 Jan 2023 20:41:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Sun, 29 Jan 2023 15:56:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/themes/aurum/assets/images/check.png
403 Forbidden 1.2 kB URL HTTP/2 www.rebeltrue.com/wp-content/themes/aurum/assets/images/check.png
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 836004c8a38e0896f13e0e3684e7b042
a8b35765b1909aa611fee787e551eca2874310bc
1e7fda8475d2ba9e1f174715db67d3f7d0514b9172b6c405f2868a97b4afe8d7
GET /wp-content/themes/aurum/assets/images/check.png HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1229
date: Sun, 29 Jan 2023 15:56:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/themes/aurum/assets/css/fonts/aurum-icons/fonts/AurumIcons.ttf?lwankl
200 OK 1.7 kB URL HTTP/2 www.rebeltrue.com/wp-content/themes/aurum/assets/css/fonts/aurum-icons/fonts/AurumIcons.ttf?lwankl
IP
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, AurumIcons \012- data
Hash cafd4ed4c69fd88ba7e0e437d91834e3
90b5698d6624219b9075e5995384dc61f5c88e56
5854f35f59c78f2dbcede5bd8209908145267ff30007cd887d2ff4cd6df63350
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/aurum/assets/css/fonts/aurum-icons/fonts/AurumIcons.ttf?lwankl HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:09 GMT
content-type: font/ttf
last-modified: Thu, 03 Oct 2019 12:09:26 GMT
accept-ranges: bytes
content-length: 1748
date: Sun, 29 Jan 2023 15:56:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rebeltrue.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 07:08:09 GMT
expires: Sat, 27 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 204480
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&blog=188422400&post=9825&tz=0&srv=www.rebeltrue.com&j=1%3A11.7&host=www.rebeltrue.com&ref=&fcp=4383&rand=0.5738532244071957
200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&blog=188422400&post=9825&tz=0&srv=www.rebeltrue.com&j=1%3A11.7&host=www.rebeltrue.com&ref=&fcp=4383&rand=0.5738532244071957
IP
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&blog=188422400&post=9825&tz=0&srv=www.rebeltrue.com&j=1%3A11.7&host=www.rebeltrue.com&ref=&fcp=4383&rand=0.5738532244071957 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 15:56:09 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2
200 OK 76 kB URL HTTP/2 www.rebeltrue.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 75760, version 330.32636\012- data
Hash 832f6e62aaf3909d6b94c8a9c1e4dd51
4a06418cb56a66af5a1c0f59791469dea1dc87fa
8556fd48cf33ca3028e3fff4042979f224987ee317cc9032dd5bba996b363009
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:09 GMT
content-type: font/woff2
last-modified: Mon, 23 Sep 2019 20:57:22 GMT
accept-ranges: bytes
content-length: 75760
date: Sun, 29 Jan 2023 15:56:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-brands-400.woff2
200 OK 75 kB URL HTTP/2 www.rebeltrue.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-brands-400.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 75368, version 330.32636\012- data
Hash 859c4002d9954718cac1ddea5555698f
2392ce297c92bcf2c7d5a4c461a582dadc8039c8
5054ab369966fea3657ac6af00c3bc47bdc9e7b5114e61d1764be06213ca9781
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:09 GMT
content-type: font/woff2
last-modified: Mon, 23 Sep 2019 20:57:22 GMT
accept-ranges: bytes
content-length: 75368
date: Sun, 29 Jan 2023 15:56:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f60e.svg
200 OK 997 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f60e.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (997), with no line terminators
Hash 5f80f04e6ee97feebdd00feff92ced82
c0c45e0774917b1d458654cb2268c5d03e91b337
d32bd9f51b2a54f620f9693e833935c5e2cb2304cbf89aab75fd10f054711ce5
GET /images/core/emoji/14.0.0/svg/1f60e.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 15:56:09 GMT
content-type: image/svg+xml
content-length: 997
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f970.svg
200 OK 2.4 kB URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f970.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2384), with no line terminators
Hash 01c80723fb8cbdcb9e22747cd88e07e4
3a6e61e879f337e69f92c9e60edb36c3ade6704c
303d516f1985e3bc62aa92d1a55c2140a14435b255a32b4c3bc776a2395f056d
GET /images/core/emoji/14.0.0/svg/1f970.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 15:56:09 GMT
content-type: image/svg+xml
content-length: 2384
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 7078b1d21bbac26012d93fc9501fbbb0
412189ffa7980709edc28b87a820aa1ae64fa3a7
6db1d0d3f3924d7e75e1fd087553cf4ec5fa938ecc52adf3f149570551eaf7f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5381
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 15:56:09 GMT
Last-Modified: Sun, 29 Jan 2023 14:26:28 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 7078b1d21bbac26012d93fc9501fbbb0
412189ffa7980709edc28b87a820aa1ae64fa3a7
6db1d0d3f3924d7e75e1fd087553cf4ec5fa938ecc52adf3f149570551eaf7f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2164
Cache-Control: max-age=94998
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 15:56:09 GMT
Etag: "63d55ebb-1d7"
Expires: Mon, 30 Jan 2023 18:19:27 GMT
Last-Modified: Sat, 28 Jan 2023 17:43:23 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 541db4f3f0ba067bfb58cdac34cb86f4
20e6883f068568888ce37c6b9ef8f5d12be257c0
83898f3b2da2a11996d2eb3a5115ef301255030fdf231b8bf7971916769bc7be
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: EYfi/P1ESWO1K86w5AMvZZQMht639g5efQmVLITYKfuTa8bman7b/ySK70Fco/w9BOuvxY+25gb04rbv4WNJqg==
priority: u=3,i
content-length: 27815
x-fb-trip-id: 1904183273
date: Sun, 29 Jan 2023 15:56:09 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk/xfbml.customerchat.js
200 OK 92 kB URL HTTP/2 connect.facebook.net/en_US/sdk/xfbml.customerchat.js
IP
File type ASCII text, with very long lines (20950)
Hash c284fb79394752fb65c53c2f5c218a1f
73a510a68b177fdd03c45721de2a99f2d9861735
1599f7eab54fc5687d7992fe3e1dd1ae9f628711db74e826ff85b4aa0e7681d4
GET /en_US/sdk/xfbml.customerchat.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: d969b74037639b5c9100d893cc52331c
etag: "fc0ca0c5a94bf9463eec439e30380bd8"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 29 Jan 2023 16:02:51 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: woT7eTlHUvtlxTwvXCGKHw==
x-fb-debug: 4RaQ1tHfjsEKTQ1o3NV6FF/8ZOKx4lx/zt8YLlYNCz4r0fKHT5NTxvzCcIuU8tk3SYbvmqMWnJXacN/ijAt1SQ==
priority: u=3,i
content-length: 92422
x-fb-trip-id: 1904183273
date: Sun, 29 Jan 2023 15:56:09 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 7078b1d21bbac26012d93fc9501fbbb0
412189ffa7980709edc28b87a820aa1ae64fa3a7
6db1d0d3f3924d7e75e1fd087553cf4ec5fa938ecc52adf3f149570551eaf7f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5381
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 15:56:09 GMT
Last-Modified: Sun, 29 Jan 2023 14:26:28 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
s.w.org/images/core/emoji/14.0.0/svg/1f60a.svg
200 OK 11 kB URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f60a.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1055), with no line terminators
Hash 5a53e5565fc471dbee3774606511a98d
f8878410e5bb38e364e0c6b2f91cca27786e1108
ed08b390b1513fa2736f6294fed2e623595b088409ae03a01416b2dcefcd3ed9
GET /images/core/emoji/14.0.0/svg/1f60a.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 15:56:09 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/uploads/2022/09/favicon-web.png
200 OK 6.0 kB URL HTTP/2 www.rebeltrue.com/wp-content/uploads/2022/09/favicon-web.png
IP
File type PNG image data, 65 x 65, 8-bit/color RGBA, non-interlaced\012- data
Hash 639cdbfc1f359fd7eada4f405679702e
da05538f29191da8ba83cbfaa0a82cf849b2aaba
bda4cbc232270fa9ea92af31625c2250929dd7b5d6e5430d777c76682d80dd4b
GET /wp-content/uploads/2022/09/favicon-web.png HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:09 GMT
content-type: image/png
last-modified: Fri, 30 Sep 2022 15:45:01 GMT
accept-ranges: bytes
content-length: 6012
date: Sun, 29 Jan 2023 15:56:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/uploads/2021/08/invoice-logo.png
200 OK 2.2 kB URL HTTP/2 www.rebeltrue.com/wp-content/uploads/2021/08/invoice-logo.png
IP
File type PNG image data, 160 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 99da778cf79fe37611eb815446e9a72f
ac2c126e3e92f94fa8dae2c2aa55f576b2da95cc
d00e20dc5019db798f19f3d5e8f64e2b35f22c8d6cc7d801d19224b8aeef71bf
GET /wp-content/uploads/2021/08/invoice-logo.png HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; _ga_YQFXHBPZXK=GS1.1.1675007777.1.0.1675007777.0.0.0; _ga=GA1.1.678815883.1675007777
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:09 GMT
content-type: image/png
last-modified: Mon, 16 Aug 2021 01:43:08 GMT
accept-ranges: bytes
content-length: 2198
date: Sun, 29 Jan 2023 15:56:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/themes/aurum/assets/js/slick/ajax-loader.gif
200 OK 2.6 kB URL HTTP/2 www.rebeltrue.com/wp-content/themes/aurum/assets/js/slick/ajax-loader.gif
IP
File type GIF image data, version 89a, 32 x 32\012- data
Hash d4953dea219a51fad408d14a83dac5a1
2c3366f98527814ede4ef8444c0fb61b76fe3a9e
631d21a041fb3a4ae36ff009a7e496825f3387ec9434b8e8efbdd9111cdc4509
GET /wp-content/themes/aurum/assets/js/slick/ajax-loader.gif HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; _ga_YQFXHBPZXK=GS1.1.1675007777.1.0.1675007777.0.0.0; _ga=GA1.1.678815883.1675007777
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:09 GMT
content-type: image/gif
last-modified: Thu, 19 Apr 2018 12:10:31 GMT
accept-ranges: bytes
content-length: 2550
date: Sun, 29 Jan 2023 15:56:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/themes/aurum/assets/images/arrow-left.svg
200 OK 350 B URL HTTP/2 www.rebeltrue.com/wp-content/themes/aurum/assets/images/arrow-left.svg
IP
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 1274434893bde2b69d7ce07dbde3ddf3
89df87238c4a4404a02ccca71160a0288b2cdec3
10e9d9496fb8e0df6bcaeb79b2e0ed940eca288cc4665627fe37268c713b5ad1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/aurum/assets/images/arrow-left.svg HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; _ga_YQFXHBPZXK=GS1.1.1675007777.1.0.1675007777.0.0.0; _ga=GA1.1.678815883.1675007777
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:09 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Jan 2018 13:21:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 350
date: Sun, 29 Jan 2023 15:56:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/themes/aurum/assets/images/arrow-right.svg
200 OK 345 B URL HTTP/2 www.rebeltrue.com/wp-content/themes/aurum/assets/images/arrow-right.svg
IP
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 63fa465a23a4eb02fb7395bb6cc64780
f79e8829b215341a903885e1bd1e6936e487fb4e
7b1ce9ff0d4ddb5c13145bad28e56d9e7a20e7622fee29bdfd9f827a4bc9ae9c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/aurum/assets/images/arrow-right.svg HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; _ga_YQFXHBPZXK=GS1.1.1675007777.1.0.1675007777.0.0.0; _ga=GA1.1.678815883.1675007777
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:09 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Jan 2018 13:21:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 345
date: Sun, 29 Jan 2023 15:56:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888
200 OK 7.5 kB URL HTTP/2 www.rebeltrue.com/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888
IP
File type Web Open Font Format, TrueType, length 7536, version 1.0\012- data
Hash 04eb8fc57f27498e5ae37523e3bfb2c7
d942ae11706c3f7e511e3c49b0e4574d7ad199c4
f7b9c3065e55fa3b9e320093612e7b30dcb14355a44ec461247b495a3e729686
GET /wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; _ga_YQFXHBPZXK=GS1.1.1675007777.1.0.1675007777.0.0.0; _ga=GA1.1.678815883.1675007777
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:09 GMT
content-type: font/woff
last-modified: Tue, 19 Jan 2021 10:11:10 GMT
accept-ranges: bytes
content-length: 7536
date: Sun, 29 Jan 2023 15:56:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400
200 OK 18 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400
IP
Hash 52b6369bc17f5d6010face6fd5f9e38d
bab4fb8a01e510832fa30883a03059df3f5c679b
d0b0dd0b939c8aa852e0ca8f072504626d6690eeafc623dec6d374293eb6c16c
GET /css?family=Roboto:400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 15:56:08 GMT
date: Sun, 29 Jan 2023 15:56:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-includes/js/thickbox/loadingAnimation.gif
200 OK 15 kB URL HTTP/2 www.rebeltrue.com/wp-includes/js/thickbox/loadingAnimation.gif
IP
File type GIF image data, version 89a, 416 x 26\012- data
Hash ce2268030dd2151b63cdf4ffc2f626ba
15280f21eb43f5fa7838dcf011f67d79e301b15f
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
GET /wp-includes/js/thickbox/loadingAnimation.gif HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; _ga_YQFXHBPZXK=GS1.1.1675007777.1.0.1675007777.0.0.0; _ga=GA1.1.678815883.1675007777
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:09 GMT
content-type: image/gif
last-modified: Sat, 21 Jan 2023 20:41:37 GMT
accept-ranges: bytes
content-length: 15238
date: Sun, 29 Jan 2023 15:56:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-YQFXHBPZXK>m=2oe1p0&_p=1622188219&cid=678815883.1675007777&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675007777&sct=1&seg=0&dl=https%3A%2F%2Fwww.rebeltrue.com%2F&dt=Rebel%20True%20%E2%80%93%20Survive%20Your%20True%20Identity&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-YQFXHBPZXK>m=2oe1p0&_p=1622188219&cid=678815883.1675007777&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675007777&sct=1&seg=0&dl=https%3A%2F%2Fwww.rebeltrue.com%2F&dt=Rebel%20True%20%E2%80%93%20Survive%20Your%20True%20Identity&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-YQFXHBPZXK>m=2oe1p0&_p=1622188219&cid=678815883.1675007777&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675007777&sct=1&seg=0&dl=https%3A%2F%2Fwww.rebeltrue.com%2F&dt=Rebel%20True%20%E2%80%93%20Survive%20Your%20True%20Identity&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.rebeltrue.com
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.rebeltrue.com
date: Sun, 29 Jan 2023 15:56:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/uploads/2023/01/slider-002.jpg
200 OK 167 kB URL HTTP/2 www.rebeltrue.com/wp-content/uploads/2023/01/slider-002.jpg
IP
File type JPEG image data, baseline, precision 8, 1140x388, components 3\012- data
Size 167 kB (167226 bytes)
Hash d4e10e7115462940793fcb96dde51a5d
2941ca97676216d589ac5281655b689e9b64af5f
8408394bbad529156fe0bedf9e4025bd7d35cab392658267218d3651fcd60475
GET /wp-content/uploads/2023/01/slider-002.jpg HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; _ga_YQFXHBPZXK=GS1.1.1675007777.1.0.1675007777.0.0.0; _ga=GA1.1.678815883.1675007777
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:10 GMT
content-type: image/jpeg
last-modified: Fri, 27 Jan 2023 20:32:44 GMT
accept-ranges: bytes
content-length: 167226
date: Sun, 29 Jan 2023 15:56:10 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/?wc-ajax=get_refreshed_fragments
200 OK 713 B URL HTTP/2 www.rebeltrue.com/?wc-ajax=get_refreshed_fragments
IP
File type JSON data\012- exported SGML document, ASCII text, with very long lines (713), with no line terminators
Hash d05143ec52f632488c1323e1590f4ea9
7f32d74c1be1d16906d0bed108c53c6b5cd373b2
662bea85843bd8c29d59043297921314bf6821fc107984135ec98b2f8cb4a9c4
Analyzer Verdict Alert fortinet Malware
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://www.rebeltrue.com
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; _ga_YQFXHBPZXK=GS1.1.1675007777.1.0.1675007777.0.0.0; _ga=GA1.1.678815883.1675007777
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.4.32
x-pingback: https://www.rebeltrue.com/xmlrpc.php
access-control-allow-origin: https://www.rebeltrue.com
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
content-type: application/json; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 713
date: Sun, 29 Jan 2023 15:56:10 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/uploads/2023/01/slider-003.jpg
200 OK 130 kB URL HTTP/2 www.rebeltrue.com/wp-content/uploads/2023/01/slider-003.jpg
IP
File type JPEG image data, baseline, precision 8, 1140x388, components 3\012- data
Size 130 kB (130049 bytes)
Hash d8dd684395ce1ac2d1ca968e1c794030
18b69e01da155702bbc3518db41c79589459410f
fa91b21bb75299f046e4195e69ac24b0c8c87b358d725f89169349a4c7bacab6
GET /wp-content/uploads/2023/01/slider-003.jpg HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; _ga_YQFXHBPZXK=GS1.1.1675007777.1.0.1675007777.0.0.0; _ga=GA1.1.678815883.1675007777
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:10 GMT
content-type: image/jpeg
last-modified: Fri, 27 Jan 2023 20:32:40 GMT
accept-ranges: bytes
content-length: 130049
date: Sun, 29 Jan 2023 15:56:10 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=4161483943929711&ev=PageView&dl=https%3A%2F%2Fwww.rebeltrue.com%2F&rl=&if=false&ts=1675007778650&cd[source]=woocommerce&cd[version]=6.9.4&cd[pluginVersion]=3.0.8&sw=1280&sh=1024&v=2.9.92&r=stable&a=woocommerce-6.9.4-3.0.8&ec=0&o=30&fbp=fb.1.1675007778649.1176141967&it=1675007777526&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=4161483943929711&ev=PageView&dl=https%3A%2F%2Fwww.rebeltrue.com%2F&rl=&if=false&ts=1675007778650&cd[source]=woocommerce&cd[version]=6.9.4&cd[pluginVersion]=3.0.8&sw=1280&sh=1024&v=2.9.92&r=stable&a=woocommerce-6.9.4-3.0.8&ec=0&o=30&fbp=fb.1.1675007778649.1176141967&it=1675007777526&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=4161483943929711&ev=PageView&dl=https%3A%2F%2Fwww.rebeltrue.com%2F&rl=&if=false&ts=1675007778650&cd[source]=woocommerce&cd[version]=6.9.4&cd[pluginVersion]=3.0.8&sw=1280&sh=1024&v=2.9.92&r=stable&a=woocommerce-6.9.4-3.0.8&ec=0&o=30&fbp=fb.1.1675007778649.1176141967&it=1675007777526&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 29 Jan 2023 15:56:10 GMT
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-admin/admin-ajax.php
200 OK 37 kB URL HTTP/2 www.rebeltrue.com/wp-admin/admin-ajax.php
IP
Hash b8b09c0c898b0601274710401f96a15d
fa17927fd4288a1256a56e477f39f7de9d5765d0
becc68255319085c4f34cde490211deae1d912b3555e7be58764ba5eb3ab2e2b
Analyzer Verdict Alert fortinet Malware
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 33040
Origin: https://www.rebeltrue.com
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; _ga_YQFXHBPZXK=GS1.1.1675007777.1.0.1675007777.0.0.0; _ga=GA1.1.678815883.1675007777
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.4.32
access-control-allow-origin: https://www.rebeltrue.com
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
date: Sun, 29 Jan 2023 15:56:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rebeltrue.com/wp-content/themes/aurum/assets/css/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL HTTP/2 www.rebeltrue.com/wp-content/themes/aurum/assets/css/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/aurum/assets/css/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.rebeltrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.rebeltrue.com%2F; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; _ga_YQFXHBPZXK=GS1.1.1675007777.1.0.1675007777.0.0.0; _ga=GA1.1.678815883.1675007777; _fbp=fb.1.1675007778649.1176141967
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 15:56:11 GMT
content-type: font/woff2
last-modified: Tue, 30 Jan 2018 07:57:34 GMT
accept-ranges: bytes
content-length: 77160
date: Sun, 29 Jan 2023 15:56:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
web.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=fbe_woocommerce&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c46daffbd96aa%26domain%3Dwww.rebeltrue.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.rebeltrue.com%252Ff9f3d6bfdee58%26relation%3Dparent.parent¤t_url=https%3A%2F%2Fwww.rebeltrue.com%2F&is_loaded_by_facade=true&locale=en_US&log_id=3c58f78c-8ad8-47d4-81c9-3361b153d69a&page_id=100946578668537&request_time=1675007779024&sdk=joey&should_use_new_domain=false&suppress_http_code=1
302 Found 0 B URL HTTP/2 web.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=fbe_woocommerce&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c46daffbd96aa%26domain%3Dwww.rebeltrue.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.rebeltrue.com%252Ff9f3d6bfdee58%26relation%3Dparent.parent¤t_url=https%3A%2F%2Fwww.rebeltrue.com%2F&is_loaded_by_facade=true&locale=en_US&log_id=3c58f78c-8ad8-47d4-81c9-3361b153d69a&page_id=100946578668537&request_time=1675007779024&sdk=joey&should_use_new_domain=false&suppress_http_code=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/customer_chat/facade/?app_id=&attribution=fbe_woocommerce&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c46daffbd96aa%26domain%3Dwww.rebeltrue.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.rebeltrue.com%252Ff9f3d6bfdee58%26relation%3Dparent.parent¤t_url=https%3A%2F%2Fwww.rebeltrue.com%2F&is_loaded_by_facade=true&locale=en_US&log_id=3c58f78c-8ad8-47d4-81c9-3361b153d69a&page_id=100946578668537&request_time=1675007779024&sdk=joey&should_use_new_domain=false&suppress_http_code=1 HTTP/1.1
Host: web.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: https://www.rebeltrue.com
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://www.facebook.com/plugins/customer_chat/facade/?app_id&attribution=fbe_woocommerce&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c46daffbd96aa%26domain%3Dwww.rebeltrue.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.rebeltrue.com%252Ff9f3d6bfdee58%26relation%3Dparent.parent¤t_url=https%3A%2F%2Fwww.rebeltrue.com%2F&is_loaded_by_facade=true&locale=en_US&log_id=3c58f78c-8ad8-47d4-81c9-3361b153d69a&page_id=100946578668537&request_time=1675007779024&sdk=joey&should_use_new_domain=false&suppress_http_code=1&_rdc=1&_rdr
cross-origin-opener-policy: same-origin-allow-popups
x-fb-zr-redirect: 02|1675094171|
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: DsNv2SBnM7Q/jRZtEp/5x/Js2dTVX3Hll2WfZyEUwiy3N7pLqVElFpLp2lh3bGNYB+nM+b7Kf5xP59vrhnsQHg==
content-length: 0
date: Sun, 29 Jan 2023 15:56:11 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
web.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=fbe_woocommerce&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c46daffbd96aa%26domain%3Dwww.rebeltrue.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.rebeltrue.com%252Ff9f3d6bfdee58%26relation%3Dparent.parent¤t_url=https%3A%2F%2Fwww.rebeltrue.com%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=en_US&log_id=3c58f78c-8ad8-47d4-81c9-3361b153d69a&page_id=100946578668537&request_time=1675007779024&sdk=joey&should_use_new_domain=false&suppress_http_code=1
302 Found 0 B URL HTTP/2 web.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=fbe_woocommerce&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c46daffbd96aa%26domain%3Dwww.rebeltrue.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.rebeltrue.com%252Ff9f3d6bfdee58%26relation%3Dparent.parent¤t_url=https%3A%2F%2Fwww.rebeltrue.com%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=en_US&log_id=3c58f78c-8ad8-47d4-81c9-3361b153d69a&page_id=100946578668537&request_time=1675007779024&sdk=joey&should_use_new_domain=false&suppress_http_code=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/customer_chat/SDK/?app_id=&attribution=fbe_woocommerce&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c46daffbd96aa%26domain%3Dwww.rebeltrue.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.rebeltrue.com%252Ff9f3d6bfdee58%26relation%3Dparent.parent¤t_url=https%3A%2F%2Fwww.rebeltrue.com%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=en_US&log_id=3c58f78c-8ad8-47d4-81c9-3361b153d69a&page_id=100946578668537&request_time=1675007779024&sdk=joey&should_use_new_domain=false&suppress_http_code=1 HTTP/1.1
Host: web.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: https://www.rebeltrue.com
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://www.facebook.com/plugins/customer_chat/SDK/?app_id&attribution=fbe_woocommerce&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c46daffbd96aa%26domain%3Dwww.rebeltrue.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.rebeltrue.com%252Ff9f3d6bfdee58%26relation%3Dparent.parent¤t_url=https%3A%2F%2Fwww.rebeltrue.com%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=en_US&log_id=3c58f78c-8ad8-47d4-81c9-3361b153d69a&page_id=100946578668537&request_time=1675007779024&sdk=joey&should_use_new_domain=false&suppress_http_code=1&_rdc=1&_rdr
cross-origin-opener-policy: same-origin-allow-popups
x-fb-zr-redirect: 02|1675094171|
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: FozqRnYkXohaSq3xdMavcJJ8ZoOOKciHvLnWd0r1Eyo4mST4CxfAlH8KbmPD3t665/hL/FboyEv/MshM9/uoQg==
content-length: 0
date: Sun, 29 Jan 2023 15:56:11 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
i0.wp.com/www.rebeltrue.com/wp-content/uploads/2022/08/web-banner-trousers.jpg?w=1140&ssl=1
200 OK 28 kB URL HTTP/2 i0.wp.com/www.rebeltrue.com/wp-content/uploads/2022/08/web-banner-trousers.jpg?w=1140&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1140x295, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c49bf7db4a0e191820cd36d3ddf6de8f
8a08cacdbc2207571b639bbe35e8093fed67d364
9a78b9250182c7982ceb07c5e80f91b4ecf4a4bb6a65f7d37a1155976914ab48
GET /www.rebeltrue.com/wp-content/uploads/2022/08/web-banner-trousers.jpg?w=1140&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 15:56:12 GMT
content-type: image/webp
content-length: 27630
last-modified: Sun, 29 Jan 2023 15:56:12 GMT
expires: Wed, 29 Jan 2025 03:56:12 GMT
cache-control: public, max-age=63115200
link: <https://www.rebeltrue.com/wp-content/uploads/2022/08/web-banner-trousers.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "7a37eaed4461df99"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b9e50f-b1f6-4665-acd6-9532ce741c2f.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b9e50f-b1f6-4665-acd6-9532ce741c2f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d04b173ecc22c619998bda87a8f9ce70
9e3c3ac1b5a8a5fcee6d1b0db1a61b71948d5fe5
c30fbd2807e36b637bd1382a955c34abb4fe88b99173692530d288fff0986896
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b9e50f-b1f6-4665-acd6-9532ce741c2f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8739
x-amzn-requestid: 77241ca1-d7d1-4133-bc06-e89a8db93aef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbANlFiSoAMFrcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44723-0b07156624f03d47665f2d4f;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:50:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: iZuCuhMd6Qh4_ullCXneuwDyB6EXdLof37qhrLCe6U4WpeGIUPl73A==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 22:03:44 GMT
age: 64349
etag: "9e3c3ac1b5a8a5fcee6d1b0db1a61b71948d5fe5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
stats.wp.com/e-202304.js
200 OK 0 B IP
GET /e-202304.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 15:56:08 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 11 Dec 2023 21:09:59 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
socialplugin.facebook.net/new_domain_gating/?endpoint=customerchat&page_id=100946578668537&suppress_http_code=1
200 OK 0 B URL HTTP/2 socialplugin.facebook.net/new_domain_gating/?endpoint=customerchat&page_id=100946578668537&suppress_http_code=1
IP
GET /new_domain_gating/?endpoint=customerchat&page_id=100946578668537&suppress_http_code=1 HTTP/1.1
Host: socialplugin.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: https://www.rebeltrue.com
Connection: keep-alive
Referer: https://www.rebeltrue.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/json; charset=utf-8
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
access-control-allow-origin: https://www.rebeltrue.com
x-fb-debug: de1H0GMCsud8s5jkKvVl3jSgnjEg9rww4atINU9ho+CJhmEAAJGqycbGMjmj/exP0gq2ZifdrOAOh4JsekjDaQ==
date: Sun, 29 Jan 2023 15:56:11 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
199.188.201.16
31.13.72.12
93.184.220.29
157.240.205.35
23.36.76.226