r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43ad67f241ee3692a9c9c1da080dae58
6a024f7d71eeee257edc91ba9273416f634aaae5
636635b57f9e6d2ad9b1b949298ee7d3b5b7e251a63516ff68bfb1eceded5688
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "636635B57F9E6D2AD9B1B949298EE7D3B5B7E251A63516FF68BFB1ECEDED5688"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2692
Expires: Sun, 11 Dec 2022 14:44:03 GMT
Date: Sun, 11 Dec 2022 13:59:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 430f1651125c14bfa4924aa1f1a392e9
304141c5fe7ac8b370a67912b2592f9622de9600
315d77a9956f34b1615e38f5f1971dd05146980f8a36b35a8108d47ebba7e8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "315D77A9956F34B1615E38F5F1971DD05146980F8A36B35A8108D47EBBA7E8E5"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13768
Expires: Sun, 11 Dec 2022 17:48:39 GMT
Date: Sun, 11 Dec 2022 13:59:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5595
Expires: Sun, 11 Dec 2022 15:32:26 GMT
Date: Sun, 11 Dec 2022 13:59:11 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 11 Dec 2022 13:33:33 GMT
content-type: application/json
age: 1538
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5IJKJB6OcUDI62P/uaI6h+zkO+oacJro4A5EcpgdPT8OQruhO3OtQ3hMyaXM80fi3gcxSHOvFC0=
x-amz-request-id: YFBT9HK0PWY4H8HC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 11 Dec 2022 13:51:06 GMT
age: 485
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Dec 2022 13:59:11 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 11 Dec 2022 13:33:16 GMT
age: 1556
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e12bb655426d080117693ba116f398cf
8fe1f7f8d0b191baed2decba3523656da97077f5
2c25ba0d1c806de98d5489934acd8e2f17487e4f7e40c7f0d39094ce49f91b8d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1597
Cache-Control: max-age=156861
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:12 GMT
Etag: "63959db0-1d7"
Expires: Tue, 13 Dec 2022 09:33:33 GMT
Last-Modified: Sun, 11 Dec 2022 09:06:56 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.189.35.180101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.35.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hTrpvxTt2nBmvEhsRqeVFQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: o0aM3xTzOhZBXjjYzgD57VSsBQw=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 74d82b5960e5e12af402b01fa10b0829
4b80baad99eaafa43a8a78dbcd8e0df4141b3dd7
328abed4a3d2ea1d745c64c5c40925ae5efca25846d2e1c8457a030347473b51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jogwt.3rdeyehosting.com/wp-content/plugins/bdthemes-element-pack-lite/assets/css/ep-helper.css?ver=4.1.0
192.185.129.96200 OK 7.5 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/bdthemes-element-pack-lite/assets/css/ep-helper.css?ver=4.1.0
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (687)
Hash 480993804d8a36ff44e0619e94350c3c
a980258e5024b3b183a18befcbbd05fa173292ab
10e0fb538c438f38514234a4729958d435bb6a8b92dfe1a599dc3ee7cf4b5fcc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bdthemes-element-pack-lite/assets/css/ep-helper.css?ver=4.1.0 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:13 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 09 May 2022 07:48:41 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7467
Keep-Alive: timeout=5, max=75
Content-Type: text/css
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CHeebo%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CFira+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
142.250.74.106200 OK 3.8 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CHeebo%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CFira+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP 142.250.74.106:0
Hash 004f2927432912a0e4bacde7eb90d06c
3a5c41a741a240738336b9b262abbc2bb25883de
e269bd36f48729358c383ed021ea49baca75a2ac5b008c1cf4ef3da83ebeb5ae
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CHeebo%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CFira+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Dec 2022 13:59:13 GMT
date: Sun, 11 Dec 2022 13:59:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jogwt.3rdeyehosting.com/wp-content/uploads/premium-addons-elementor/pa-frontend-438372b2d.min.css?ver=1670767152
192.185.129.96200 OK 1.7 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/premium-addons-elementor/pa-frontend-438372b2d.min.css?ver=1670767152
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7668), with no line terminators
Hash 81da1039559df7a7fb072946b84ac914
84a74546952197cb750aea4f492802e706c5dfc9
2b8f096d7830f4a1762261b0043fc29b7f50e0b3e7fd8d3da83e2f73ebd9ed29
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/premium-addons-elementor/pa-frontend-438372b2d.min.css?ver=1670767152 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:13 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 24 Aug 2022 09:22:19 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1709
Keep-Alive: timeout=5, max=75
Content-Type: text/css
jogwt.3rdeyehosting.com/wp-content/plugins/bdthemes-prime-slider-lite/assets/css/prime-slider-site.css?ver=2.9.3
192.185.129.96200 OK 2.6 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/bdthemes-prime-slider-lite/assets/css/prime-slider-site.css?ver=2.9.3
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (14085), with no line terminators
Hash b1612e4610372f069a555bbef33b7536
291195d1efa172da4a42925efebbb3d341742cdf
95b7d1929f99105521922a594b5a2de8f9bebe705104c534223919a1c17ff1f6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bdthemes-prime-slider-lite/assets/css/prime-slider-site.css?ver=2.9.3 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:13 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 09 May 2022 07:48:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2574
Keep-Alive: timeout=5, max=75
Content-Type: text/css
jogwt.3rdeyehosting.com/wp-content/plugins/bdthemes-element-pack-lite/assets/css/bdt-uikit.css?ver=3.13.1
192.185.129.96200 OK 47 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/bdthemes-element-pack-lite/assets/css/bdt-uikit.css?ver=3.13.1
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (421)
Hash ac927b58815f20119cbe0d1565bdfbc3
65309fac8b6923f9bc43283e45c8f548a167a326
a8c4cf483558708981df6d2d09da608c3066ec63f8c45c8669db6d36fb03989a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bdthemes-element-pack-lite/assets/css/bdt-uikit.css?ver=3.13.1 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:13 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 09 May 2022 07:48:41 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/css
jogwt.3rdeyehosting.com/wp-includes/css/classic-themes.min.css?ver=1
192.185.129.96200 OK 189 B URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-includes/css/classic-themes.min.css?ver=1
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:13 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 16:34:36 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 189
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
jogwt.3rdeyehosting.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
192.185.129.96200 OK 18 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (47826)
Hash 9415c9562591af7a582c29139621505f
0b12eecf36a48b871a3198550f4f65bb4a6d9b1b
06c70d3232c2ae3ed2aa259eb7a1beb329b654926813935fffa8902cd5ebaa4a
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:13 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 16 Nov 2022 06:14:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/css
jogwt.3rdeyehosting.com/wp-content/plugins/qi-addons-for-elementor/assets/css/grid.min.css?ver=6.1.1
192.185.129.96200 OK 2.2 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/qi-addons-for-elementor/assets/css/grid.min.css?ver=6.1.1
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (44829), with no line terminators
Hash 49f12c5c02ef20b20a354408f5451bf2
6dda6577a75bfb66c81b7fd305be70d940fa2ee7
0265c18c1cca0b101caf00334f813589262982f04a2bfcdbe3be7a02eececbf3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/qi-addons-for-elementor/assets/css/grid.min.css?ver=6.1.1 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:13 GMT
Server: Apache
Last-Modified: Thu, 14 Jul 2022 07:39:31 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2155
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
jogwt.3rdeyehosting.com/wp-content/plugins/qi-addons-for-elementor/assets/plugins/swiper/swiper.min.css?ver=6.1.1
192.185.129.96200 OK 4.8 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/qi-addons-for-elementor/assets/plugins/swiper/swiper.min.css?ver=6.1.1
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (13425)
Hash df2aa92696c29d767e226963ac6d7946
fd19c43f95a29e6f1fbf77ff474a8a5461dd7b28
af0dd02d23f46d8be2bf04f65932f8cec44368ef1b8147e762cf92252aae54c5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/qi-addons-for-elementor/assets/plugins/swiper/swiper.min.css?ver=6.1.1 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:13 GMT
Server: Apache
Last-Modified: Thu, 14 Jul 2022 07:39:31 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4786
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
jogwt.3rdeyehosting.com/
192.185.129.96200 OK 48 kB IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9381)
Hash 7a6ba74b6d038fafd514105dc528628b
121d9c91995c753366098b889abc3e2ab48eacff
5ba1db9e53eaf2d7e5bea572d86369a3570cd5e09276e293b5935812b19003c4
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:11 GMT
Server: Apache
Link: <http://jogwt.3rdeyehosting.com/wp-json/>; rel="https://api.w.org/", <http://jogwt.3rdeyehosting.com/wp-json/wp/v2/pages/1030>; rel="alternate"; type="application/json", <http://jogwt.3rdeyehosting.com/>; rel=shortlink
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
jogwt.3rdeyehosting.com/wp-content/plugins/qi-addons-for-elementor/assets/css/helper-parts.min.css?ver=6.1.1
192.185.129.96200 OK 3.8 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/qi-addons-for-elementor/assets/css/helper-parts.min.css?ver=6.1.1
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (24598), with no line terminators
Hash 7712d3ba486f47c8894c779899f81f18
3dad9094ddff943341e72629241f34a203d9dcf1
0e0aa418043e46d6b2adf1c0fe705af5dfe0c477230aeb965162aca3083ef49a
GET /wp-content/plugins/qi-addons-for-elementor/assets/css/helper-parts.min.css?ver=6.1.1 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:13 GMT
Server: Apache
Last-Modified: Thu, 14 Jul 2022 07:39:31 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3782
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
jogwt.3rdeyehosting.com/wp-content/themes/WP-Skeleton-Theme-master/stylesheets/base.css?ver=6.1.1
192.185.129.96200 OK 2.2 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/themes/WP-Skeleton-Theme-master/stylesheets/base.css?ver=6.1.1
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (493)
Hash 84f8b343d30532dcddc1fdb81ec138b3
86f5036040c741b6db17af4015589dab4b93dfb7
826085cc507faf3341d6ab452aa4940c4a8c627ad76ede7e001566984ed3d4b8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/WP-Skeleton-Theme-master/stylesheets/base.css?ver=6.1.1 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:13 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:42:23 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2240
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
jogwt.3rdeyehosting.com/wp-content/themes/WP-Skeleton-Theme-master/style.css?ver=6.1.1
192.185.129.96200 OK 2.3 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/themes/WP-Skeleton-Theme-master/style.css?ver=6.1.1
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 81e651c95eff8831b7c95fa42aad153b
9f80cbb83badd9221e1d38f1f52fe37bff694d47
84225715877e530e76a59cb97512e978f9f5cb184bae8b7ff34cdb36455153d3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/WP-Skeleton-Theme-master/style.css?ver=6.1.1 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:13 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:42:23 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2257
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
jogwt.3rdeyehosting.com/wp-content/themes/WP-Skeleton-Theme-master/stylesheets/layout.css?ver=6.1.1
192.185.129.96200 OK 392 B URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/themes/WP-Skeleton-Theme-master/stylesheets/layout.css?ver=6.1.1
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash c9c525ef7438d3c65d9a8534c51d44b5
9b5720b30296a2142076af1916c23e10074b4822
fd3f2f32bfdfc2863a2fdaf401278e2bcf9ff11296e620df36b133d30e6d13d5
GET /wp-content/themes/WP-Skeleton-Theme-master/stylesheets/layout.css?ver=6.1.1 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:13 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:42:23 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 392
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
192.185.129.96200 OK 4.0 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19082)
Hash 1a51c193793d105fc6aaddfc3bc05349
238e509973276daa145be273af1aba0fbb3801bf
69e8578f795564941f826ab314ab57c83da7fb6ca7d9221c8df5f1e9081ae6e3
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:13 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:41:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3978
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
jogwt.3rdeyehosting.com/wp-content/plugins/qi-addons-for-elementor/assets/css/main.min.css?ver=6.1.1
192.185.129.96200 OK 45 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/qi-addons-for-elementor/assets/css/main.min.css?ver=6.1.1
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash 14c889653a3039fbddc9b80a7bd08aad
d83d0b8c07d60084595c77222b5f26ec3c04a4d8
e68aedefd549f70f97622613b47310c434f261e6795f61da179432ffcc4ee4ab
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/qi-addons-for-elementor/assets/css/main.min.css?ver=6.1.1 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:13 GMT
Server: Apache
Last-Modified: Thu, 14 Jul 2022 07:39:31 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.4
192.185.129.96200 OK 22 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.4
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65497)
Hash 02286976f2f6aa838ab581c6be07e562
cd1d13658810cc3f434423b0dfaa6fd226ec1474
4ef188e58cd0fce1a5b0a7de53e0a689c9dc2d2e18e329c3d00484bff40929fd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.4 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:13 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:41:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
jogwt.3rdeyehosting.com/wp-content/uploads/elementor/css/post-26.css?ver=1657785358
192.185.129.96200 OK 2.0 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/elementor/css/post-26.css?ver=1657785358
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12373), with no line terminators
Hash 1bfa28790fb90a4ad7c79ab616c144ad
d939c77a6d54188b33f1c010379f337aaa1c7aa1
eff3a1bf1ad7d953630144327117d82f522b7b21cea1ba8465257c68a8993b7f
GET /wp-content/uploads/elementor/css/post-26.css?ver=1657785358 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:13 GMT
Server: Apache
Last-Modified: Thu, 14 Jul 2022 07:55:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1984
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
jogwt.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.6.4
192.185.129.96200 OK 1.8 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.6.4
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11362)
Hash 1451b8367325a2ad2fe966518f4ff535
602e87c3b542d8c886a58da0cbe2d77a8ec164ab
3ca5605c4ea885177a5fa989b5f18ef26649a5e3d646ad74479204c82cd1155e
GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.6.4 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:13 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:39:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1838
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css
jogwt.3rdeyehosting.com/wp-content/uploads/elementor/css/post-1030.css?ver=1657965665
192.185.129.96200 OK 12 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/elementor/css/post-1030.css?ver=1657965665
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (46762)
Hash 85451ff82220a6908246822897d00f5a
7d4664e44aee10fe2903b83a15349e5f8dbf16fc
fbdea94170789659f553e789ab8c4ff6a5571aa03ef35d2a22cbe537d7448fdf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-1030.css?ver=1657965665 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:13 GMT
Server: Apache
Last-Modified: Sat, 16 Jul 2022 10:01:05 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11475
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css
jogwt.3rdeyehosting.com/wp-content/uploads/elementor/css/post-30.css?ver=1657785363
192.185.129.96200 OK 1.2 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/elementor/css/post-30.css?ver=1657785363
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7710), with no line terminators
Hash 5f777872da00de5e1601da718f243ec8
bfafc9329b905e80ae4f779887ba26cac27d4e11
d8bb108a2f9e76343dd89df4c2d6ff5f64f277503c9d775dc2c958ed45ae0d1b
GET /wp-content/uploads/elementor/css/post-30.css?ver=1657785363 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:13 GMT
Server: Apache
Last-Modified: Thu, 14 Jul 2022 07:56:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1200
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4828
Expires: Sun, 11 Dec 2022 15:19:42 GMT
Date: Sun, 11 Dec 2022 13:59:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2020df3404a4b7c3e142af4a1330b848
2fe69b52fe03128e86550bf08474ecac82682384
37a52c158d5cfdf3589e19163cf446c02ce1466f444656080b02da82d2bcefae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6311
x-amzn-requestid: 46ccaee0-bde8-4be6-9dc8-46e3ae356dc8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c8xUYH10oAMF8Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6394fc1b-2440251f06cb950a57489555;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SG-8rL_rUN3MpXHhkAaHmIqKf7mSHtv0kEAkBOAIPcqq755Qh-mc3Q==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 21:38:41 GMT
etag: "2fe69b52fe03128e86550bf08474ecac82682384"
content-type: image/jpeg
age: 58833
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6442de2-4fd8-4da6-915e-0c84574e540c.webp
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6442de2-4fd8-4da6-915e-0c84574e540c.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 911ce18e0af5cc8e260ea1fe52545d36
b275849bb704505af83e87b121c21888948c0926
b7be399d579a8449b4e8472b76f1cf02b576589e9cf0b2991058085df20aaeec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6442de2-4fd8-4da6-915e-0c84574e540c.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9783
x-amzn-requestid: b658343a-f21e-48f2-8311-dac8331452a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuJHgpoAMFYQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-1a36fe5e63b558d85136480f;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GQpvczeihbX5y9BbtP0Df7YklNJM00fw7VyvNPXtJM_fA6nNB7c_vg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 21:38:45 GMT
age: 58829
etag: "b275849bb704505af83e87b121c21888948c0926"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4828
Expires: Sun, 11 Dec 2022 15:19:42 GMT
Date: Sun, 11 Dec 2022 13:59:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8ff35a0-24dc-4158-b67e-a5f03f5a9022.jpeg
34.120.237.76200 OK 1.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8ff35a0-24dc-4158-b67e-a5f03f5a9022.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4f6cfc43170be4dd0264f2b0b6bcc329
9ad22ea868f3b72832243fd11315c68117c7542b
f5cc67d46241c2f5aebc2515bf8828889f8ceda8112b78cdf925a260b82fd833
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8ff35a0-24dc-4158-b67e-a5f03f5a9022.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 1584
x-amzn-requestid: 0ea87ec1-b0b9-4559-878d-dec9cbbed4d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5_aeGwVIAMFZXw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393df76-33df816b712e56ad3baa0398;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 01:23:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: s3A0tY7vX8qnrlOe6ykGegQCf1v7pVMryfxYgXrdAraeMi5HdFSQtQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 06:13:05 GMT
age: 27969
etag: "9ad22ea868f3b72832243fd11315c68117c7542b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d0c96af-c60d-4600-85fc-ee30b7a0c931.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d0c96af-c60d-4600-85fc-ee30b7a0c931.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f01260130a9ea66e994137a2ac221122
85e58c55619e2cc855ff9dc5861e70be682bb247
987e83bd21ee86ba8384e5b28ab4e5536fc17c290d2e34f31734358208b246c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d0c96af-c60d-4600-85fc-ee30b7a0c931.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4526
x-amzn-requestid: 3b956935-0d79-4261-845f-df3684758cd5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c83HuGTDIAMF77g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63950564-759a4eec01b8fa2e6ced2fb1;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 22:17:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: b-4z9EOV7HU3RuLlDd0NF5-AEB14E1dL6WHbSy0dzNKoVKhABaqAYw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 13:40:21 GMT
age: 1133
etag: "85e58c55619e2cc855ff9dc5861e70be682bb247"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92a308f9-a83f-41bd-aacf-c6bd9e6eaf11.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92a308f9-a83f-41bd-aacf-c6bd9e6eaf11.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78068ece5c05e5936bfc1eac61c627f8
0c1118eaf153c16f6bcb731767b1237ee72a5541
9b7f84ec789ec853dc463e5839c63d8395e8921cc0599b8b7e694eebb1d22b9e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92a308f9-a83f-41bd-aacf-c6bd9e6eaf11.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6850
x-amzn-requestid: a7a24880-17cf-4873-9da2-1cdedb1d351b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csWC5GsFIAMF_jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6a12-186b17d55261c18243dc0302;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 22:00:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0o7IBdTij9xmRQK0w1ErdgWrwkWJIILBJKtd0nwmQGDurfi_VQN1iw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 13:56:19 GMT
age: 175
etag: "0c1118eaf153c16f6bcb731767b1237ee72a5541"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa890f071-ec5c-4223-9724-f63b2c9a73f3.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa890f071-ec5c-4223-9724-f63b2c9a73f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afb336b3180aa4e95a887d41561bf2b6
f26da3ddd126b938bf330e9f1a0f4adfd991fb99
d540eea94d006728d68801a8914490e636fc96ec104fe5bdfa0833aa51e3488f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa890f071-ec5c-4223-9724-f63b2c9a73f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4565
x-amzn-requestid: cf7eba9f-35f6-456e-b4ea-1d667a006291
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cgZgeHeuIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6389a2cf-58c886a627064bb4346cbd3f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 07:01:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7vxYY6d8twOHtlJHdzLDnGLY8P0gMoKb71q-X6X5iJHEq65Dyg_Eag==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 21:38:41 GMT
age: 58833
etag: "f26da3ddd126b938bf330e9f1a0f4adfd991fb99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4828
Expires: Sun, 11 Dec 2022 15:19:42 GMT
Date: Sun, 11 Dec 2022 13:59:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4828
Expires: Sun, 11 Dec 2022 15:19:42 GMT
Date: Sun, 11 Dec 2022 13:59:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4828
Expires: Sun, 11 Dec 2022 15:19:42 GMT
Date: Sun, 11 Dec 2022 13:59:14 GMT
Connection: keep-alive
jogwt.3rdeyehosting.com/wp-content/uploads/elementor/css/post-36.css?ver=1657785363
192.185.129.96200 OK 2.8 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/elementor/css/post-36.css?ver=1657785363
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (16119), with no line terminators
Hash c0603322aa1a9222b11bbc485aded74e
6fb35fc4fef9296c4ba8f93a3170caf7e76f6d8a
ca17490ed2d1792a427f164dc63c7efed0529128c157f6d0bdab1bfeb37480db
GET /wp-content/uploads/elementor/css/post-36.css?ver=1657785363 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Thu, 14 Jul 2022 07:56:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2789
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css
jogwt.3rdeyehosting.com/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.6.2
192.185.129.96200 OK 12 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.6.2
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4fb0795711301ef32d45d6f3fdef07b4
631536b58397ce6a01ea02f5b15bd445176f4a06
9ae496f3fc96cb6feec38d3965fefe4f998320f9a0c92130658d81367a696fa5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.6.2 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Fri, 08 Jul 2022 13:16:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12485
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css
jogwt.3rdeyehosting.com/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.6.2
192.185.129.96200 OK 4.4 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.6.2
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30283), with no line terminators
Hash c2c381b76f533a3992b1060b1e8275ed
8441603d412df07e265d70d72569bd3ed90c51ee
6b1c02e5f7f5a04d0320c0a69a67651c6c322b81dfcf1ad9ca29e0f7374cf613
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.6.2 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Fri, 08 Jul 2022 13:16:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4436
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/css
jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
192.185.129.96200 OK 13 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (57726)
Hash dc63c0a8e2d5857cc7a00a4b5456dabb
ee29df5eb2a4bf3eb805b160551c1afd84b42599
035ef40b1dd3df1eefb2dd3c8c2096425727fb939b06f3aa0bc6ef91dafd5441
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:41:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12577
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/css
jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
192.185.129.96200 OK 309 B URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (483)
Hash 0ea43e394ddaae5fdb710dbbc8869e58
3b0c93adc80720236096201db5cc2751e703996d
85225fffa21a94bfd954393d7471069ab227b98fd8b51cb5ab4af5488168a34e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:41:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 309
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css
jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
192.185.129.96200 OK 308 B URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (491)
Hash 851fd514d412b7e854365f20a4227c8a
08bf47072f70af1816450cc85a5efb3b8f9114d2
a9449e3cc7c003e5ed6b93bae7b0bba3e4f1713c52214f41d3591692a759b9d7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:41:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 308
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/css
jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
192.185.129.96200 OK 308 B URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (489)
Hash 0a08469d24387f830bbaaa00b3c228ae
01f5dfeb8f93a32c9a8f66fe5940758109771fcd
3c7c29e5fc1193ff7ce24f72f77b2dc129e1a9434a97ef7b625f6f715531803c
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:41:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 308
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/css
jogwt.3rdeyehosting.com/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.6.2
192.185.129.96200 OK 82 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.6.2
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash c982e9b644ffdcca1cc2ce31c4ac7efb
007619ba0357c9e6e6e7af490148bdeb4b94a620
97f5e1c354e2ec61a9e1204bb127f085949eb022666ada5c39f43211564ba859
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.6.2 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Fri, 08 Jul 2022 13:16:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
jogwt.3rdeyehosting.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
192.185.129.96200 OK 4.6 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Wed, 18 Nov 2020 14:36:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4618
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
192.185.129.96200 OK 5.3 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Wed, 25 May 2022 03:23:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5321
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
192.185.129.96200 OK 1.7 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11736)
Hash 717274acfe58491ba8e51d0a1879a4b9
e63bcac6c5284ca3fd054541ce2a60656c87908f
f872f6484df2bb34dfe4dc276cbaa990faf2078c0326a2dea8815bda4a0bf3b7
GET /wp-content/plugins/elementor/assets/css/widget-icon-list.min.css HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:41:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1652
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: text/css
jogwt.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/css/widget-carousel.min.css
192.185.129.96200 OK 5.4 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/css/widget-carousel.min.css
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (36838)
Hash 12e55afde2b37b260e08737a382f5df6
d0bd540af4f48088e0e9ff0be67680fa8afa24c9
a6d83035102b5b7e98e2bade3c2d12443e70fbab43e374bdb448a80fe979a382
GET /wp-content/plugins/elementor-pro/assets/css/widget-carousel.min.css HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:39:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5365
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: text/css
jogwt.3rdeyehosting.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
192.185.129.96200 OK 39 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65447)
Hash 32f58a61f7c5a7e10f8b2dcf8e9a8e34
865c25589283ab1debd45bdfa6c4d8c6ecf15ad3
481cb2216fbdb0797af8c61b69c0bda2c10d025f7b11f2cdfac382d35dc45d63
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 16:34:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/css/widget-posts.min.css
192.185.129.96200 OK 3.5 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/css/widget-posts.min.css
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (16024)
Hash 2c6e5c9f0cd9289b6fc731c56b0ee3ef
4e12a1d8fc8ef00b3dcde5e3e556523e30f97804
c417c4e2b4d2a865546808a2913fff27509434a9656050b6e3a50d6338b734fc
GET /wp-content/plugins/elementor-pro/assets/css/widget-posts.min.css HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:39:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3486
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/css
jogwt.3rdeyehosting.com/wp-content/uploads/elementor/css/post-1409.css?ver=1657785364
192.185.129.96200 OK 3.6 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/elementor/css/post-1409.css?ver=1657785364
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (18246), with no line terminators
Hash 9e3fb0a3cb50c3fbf328cc47c5c28ecc
aa63e3535465a33f6829f7a4d12795852325acd8
f7dc453aa3e66029bcc00518bedc22b515aa258705f6f08f05a2f623bb8f91d6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-1409.css?ver=1657785364 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Thu, 14 Jul 2022 07:56:04 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3642
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: text/css
jogwt.3rdeyehosting.com/wp-content/uploads/elementor/css/post-1475.css?ver=1661258642
192.185.129.96200 OK 838 B URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/elementor/css/post-1475.css?ver=1661258642
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4357), with no line terminators
Hash 896f6ec6600c314ca86c350ecafc1d18
91b6e7a65b80f8b066c4f674ad9786798ccc2409
c8932eef958c8029a3f76d7d6b7e810bb6209c8da572a16622ad6825440d7fdf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-1475.css?ver=1661258642 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Tue, 23 Aug 2022 12:44:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 838
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: text/css
jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.6.4
192.185.129.96200 OK 3.0 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.6.4
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10019)
Hash c2b5af6052f630a96e450e5e2a3cea52
00ca76a8828a1bbec1534eb10786804fd36492f2
58f6cc2d4fa3e528622102975fb62949dc0170bd47b588a67318d18552a57d59
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.6.4 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:41:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2997
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: text/css
jogwt.3rdeyehosting.com/wp-content/uploads/elementor/css/post-1519.css?ver=1657791403
192.185.129.96200 OK 1.0 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/elementor/css/post-1519.css?ver=1657791403
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6353), with no line terminators
Hash 66f7e8948dcca487965558f2c6c11ed6
b29ed462e5b73152284acc7e17426464d7126636
f022de8068e58c91ce61f56aa7588bce96bfb646c68ec844d10d05d7c2fc71e9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-1519.css?ver=1657791403 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Thu, 14 Jul 2022 09:36:43 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1035
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 784e0439ec6be7b4ca1312cd7cfae85b
18dad06db451855d3009aa3207d868895c577666
6369a3e27c976088b4dda95da9422fdb201979fedfcb4edf9db60089fd9ea53b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jogwt.3rdeyehosting.com/wp-content/uploads/premium-addons-elementor/pa-frontend-438372b2d.min.js?ver=1670767152
192.185.129.96200 OK 295 B URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/premium-addons-elementor/pa-frontend-438372b2d.min.js?ver=1670767152
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (575), with no line terminators
Hash 62040f94430fbd5179ca7e69dec74766
9ab53c5f3f21c5da3b5284024be10af0357015bd
0d926fa014bd1eedcf1d835fb77683c489b114d3252a1c2786b2a055e526adc0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/premium-addons-elementor/pa-frontend-438372b2d.min.js?ver=1670767152 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Wed, 24 Aug 2022 09:22:19 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 295
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
192.185.129.96200 OK 8.3 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 838560e989767f2ef5951b9eeee20352
6bf8419cb4d68d9beced9e4b79b22b347ae16a46
72e6d275c5229613a59aef94523fc6a96330553976aee003d8544d5806fa0c3d
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 16:34:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8344
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 784e0439ec6be7b4ca1312cd7cfae85b
18dad06db451855d3009aa3207d868895c577666
6369a3e27c976088b4dda95da9422fdb201979fedfcb4edf9db60089fd9ea53b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/firasans/v16/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
142.250.74.35200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v16/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 22592, version 1.0\012- data
Hash 4528524c7142b4e2d5c0438763223328
d439d881fd8c4f41e77c2fb07678e53fce3e331a
ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671
GET /s/firasans/v16/va9E4kDNxMZdWfMOD5Vvl4jL.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://jogwt.3rdeyehosting.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22592
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 15:42:51 GMT
expires: Wed, 06 Dec 2023 15:42:51 GMT
cache-control: public, max-age=31536000
age: 425783
last-modified: Thu, 21 Apr 2022 16:51:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jogwt.3rdeyehosting.com/wp-content/plugins/qi-addons-for-elementor/assets/js/main.min.js?ver=6.1.1
192.185.129.96200 OK 20 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/qi-addons-for-elementor/assets/js/main.min.js?ver=6.1.1
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (62449), with no line terminators
Hash c19ed582ef00abd7fa290ae16597e846
4d05baa2811abfb278ee09b55497d5e5123e0955
e02031f3c41db1953363687029d6d93481d4f108c34ed9fca37c88092af3188f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/qi-addons-for-elementor/assets/js/main.min.js?ver=6.1.1 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Thu, 14 Jul 2022 07:39:31 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.6.2
192.185.129.96200 OK 40 B URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.6.2
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with no line terminators
Hash 94d041d462db321cdb888066586f2068
717d2f9da7fb9f9e2bf2058a8177a0344f8a8647
b8166c5475df6a64ab2456e95f64564164ed697d258e8bfed8cebca40efd6fa5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.6.2 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Fri, 08 Jul 2022 13:16:35 GMT
Accept-Ranges: bytes
Content-Length: 40
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.35200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://jogwt.3rdeyehosting.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 06:30:11 GMT
expires: Sat, 09 Dec 2023 06:30:11 GMT
cache-control: public, max-age=31536000
age: 199743
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
142.250.74.35200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 23724, version 1.0\012- data
Hash 2ca1253c8e47277b38c02353cdf32102
3cd0373fd1ae7ad8cb62ff8f2200193a7e8977e7
51aa1f55f3d344d82ece24055a31012cf77d10cc4a2f9307f5dea293118d40f1
GET /s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://jogwt.3rdeyehosting.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 20:36:30 GMT
expires: Fri, 08 Dec 2023 20:36:30 GMT
cache-control: public, max-age=31536000
age: 235364
last-modified: Thu, 21 Apr 2022 16:58:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnPKreRhf6.woff2
142.250.74.35200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnPKreRhf6.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 22316, version 1.0\012- data
Hash d90c9f754a38229355a68e57d560ba62
f10075d6769df2ad5470c441eae3535c40d61acc
be8268fdf5d6791bc737102f1429ecd20a78d58e2a2cea7db1f614aecefc40fb
GET /s/firasans/v16/va9B4kDNxMZdWfMOD5VnPKreRhf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://jogwt.3rdeyehosting.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22316
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 22:10:40 GMT
expires: Fri, 08 Dec 2023 22:10:40 GMT
cache-control: public, max-age=31536000
age: 229714
last-modified: Thu, 21 Apr 2022 17:05:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
142.250.74.35200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 22760, version 1.0\012- data
Hash d36cf1e01f039283292b186b9c85c883
569131c8375a808d1f6a1ad22786cc6b32ec9820
8a90f9c307d889844f7286c11a9e8596c9a41b2e91123ab49cca0fbaa4b48dc7
GET /s/firasans/v16/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://jogwt.3rdeyehosting.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 18:56:58 GMT
expires: Wed, 06 Dec 2023 18:56:58 GMT
cache-control: public, max-age=31536000
age: 414136
last-modified: Thu, 21 Apr 2022 16:56:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/firasans/v16/va9f4kDNxMZdWfMOD5VvkrByRCf4VFk.woff2
142.250.74.35200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v16/va9f4kDNxMZdWfMOD5VvkrByRCf4VFk.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 24712, version 1.0\012- data
Hash 251cc4687a7f55281ab73945b1f9c993
2e802717ec3767117d32fd0df9d5def4e9cb067f
d0430beb254891a46106c24d7bd556893899b3417501cf55a9315f1dd9a07fd9
GET /s/firasans/v16/va9f4kDNxMZdWfMOD5VvkrByRCf4VFk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://jogwt.3rdeyehosting.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24712
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:34 GMT
expires: Sat, 09 Dec 2023 13:33:34 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 21 Apr 2022 16:51:53 GMT
content-type: font/woff2
age: 174340
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 784e0439ec6be7b4ca1312cd7cfae85b
18dad06db451855d3009aa3207d868895c577666
6369a3e27c976088b4dda95da9422fdb201979fedfcb4edf9db60089fd9ea53b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 784e0439ec6be7b4ca1312cd7cfae85b
18dad06db451855d3009aa3207d868895c577666
6369a3e27c976088b4dda95da9422fdb201979fedfcb4edf9db60089fd9ea53b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/heebo/v21/NGS6v5_NC0k9P9H2TbE.woff2
142.250.74.35200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/heebo/v21/NGS6v5_NC0k9P9H2TbE.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 27116, version 1.0\012- data
Hash 13c1ac7fc8f934e169620e81471a3a54
d111242b230c54204e9ec061537869f8ce20cb53
b38977ea35fde92fe200fa14ac7cc55e2edce54b998ce9a08734ba1dd9053fed
GET /s/heebo/v21/NGS6v5_NC0k9P9H2TbE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://jogwt.3rdeyehosting.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27116
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:15 GMT
expires: Sat, 09 Dec 2023 13:33:15 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 20:35:20 GMT
content-type: font/woff2
age: 174359
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2
142.250.74.35200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 23600, version 1.0\012- data
Hash 96535c146ffa5386af6a241b26a3a6b4
23cd84c531d12b9ee5e2fa0d1dd7620f4d6cff57
5a993ab2e9326ab9a1d3f403acf8eed16029f1113c786bcfef3f5b529343ab81
GET /s/firasans/v16/va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://jogwt.3rdeyehosting.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 15:44:19 GMT
expires: Wed, 06 Dec 2023 15:44:19 GMT
cache-control: public, max-age=31536000
age: 425695
last-modified: Thu, 21 Apr 2022 16:51:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 784e0439ec6be7b4ca1312cd7cfae85b
18dad06db451855d3009aa3207d868895c577666
6369a3e27c976088b4dda95da9422fdb201979fedfcb4edf9db60089fd9ea53b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.4
192.185.129.96200 OK 2.3 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.4
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4921)
Hash 7d020a34e237a973f81e36790d7a1bf4
88d384268be9926288690c6cd68bbba4b7d1c452
6be1f636695ba02ffc054502ca782f0fd3685b1e1f64ddae6a5b768f69db56c0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.4 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:41:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2314
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.4
192.185.129.96200 OK 5.7 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.4
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (14238)
Hash 755e516a396d5dcef2eec924aa7ce4d7
70e5294714b0d859904bf7bbfcf0459e7c599072
18541171013bb88267a4d73504377ae8b07071f881f9e77fd2c1d3d35895d2c9
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.4 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:41:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5676
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/bdthemes-element-pack-lite/assets/js/bdt-uikit.min.js?ver=3.13.1
192.185.129.96200 OK 55 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/bdthemes-element-pack-lite/assets/js/bdt-uikit.min.js?ver=3.13.1
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7c3057ea6b7ef0b6de709ea3a6ecfaf2
0d81e30fb5884ca1b6b053a24d349c641adf8d1f
6983ff8b9e725b5164042b90f58e9f5a4817ef35ebfd7012e3a23423b32eebff
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bdthemes-element-pack-lite/assets/js/bdt-uikit.min.js?ver=3.13.1 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:48:41 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.6.2
192.185.129.96200 OK 58 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.6.2
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (45047)
Hash cae2e74275fc8d8adebbb675ca053ef0
56df188334d0290657c2d1ce44734e15ca110675
695b84899b8e995d5bdc6ca6f217fa818dd32eeebf78dae2a0931925c328b8ef
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.6.2 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Fri, 08 Jul 2022 13:16:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
192.185.129.96200 OK 3.7 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12198), with no line terminators
Hash e2a8decccf4d0a6b925af707a36077a9
26a0febc9c3d91e75410f74b9ec62099ba1cbe90
09e0e638a6f53c0fdcfeeb8ae91f3a404bef47b471324e335e29be14a2aa87f7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:41:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3747
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.4
192.185.129.96200 OK 15 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.4
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (37702)
Hash b371f8745337418c76d8da1bce09024b
2a431cdfbfdeac1b4902729b6da81f120717623b
cf257af34107798df389a979dff2e9ade1a63dfe32f3e85ba8fb27026f765e33
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.4 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:41:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14706
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/bdthemes-element-pack-lite/assets/js/modules/ep-wrapper-link.min.js?ver=4.1.0
192.185.129.96200 OK 270 B URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/bdthemes-element-pack-lite/assets/js/modules/ep-wrapper-link.min.js?ver=4.1.0
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (411), with no line terminators
Hash d881e2b130a558c43e4554af3a2268c3
23faaf3c4c83f9fdb831d233289f69b001ce74f9
d8441003aa1683d0d75947a0bab662dd0fc4c6998c286b5509fbae3b02789a7a
GET /wp-content/plugins/bdthemes-element-pack-lite/assets/js/modules/ep-wrapper-link.min.js?ver=4.1.0 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:48:41 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 270
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
192.185.129.96200 OK 2.1 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5477)
Hash f0bd7ad12acdee26cbb2701c1ba3610b
53c5d15129860868b60b74cb010b2c6050a64f69
e6d0cb19e56d22e8e511c23ca2bd233bedb40e3c7cf4ff38fe6f059bc7e0c64f
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Sun, 14 Jun 2020 00:23:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2103
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js?ver=0.2.1
192.185.129.96200 OK 736 B URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js?ver=0.2.1
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1801), with no line terminators
Hash ae098a17e8889ff188a7a1ca4545c729
250400844f4e830503e2e9b8642fb00bc337eb62
0f5aecfe5c23d3149b592488ac69726074ee450de920b0e7ecf3071c1acd0771
GET /wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js?ver=0.2.1 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:14 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:41:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 736
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
192.185.129.96200 OK 2.7 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6475), with no line terminators
Hash 45bd1d6f7fc3a4069fc6fd400b90c961
903c7e28c7141e9fc1bdb4dfc62d043a97a01e2d
c638a0057b4be0a61cfb65b1860a855a327397e9871f5dde28fa2f138fb394dc
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:15 GMT
Server: Apache
Last-Modified: Wed, 25 May 2022 03:23:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2675
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
192.185.129.96200 OK 7.6 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash 66c68f2158dcf7d97a02f3719a17aab0
fdb04fb4c632b9fb4275006a4e402cd0d4fa393a
e4b360f0e6ae1afc06f05f958e8696e5ae45257912bc2ab0b9334bd1382a51aa
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:15 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 16:34:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7621
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/lottie.min.js?ver=4.9.13
192.185.129.96200 OK 87 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/lottie.min.js?ver=4.9.13
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7541b497201f2dc8a7c41e3e1953e9a6
1ec34548dd4420105746b8b76af5885c39ddc002
4c91e376b66d2bf55722c23f32f22e1ece39a8fb7d335cd504e17a48e5f8824c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/lottie.min.js?ver=4.9.13 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:15 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:48:37 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
192.185.129.96200 OK 1.7 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4875)
Hash 6a452794a68bc140a53b30519b94edf6
68046f5611ba3cf5da1c46087609aff18f59fdc1
259990a9e6191a72a51ac9d038d0c52bb56d880a2b0d460b1fca3f3fee7961ed
GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:15 GMT
Server: Apache
Last-Modified: Wed, 25 May 2022 03:23:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1712
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
192.185.129.96200 OK 4.2 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 3b62593186f7f91a9470ab6968ec5feb
bd7728c79c04f4f2f7a787097b0868e06ceba5ad
2a9920dc63cbd8228103c7d6bf2a044f06963041253c385c3cebb147297aa782
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:15 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 16:34:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4233
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/qi-addons-for-elementor/inc/plugins/elementor/assets/js/elementor.js?ver=6.1.1
192.185.129.96200 OK 1.5 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/qi-addons-for-elementor/inc/plugins/elementor/assets/js/elementor.js?ver=6.1.1
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash f54db384ae827f9e6e362a2d832ae63b
ba03311b91da82fac72ebbbfafde6a6532fcfe86
844c80da2b8ffca00582f4fae300b0998dc687eb9bad7f9a984104d2290163a9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/qi-addons-for-elementor/inc/plugins/elementor/assets/js/elementor.js?ver=6.1.1 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:15 GMT
Server: Apache
Last-Modified: Thu, 14 Jul 2022 07:39:31 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1511
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/bdthemes-prime-slider-lite/assets/js/prime-slider-site.min.js?ver=2.9.3
192.185.129.96200 OK 331 B URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/bdthemes-prime-slider-lite/assets/js/prime-slider-site.min.js?ver=2.9.3
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1152), with no line terminators
Hash d0b1100ae2578a20d44d0629bb3a1c3c
bfe793ff6393dc2386f2bd3024df928312e0357f
8030d85b7898088184589a7424ef853effe276041c4df33c639275799d387c20
GET /wp-content/plugins/bdthemes-prime-slider-lite/assets/js/prime-slider-site.min.js?ver=2.9.3 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:15 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:48:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 331
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/bdthemes-element-pack-lite/assets/js/common/helper.min.js?ver=4.1.0
192.185.129.96200 OK 139 B URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/bdthemes-element-pack-lite/assets/js/common/helper.min.js?ver=4.1.0
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with no line terminators
Hash 34dd50692330c5002fdba2e65b1d0630
c6370311efaff86f4770b37394d572c8e7aedba1
f0fc44c9258b2b9e35ee759bcd4cce3e26476fefe68381ef4ee8e2e3384a58b5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bdthemes-element-pack-lite/assets/js/common/helper.min.js?ver=4.1.0 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:15 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:48:41 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 139
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.6.4
192.185.129.96200 OK 2.4 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.6.4
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5082)
Hash d7c48b833a416e13373b2b361f7e4c09
312a8910f6a01d2cad605ff553a2e0634c040b45
e4b66a3e9553b628d7ef9f415b0bf6830ac2b9654853350a40bb8d044abd010b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.6.4 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:15 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:39:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2426
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.6.4
192.185.129.96200 OK 7.3 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.6.4
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (20372)
Hash 7cd4ef36c33b0f8acad972e7f31a7496
a966ed3c5f02e745eb477ec6371736a373070132
b6ce8398f3861266f84263acecae1d9089ea7ab67902dcb0d432077e5567e135
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.6.4 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:15 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:39:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7266
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.js?ver=2.6.2
192.185.129.96200 OK 442 B URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.js?ver=2.6.2
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (810), with no line terminators
Hash b96c7d958b2c4a3ff7e92608615daeb0
6e95b60a83d06479921cefd745c4dd058842604e
5176a7109dc14142199bbc99ce78c5c6536812d06562b1d300b283bd26849d2f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.js?ver=2.6.2 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:15 GMT
Server: Apache
Last-Modified: Fri, 08 Jul 2022 13:16:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 442
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.6.4
192.185.129.96200 OK 7.0 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.6.4
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (24170)
Hash e372e5e40d779d234ddf564bbb69aee1
82410f1bc3410b95e68d291d844ef8f6dc25bb15
21fe32b3539a30b3b415c569f24a3902eec5389be442d8f65d396bf3ea0ff3a7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.6.4 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:15 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:39:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6978
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=2.6.2
192.185.129.96200 OK 5.7 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=2.6.2
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (17065), with no line terminators
Hash 91e58ca4df088cc0232ce63fabe031b1
653d86d2ecc4d88e08f57b8e9f238ea6c817801e
0e91db767cfbf62300d865395618f603f7cd86e81bacf45d93b73615bfa5eb0c
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=2.6.2 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:15 GMT
Server: Apache
Last-Modified: Fri, 08 Jul 2022 13:16:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5668
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.6.4
192.185.129.96200 OK 1.4 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.6.4
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3235)
Hash 7212337450ba87c3ab795c3841ae535e
14398b97d3a4b8582db4dedbdf6f451df58b82d3
09e133edb6e265b26a0aca887d087df0f3b18d77fe52839f423b9cb94307a244
GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.6.4 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:15 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:39:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1437
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
192.185.129.96200 OK 78 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:15 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:41:22 GMT
Accept-Ranges: bytes
Content-Length: 78196
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: font/woff2
jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
192.185.129.96200 OK 13 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Hash f0f8230116992e521526097a28f54066
0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:15 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:41:22 GMT
Accept-Ranges: bytes
Content-Length: 13276
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: font/woff2
jogwt.3rdeyehosting.com/wp-content/plugins/qi-addons-for-elementor/assets/plugins/swiper/swiper.min.js?ver=6.1.1
192.185.129.96200 OK 48 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/qi-addons-for-elementor/assets/plugins/swiper/swiper.min.js?ver=6.1.1
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65284)
Hash f1dd2bb4bd0fb08054703bccc74c4b49
5eb3b7789bb5b92918ed4c709d4c8bb364614d26
ca04fa9837da4878488411efb60bfb07366f413f6c510c28ad6a0bebe95dc933
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/qi-addons-for-elementor/assets/plugins/swiper/swiper.min.js?ver=6.1.1 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:15 GMT
Server: Apache
Last-Modified: Thu, 14 Jul 2022 07:39:31 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
192.185.129.96200 OK 77 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Hash f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:15 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:41:22 GMT
Accept-Ranges: bytes
Content-Length: 76764
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: font/woff2
jogwt.3rdeyehosting.com/wp-content/uploads/2022/07/white-dot.jpeg
192.185.129.96200 OK 53 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/2022/07/white-dot.jpeg
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, description=Seamless geometric pattern. Gray dots on a white background. 300 x 220 mm\377\341\005Zhttp://ns.adobe.com/xap/1.0/], progressive, precision 8, 612x449, components 3\012- data
Hash 77c9e14841aa874fc61a149793cc5cd7
9145a882f3648ba21d57140c8915a63936167859
1ed14fe60b67f191924e4becb4bad740044435368ab0d2390185826b55315b46
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/07/white-dot.jpeg HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/wp-content/uploads/elementor/css/post-1030.css?ver=1657965665
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:15 GMT
Server: Apache
Last-Modified: Fri, 08 Jul 2022 07:27:15 GMT
Accept-Ranges: bytes
Content-Length: 53058
Keep-Alive: timeout=5, max=63
Connection: Keep-Alive
Content-Type: image/jpeg
jogwt.3rdeyehosting.com/wp-content/uploads/2022/07/linebgoverlay.png
192.185.129.96200 OK 12 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/2022/07/linebgoverlay.png
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1200 x 900, 8-bit/color RGBA, non-interlaced\012- data
Hash 2ccc94b800dd5966debf1c3f77bd22b6
c40a55618ae6ac2e1c1e7533326288366018cc56
2e42087ebcd8c9e5570abacc3149a79a1945b4a192579022983e898d121dee68
GET /wp-content/uploads/2022/07/linebgoverlay.png HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/wp-content/uploads/elementor/css/post-1030.css?ver=1657965665
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:15 GMT
Server: Apache
Last-Modified: Fri, 08 Jul 2022 07:33:54 GMT
Accept-Ranges: bytes
Content-Length: 12089
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: image/png
jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.15.0
192.185.129.96200 OK 92 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.15.0
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 92444, version 1.0\012- data
Hash e5d9164498f1649084fe6fb95d3ad593
29e71123f8ef22f20f8d50bc4caac9db6e04a824
1525cd3ea05d1c00e4b385e781749c3bac5c01570b5800198bec0a252bb6c715
GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.15.0 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:15 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:41:22 GMT
Accept-Ranges: bytes
Content-Length: 92444
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: font/woff2
jogwt.3rdeyehosting.com/wp-content/uploads/elementor/thumbs/teamwork-brings-up-their-best-pojwrfn4u4hev4m9ieu2y24rmg1vd58909n4fa6px4.jpg
192.185.129.96200 OK 23 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/elementor/thumbs/teamwork-brings-up-their-best-pojwrfn4u4hev4m9ieu2y24rmg1vd58909n4fa6px4.jpg
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 97846361c615b0c357bb5f2f4c5f8e41
fad6f942e3584f019149166c0621dda8e89b4ee8
56a380d19c96f099b20527bcc138d2a6febe3eb7b01ecbc0a046f4b85e3088e7
GET /wp-content/uploads/elementor/thumbs/teamwork-brings-up-their-best-pojwrfn4u4hev4m9ieu2y24rmg1vd58909n4fa6px4.jpg HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:15 GMT
Server: Apache
Last-Modified: Thu, 14 Jul 2022 07:23:51 GMT
Accept-Ranges: bytes
Content-Length: 23342
Keep-Alive: timeout=5, max=63
Connection: Keep-Alive
Content-Type: image/jpeg
jogwt.3rdeyehosting.com/wp-content/uploads/elementor/thumbs/alternative-energy-generation-in-germany-ppkgxzukrjmywisyms98g8gh3xfs6opo666sobl9ko.jpg
192.185.129.96200 OK 18 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/elementor/thumbs/alternative-energy-generation-in-germany-ppkgxzukrjmywisyms98g8gh3xfs6opo666sobl9ko.jpg
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 0178baf9478feb65190b4f45dda25301
b979d3a5da1dc6268816c46fbd237353926aa149
2f5a0f23df2fd3d7e3fb3b5a11d92465a16c3c8697df21436d1108a1c1573593
GET /wp-content/uploads/elementor/thumbs/alternative-energy-generation-in-germany-ppkgxzukrjmywisyms98g8gh3xfs6opo666sobl9ko.jpg HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:15 GMT
Server: Apache
Last-Modified: Thu, 14 Jul 2022 07:24:22 GMT
Accept-Ranges: bytes
Content-Length: 18051
Keep-Alive: timeout=5, max=63
Connection: Keep-Alive
Content-Type: image/jpeg
jogwt.3rdeyehosting.com/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/fonts/elementskit.woff?y24e1e
192.185.129.96200 OK 443 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/fonts/elementskit.woff?y24e1e
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 442864, version 1.0\012- data
Size 443 kB (442864 bytes)
Hash fd4a1534fca171a46ef07ffca631465e
14c7b48fd5e85e3e375f721299da885330e95152
7659fa917839f5a43c0141f18cad5181d379bdb86a5923e15f5167a307107e2f
GET /wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/fonts/elementskit.woff?y24e1e HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.6.2
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:15 GMT
Server: Apache
Last-Modified: Fri, 08 Jul 2022 13:16:35 GMT
Accept-Ranges: bytes
Content-Length: 442864
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: font/woff
jogwt.3rdeyehosting.com/wp-content/uploads/elementor/thumbs/NGF_NE_Holsted2-pq1rbjfsbj4zz5i1zpd729uzpnd2q564nbhjo6o0jc.png
192.185.129.96200 OK 202 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/elementor/thumbs/NGF_NE_Holsted2-pq1rbjfsbj4zz5i1zpd729uzpnd2q564nbhjo6o0jc.png
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size 202 kB (202532 bytes)
Hash 4f7ccb55a4f8f988bffdb40e5fcf5a2d
902cf40d0abde43f5fc76ab9a6d5c05136814272
01fcb5383f5c6432074f4977089dac73981432798ea4d0e83624bb74efd8d826
GET /wp-content/uploads/elementor/thumbs/NGF_NE_Holsted2-pq1rbjfsbj4zz5i1zpd729uzpnd2q564nbhjo6o0jc.png HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:15 GMT
Server: Apache
Last-Modified: Thu, 14 Jul 2022 07:23:28 GMT
Accept-Ranges: bytes
Content-Length: 202532
Keep-Alive: timeout=5, max=62
Connection: Keep-Alive
Content-Type: image/png
jogwt.3rdeyehosting.com/wp-content/uploads/elementor/thumbs/electric-car-charging-station-pojwqhsy037395zf007igao68kono1hwvm5n5bkw54.jpg
192.185.129.96200 OK 12 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/elementor/thumbs/electric-car-charging-station-pojwqhsy037395zf007igao68kono1hwvm5n5bkw54.jpg
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 6c56b140d4b84ea6c1870c97cbab40a3
3dad262b70931de2714c59e3f8bb6b8f39730d50
9ae73aed98ac8ebffd3f8b0e10941d891c53a301e5dfdce3f2ea6f3dc5ac53d6
GET /wp-content/uploads/elementor/thumbs/electric-car-charging-station-pojwqhsy037395zf007igao68kono1hwvm5n5bkw54.jpg HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:16 GMT
Server: Apache
Last-Modified: Thu, 14 Jul 2022 07:24:52 GMT
Accept-Ranges: bytes
Content-Length: 11715
Keep-Alive: timeout=5, max=62
Connection: Keep-Alive
Content-Type: image/jpeg
jogwt.3rdeyehosting.com/wp-content/uploads/elementor/thumbs/pd-enews-energy-light-bulb-pe0vskh5nuvze3feocrx9ffy5vbe64drcma9z1amrc-pq211xpw06szy4j3x5yijuovokaw487y5mdo1j4p14.jpg
192.185.129.96200 OK 15 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/elementor/thumbs/pd-enews-energy-light-bulb-pe0vskh5nuvze3feocrx9ffy5vbe64drcma9z1amrc-pq211xpw06szy4j3x5yijuovokaw487y5mdo1j4p14.jpg
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 65bbbcee9d3564395d36e4ff11038313
55a4660e2fc7cc1cd80518234eba6c3bb3a33727
b2cb24261a94115ad86d877044845fb6774cfbd96ef44d745f45f58d4885cd1e
GET /wp-content/uploads/elementor/thumbs/pd-enews-energy-light-bulb-pe0vskh5nuvze3feocrx9ffy5vbe64drcma9z1amrc-pq211xpw06szy4j3x5yijuovokaw487y5mdo1j4p14.jpg HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:16 GMT
Server: Apache
Last-Modified: Thu, 14 Jul 2022 07:26:13 GMT
Accept-Ranges: bytes
Content-Length: 15402
Keep-Alive: timeout=5, max=62
Connection: Keep-Alive
Content-Type: image/jpeg
jogwt.3rdeyehosting.com/wp-content/uploads/2022/06/NGF_NE_Holsted2-1024x512.png
192.185.129.96200 OK 1.1 MB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/2022/06/NGF_NE_Holsted2-1024x512.png
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1024 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size 1.1 MB (1071958 bytes)
Hash 90f0c94383d423412c01b3f870c44522
d4aaec198a0f88fc7d40163fd080c9f787d92da6
1e74de105a78b37216577821a1840fba740d695bea89e37816f2571196dbc19f
GET /wp-content/uploads/2022/06/NGF_NE_Holsted2-1024x512.png HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:15 GMT
Server: Apache
Last-Modified: Thu, 09 Jun 2022 06:24:35 GMT
Accept-Ranges: bytes
Content-Length: 1071958
Keep-Alive: timeout=5, max=63
Connection: Keep-Alive
Content-Type: image/png
jogwt.3rdeyehosting.com/wp-content/uploads/elementor/thumbs/Water-Management-pe0vs7bf06dyvjyit735airhuh496cximt5h95u56g-pq20ylejpe8ao1dvfpy9op1vn8rwqyyb12vim4335k.jpg
192.185.129.96200 OK 17 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/elementor/thumbs/Water-Management-pe0vs7bf06dyvjyit735airhuh496cximt5h95u56g-pq20ylejpe8ao1dvfpy9op1vn8rwqyyb12vim4335k.jpg
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash b29277a8de78c864eff0fff3fd71a21c
d92086b7d523d76b7aebc4b000ab05c13d782833
939875cbd8d6df8c1b4ec1b10a1279d9983e242565ca944d32f1c0d4bfc504e2
GET /wp-content/uploads/elementor/thumbs/Water-Management-pe0vs7bf06dyvjyit735airhuh496cximt5h95u56g-pq20ylejpe8ao1dvfpy9op1vn8rwqyyb12vim4335k.jpg HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:16 GMT
Server: Apache
Last-Modified: Thu, 14 Jul 2022 07:26:13 GMT
Accept-Ranges: bytes
Content-Length: 17447
Keep-Alive: timeout=5, max=63
Connection: Keep-Alive
Content-Type: image/jpeg
jogwt.3rdeyehosting.com/wp-content/uploads/2022/05/narmada_sagar.png
192.185.129.96200 OK 76 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/2022/05/narmada_sagar.png
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 300 x 287, 8-bit/color RGBA, non-interlaced\012- data
Hash 919fb8f4a6b23dbac95eae35225b8d63
7417809fe252254a4cafae6564313d6321de0fa5
df2bedd48a3205dcf26c6d8981e72e58750eaf381ff6221573fd69d01d857346
GET /wp-content/uploads/2022/05/narmada_sagar.png HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:16 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 10:05:31 GMT
Accept-Ranges: bytes
Content-Length: 75550
Keep-Alive: timeout=5, max=61
Connection: Keep-Alive
Content-Type: image/png
jogwt.3rdeyehosting.com/wp-content/uploads/elementor/thumbs/happy-couple-using-electric-scooter-bicycle-in-city-green-eco-energy-concept-with-zero-emission-pq09v8agxowjlwo2lwswhv7b801gldslevcaf7uyt4.jpg
192.185.129.96200 OK 23 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/elementor/thumbs/happy-couple-using-electric-scooter-bicycle-in-city-green-eco-energy-concept-with-zero-emission-pq09v8agxowjlwo2lwswhv7b801gldslevcaf7uyt4.jpg
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 2bef24757d9e9fdfa51514afc5155e47
a539efe098456d0293a0666d197ba685e3cd6055
484d4a8f103b8c1e38cd1cade0e06feaf4dc786cf3e1831e067778ef5989813b
GET /wp-content/uploads/elementor/thumbs/happy-couple-using-electric-scooter-bicycle-in-city-green-eco-energy-concept-with-zero-emission-pq09v8agxowjlwo2lwswhv7b801gldslevcaf7uyt4.jpg HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:16 GMT
Server: Apache
Last-Modified: Thu, 14 Jul 2022 06:44:07 GMT
Accept-Ranges: bytes
Content-Length: 22577
Keep-Alive: timeout=5, max=61
Connection: Keep-Alive
Content-Type: image/jpeg
jogwt.3rdeyehosting.com/wp-content/uploads/2022/07/Natural_Gas_Upgradation_System_Purification_Plant.jpeg
192.185.129.96200 OK 74 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/2022/07/Natural_Gas_Upgradation_System_Purification_Plant.jpeg
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x404, components 3\012- data
Hash ced71d93f67044a06063a25396e6165f
4497d99f7ee80d25a2940c486da825142980cf63
b6cb0d64821fb8473136222bfb2fe668c1a1977a807820cb5f07b89c402c792b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/07/Natural_Gas_Upgradation_System_Purification_Plant.jpeg HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/wp-content/uploads/elementor/css/post-1030.css?ver=1657965665
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:16 GMT
Server: Apache
Last-Modified: Fri, 08 Jul 2022 08:41:11 GMT
Accept-Ranges: bytes
Content-Length: 73659
Keep-Alive: timeout=5, max=62
Connection: Keep-Alive
Content-Type: image/jpeg
jogwt.3rdeyehosting.com/wp-content/uploads/2022/05/map_bg.png
192.185.129.96200 OK 35 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/2022/05/map_bg.png
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1080 x 606, 8-bit/color RGBA, non-interlaced\012- data
Hash a2f32d03500b3c341a91199c4be98fb9
206e61301d859d6682905af5631185851f4462cb
b33b06b801ddbe2eff523c6c34a5dda9f40bafd51b346e4cf27b46b7b11373a1
GET /wp-content/uploads/2022/05/map_bg.png HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/wp-content/uploads/elementor/css/post-1030.css?ver=1657965665
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:16 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:56:42 GMT
Accept-Ranges: bytes
Content-Length: 34831
Keep-Alive: timeout=5, max=60
Connection: Keep-Alive
Content-Type: image/png
jogwt.3rdeyehosting.com/wp-content/uploads/2022/05/bg_img_top_left.png
192.185.129.96200 OK 67 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/2022/05/bg_img_top_left.png
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1280 x 720, 8-bit/color RGBA, non-interlaced\012- data
Hash 72184f4d755cf37e92a74bdb7c4e038a
933843aa406e3294aa2b8e032969200117cac1b6
e4a4a4a4df3f5abf0c12570e78962b22320565e32014d76e05bd3f3d8aa3fc6d
GET /wp-content/uploads/2022/05/bg_img_top_left.png HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/wp-content/uploads/elementor/css/post-1030.css?ver=1657965665
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:16 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:57:06 GMT
Accept-Ranges: bytes
Content-Length: 66631
Keep-Alive: timeout=5, max=60
Connection: Keep-Alive
Content-Type: image/png
jogwt.3rdeyehosting.com/wp-content/uploads/2022/05/biogas-banner2.jpg
192.185.129.96200 OK 222 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/2022/05/biogas-banner2.jpg
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 1500x599, components 3\012- data
Size 222 kB (221558 bytes)
Hash cb3529eb5f9b4ff19fc96eeba0d339bd
a6a12e6b7bcc5060153b260f9f061138d44bfb0b
66da88ca45cc4cf85abce700b4b458d0441a7a4d7b83488c28b3ae36f99e63a4
GET /wp-content/uploads/2022/05/biogas-banner2.jpg HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/wp-content/uploads/elementor/css/post-1030.css?ver=1657965665
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:16 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 08:02:48 GMT
Accept-Ranges: bytes
Content-Length: 221558
Keep-Alive: timeout=5, max=61
Connection: Keep-Alive
Content-Type: image/jpeg
jogwt.3rdeyehosting.com/wp-content/uploads/2022/05/bg_img.png
192.185.129.96200 OK 68 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/2022/05/bg_img.png
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1280 x 720, 8-bit/color RGBA, non-interlaced\012- data
Hash 194b1a068fa8ab83779e4c34c0dd226d
4b43d6a60452483df740fbc9582a6779dc2e71c9
8658d9247a3107c90c1d14022b5271c7af0e206d92931e1d41b4fa416e344a32
GET /wp-content/uploads/2022/05/bg_img.png HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/wp-content/uploads/elementor/css/post-36.css?ver=1657785363
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:16 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:53:57 GMT
Accept-Ranges: bytes
Content-Length: 68491
Keep-Alive: timeout=5, max=61
Connection: Keep-Alive
Content-Type: image/png
jogwt.3rdeyehosting.com/wp-content/uploads/2022/07/Biogas_Scrubbers.png
192.185.129.96200 OK 470 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/2022/07/Biogas_Scrubbers.png
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 700 x 467, 8-bit/color RGB, non-interlaced\012- data
Size 470 kB (470465 bytes)
Hash 856a85f294d6119776095ad577ee1a5c
cf01963af81a32ac2de9123ad1bdad221a3ada47
c484219fa39d95b47b6b573077d08807b592f1534dcaf3fc022922858599cbdb
GET /wp-content/uploads/2022/07/Biogas_Scrubbers.png HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/wp-content/uploads/elementor/css/post-1030.css?ver=1657965665
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:16 GMT
Server: Apache
Last-Modified: Fri, 08 Jul 2022 08:43:30 GMT
Accept-Ranges: bytes
Content-Length: 470465
Keep-Alive: timeout=5, max=62
Connection: Keep-Alive
Content-Type: image/png
jogwt.3rdeyehosting.com/wp-content/uploads/2022/05/Backup_of_jog-300x141.png
192.185.129.96200 OK 21 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/2022/05/Backup_of_jog-300x141.png
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 300 x 141, 8-bit/color RGBA, non-interlaced\012- data
Hash 3c14c7047e769a2be30a26cdfc1478a8
c37e1a87248754012e2849d0ca37a14ba553dc1d
889e3362602ffdb61efe025bdd64acf564a6d7fa6c57369a0635fa850ee1410c
GET /wp-content/uploads/2022/05/Backup_of_jog-300x141.png HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:16 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 08:20:34 GMT
Accept-Ranges: bytes
Content-Length: 20732
Keep-Alive: timeout=5, max=59
Connection: Keep-Alive
Content-Type: image/png
jogwt.3rdeyehosting.com/wp-content/uploads/2022/07/excel_biogas_1.png
192.185.129.96200 OK 47 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/2022/07/excel_biogas_1.png
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 507 x 268, 8-bit/color RGBA, non-interlaced\012- data
Hash 8c015e858038fb7a3c09cc52b4763e4d
127985cba452614db729a14eb452fa380d007718
7e150ecd635299798c7d5ed49ebf7af000343019a0c4014956d7795d6a819afe
GET /wp-content/uploads/2022/07/excel_biogas_1.png HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:16 GMT
Server: Apache
Last-Modified: Thu, 14 Jul 2022 08:23:18 GMT
Accept-Ranges: bytes
Content-Length: 46905
Keep-Alive: timeout=5, max=59
Connection: Keep-Alive
Content-Type: image/png
jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/js/text-editor.289ae80d76f0c5abea44.bundle.min.js
192.185.129.96200 OK 668 B URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/js/text-editor.289ae80d76f0c5abea44.bundle.min.js
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1316)
Hash 9d451c24cdbc8481e9bbaafc57579167
cfa6c2106c7d4f1c7124b2dda7ff23c011425f6c
3f3cb7fb8d9fb0f1dc83062cf2043e85e089ea0f8f7e5cb8149b75223e688e3f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/text-editor.289ae80d76f0c5abea44.bundle.min.js HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:16 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:41:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 668
Keep-Alive: timeout=5, max=60
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/uploads/2022/06/NGF_NE_Holsted2.png
192.185.129.96200 OK 2.6 MB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/2022/06/NGF_NE_Holsted2.png
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1600 x 800, 8-bit/color RGBA, non-interlaced\012- data
Size 2.6 MB (2634801 bytes)
Hash 6538c3a9e92e8cc3f6dc97cba32d57e7
f8eafbd772c4c3ae69858d630fafc53b2b373a03
79cfa52865b85589449f195dc627084182cbfdf650ee40aa3406301474cf030a
GET /wp-content/uploads/2022/06/NGF_NE_Holsted2.png HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/wp-content/uploads/elementor/css/post-1030.css?ver=1657965665
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:15 GMT
Server: Apache
Last-Modified: Thu, 09 Jun 2022 06:24:34 GMT
Accept-Ranges: bytes
Content-Length: 2634801
Keep-Alive: timeout=5, max=63
Connection: Keep-Alive
Content-Type: image/png
jogwt.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/js/load-more.80eb3caec79a44347d74.bundle.min.js
192.185.129.96200 OK 1.5 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/js/load-more.80eb3caec79a44347d74.bundle.min.js
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4301)
Hash eaa52ed0335eec89a184b8e6970ec6c4
31fe26b1f302b8928f168a26d0c1fef0472c7d1d
2295bcb00f0843fb41622ced1adad8642ad5fd3d1b94f24cd72c203876788169
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/load-more.80eb3caec79a44347d74.bundle.min.js HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:16 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:39:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1468
Keep-Alive: timeout=5, max=60
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
192.185.129.96200 OK 47 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65280)
Hash 6d3f8ba511b26a2b5e2555673e996be4
d5a3c1ed68beeeafc4da01d71a6b7ce0f19f985e
955d1e858ec91ca4b3f5c845421692afc83dcbca3dd52577f746e18278f45315
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:16 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:41:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=58
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/js/slides.b3c3013aaf60282ce45b.bundle.min.js
192.185.129.96200 OK 1.6 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/js/slides.b3c3013aaf60282ce45b.bundle.min.js
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3787)
Hash c6ae758d5edfd1954f7f885b4bd77fde
b4f91fd9763647aff54a7f8fe9bc86824e842946
0d79c67d6a18e0f836a3773cd55cc012d2b810fe0cfd9ef9f60b445ee8c9a4d4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/slides.b3c3013aaf60282ce45b.bundle.min.js HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:16 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:39:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1583
Keep-Alive: timeout=5, max=61
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/js/carousel.fc5e450716cd11d05beb.bundle.min.js
192.185.129.96200 OK 1.9 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/js/carousel.fc5e450716cd11d05beb.bundle.min.js
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4880)
Hash 6c262788e44805d484763e98fec88389
42cfd937046413cd4f121e8394a83832e77a1697
b0ad93bb62c3cc5a4b463c61e4933e2785369c4f3fa3d6e08d9ec8a7a7cf0f99
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/carousel.fc5e450716cd11d05beb.bundle.min.js HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:16 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:39:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1911
Keep-Alive: timeout=5, max=58
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/js/posts.fb47ff5b9f7ecb0aba80.bundle.min.js
192.185.129.96200 OK 1.3 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/js/posts.fb47ff5b9f7ecb0aba80.bundle.min.js
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3075)
Hash 90bbccfd1616d51888effd871f4cf3b2
40da2cfd0c6b23689abc9db5eeca4bd7856acd9c
f3efa6510408b765d1911758a698b00eb05f50e11384d004b72b0aee0ee1a640
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/posts.fb47ff5b9f7ecb0aba80.bundle.min.js HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:16 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:39:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1315
Keep-Alive: timeout=5, max=59
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/js/form.358793a6bb3724ab5f99.bundle.min.js
192.185.129.96200 OK 6.6 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/js/form.358793a6bb3724ab5f99.bundle.min.js
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19201)
Hash 43a8cac9ee4720999969c073734d84c4
1d1e530ae050b6669feb89377320b39ac0babdd3
f50aa457f79c03a522f4106d7fe764dc66cc0c9da212294a0d940042f01779bf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/form.358793a6bb3724ab5f99.bundle.min.js HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:17 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:39:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6552
Keep-Alive: timeout=5, max=62
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/js/popup.483b906ddaa1af17ff14.bundle.min.js
192.185.129.96200 OK 451 B URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor-pro/assets/js/popup.483b906ddaa1af17ff14.bundle.min.js
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (715)
Hash 83a7f2e1a9aae8becbad7e95c62fe72a
b9e3d4cb8b981c73cb0c027af2e52da7d4db7ee0
488659b73b33cc3ff980b9566d28052fc52770c95d8eaf9b6916b32613c15094
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/popup.483b906ddaa1af17ff14.bundle.min.js HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:17 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:39:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 451
Keep-Alive: timeout=5, max=59
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
192.185.129.96200 OK 4.2 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10544)
Hash 552977febe8ef2c71b0806dfaefd2552
01baebfd09383c5d44f066e7b5540fcca6a5eae4
7895907f5a4f54c08c4705b1a194e21c556d68027c5e0a70d4c05b377e712b1d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:17 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:41:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4200
Keep-Alive: timeout=5, max=60
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.6.4
192.185.129.96200 OK 1.2 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.6.4
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2577)
Hash 159281ac01a46f042b38d0d44cf3eb7a
54677be6b1cf85899d2ab1a6fada531ca5613d29
0738d3f931e8df2b67f3be1ec216b103560266c56cc38fdafae055bcb807ffea
GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.6.4 HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:17 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:41:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Keep-Alive: timeout=5, max=57
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/js/lightbox.2b2c155d6ec60974d8c4.bundle.min.js
192.185.129.96200 OK 11 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/plugins/elementor/assets/js/lightbox.2b2c155d6ec60974d8c4.bundle.min.js
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (29237)
Hash 510d655f9851f1f5c88b48f41a1f076b
29760358a6389a34b5be62d2a35398f2dc9a7eea
91b4f57f507be53c84378e864842fa262f7cc8163669156aa5fe1c6f4db6c336
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/lightbox.2b2c155d6ec60974d8c4.bundle.min.js HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:17 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 07:41:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11367
Keep-Alive: timeout=5, max=57
Connection: Keep-Alive
Content-Type: application/javascript
jogwt.3rdeyehosting.com/wp-content/uploads/2022/06/02-Drone-Planta-de-Biogas-de-1MW-en-Stracathro-Reino-Unido.jpg
192.185.129.96200 OK 519 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/2022/06/02-Drone-Planta-de-Biogas-de-1MW-en-Stracathro-Reino-Unido.jpg
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2018:12:17 11:00:47], baseline, precision 8, 1323x744, components 3\012- data
Size 519 kB (519398 bytes)
Hash 89ffa47073d80be07fb7a2e6f698e3b1
4291b4af2181130da74b6d9c4ea659f0e310f8ab
9495889b6d09037623d0f44df31f6f2602bb7da99b0bbc1b6583202371ccddc5
GET /wp-content/uploads/2022/06/02-Drone-Planta-de-Biogas-de-1MW-en-Stracathro-Reino-Unido.jpg HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:17 GMT
Server: Apache
Last-Modified: Thu, 09 Jun 2022 06:24:25 GMT
Accept-Ranges: bytes
Content-Length: 519398
Keep-Alive: timeout=5, max=58
Connection: Keep-Alive
Content-Type: image/jpeg
jogwt.3rdeyehosting.com/wp-content/uploads/2022/05/fermenter_innen.jpg
192.185.129.96200 OK 348 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/2022/05/fermenter_innen.jpg
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 800x535, components 3\012- data
Size 348 kB (347959 bytes)
Hash a43118f08ffb85193c6e9f299070284c
3af633ce12fa7e59853cf33944cef41e6daa567f
d86589751ca9318d49f40f4fee1317e7ae8821b476e315c29a35cd082b03f5c9
GET /wp-content/uploads/2022/05/fermenter_innen.jpg HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:17 GMT
Server: Apache
Last-Modified: Wed, 11 May 2022 03:18:54 GMT
Accept-Ranges: bytes
Content-Length: 347959
Keep-Alive: timeout=5, max=61
Connection: Keep-Alive
Content-Type: image/jpeg
jogwt.3rdeyehosting.com/wp-content/uploads/2022/05/4575-teofipol_1_0.jpg
192.185.129.96200 OK 358 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/2022/05/4575-teofipol_1_0.jpg
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1000, components 3\012- data
Size 358 kB (357476 bytes)
Hash 030c195c41dfeb3e370cd42f3d0a371d
671fac87d6677d564fa98a8b1ad309fcc87f0a5b
a08dab75b53db2e647d179237a25cc2434da217b580d77df50ac6cf46171bb02
GET /wp-content/uploads/2022/05/4575-teofipol_1_0.jpg HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:17 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 09:10:31 GMT
Accept-Ranges: bytes
Content-Length: 357476
Keep-Alive: timeout=5, max=58
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7064f6619ec94ac742915441ddf9be63
07864ef6316dfb3bfd38d602d2c38d237da8e61e
501f0b2261360de41668fde33f0518321c9335d5e1eab0f4a1014f75e061cca1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jogwt.3rdeyehosting.com/wp-content/uploads/2022/05/shutterstock_1413617345-small.jpg
192.185.129.96200 OK 232 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-content/uploads/2022/05/shutterstock_1413617345-small.jpg
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1032x774, components 3\012- data
Size 232 kB (231518 bytes)
Hash 76c64b60c283b0d90618cda0c59939cf
db29a8733011a56c35b4a2ff2a9fc96fa3d76436
00573bbb430800210f4464cf983f6cb0362441bcc9c2aaf5dbfa68d7a6c1756c
GET /wp-content/uploads/2022/05/shutterstock_1413617345-small.jpg HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:17 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 09:10:36 GMT
Accept-Ranges: bytes
Content-Length: 231518
Keep-Alive: timeout=5, max=59
Connection: Keep-Alive
Content-Type: image/jpeg
www.youtube.com/s/player/72d3c60a/www-widgetapi.vflset/www-widgetapi.js
216.58.211.14200 OK 54 kB URL HTTP/2 www.youtube.com/s/player/72d3c60a/www-widgetapi.vflset/www-widgetapi.js
IP 216.58.211.14:0
File type ASCII text, with very long lines (817)
Hash a5700632998a645f12520fd7f8d6b38f
57677812c099ecd86ddec1e6e69110c97128d993
e70ed17b7599772efaa5e5310b754ec0bebf2b654fbb348c8882b971f8f13c4e
GET /s/player/72d3c60a/www-widgetapi.vflset/www-widgetapi.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 54103
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 11 Dec 2022 10:08:08 GMT
expires: Mon, 11 Dec 2023 10:08:08 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Dec 2022 01:17:24 GMT
content-type: text/javascript
age: 13869
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7064f6619ec94ac742915441ddf9be63
07864ef6316dfb3bfd38d602d2c38d237da8e61e
501f0b2261360de41668fde33f0518321c9335d5e1eab0f4a1014f75e061cca1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 21:48:03 GMT
expires: Fri, 08 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 231074
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 16:40:43 GMT
expires: Fri, 08 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 249514
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jogwt.3rdeyehosting.com/favicon.ico
192.185.129.96302 Found 0 B URL HTTP/1.1 jogwt.3rdeyehosting.com/favicon.ico
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
HTTP/1.1 302 Found
Date: Sun, 11 Dec 2022 13:59:17 GMT
Server: Apache
Link: <http://jogwt.3rdeyehosting.com/wp-json/>; rel="https://api.w.org/"
X-Redirect-By: WordPress
Location: http://jogwt.3rdeyehosting.com/wp-includes/images/w-logo-blue-white-bg.png
Content-Length: 0
Keep-Alive: timeout=5, max=60
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
jogwt.3rdeyehosting.com/wp-includes/images/w-logo-blue-white-bg.png
192.185.129.96200 OK 4.1 kB URL HTTP/1.1 jogwt.3rdeyehosting.com/wp-includes/images/w-logo-blue-white-bg.png
IP 192.185.129.96:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: jogwt.3rdeyehosting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://jogwt.3rdeyehosting.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:18 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 05:34:02 GMT
Accept-Ranges: bytes
Content-Length: 4119
Keep-Alive: timeout=5, max=59
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4ff941976d54fb3509d71d021fee5ec9
1d426b24ca16bb0043a838a9b066d44f23833468
bffa7b806f826caeee50cfc4a24b8ac1b1f9e7bc758cbb08c919c960bcaf082e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 633462c5bc4d631d0f28109676f1c4ef
5e971024687c599a40822616459355ab75a69aa6
464513db00c7735b28f8140ecd0a3a0641fce311481f736a946a1ed8e8e881d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 11 Dec 2022 13:51:04 GMT
expires: Sun, 11 Dec 2022 14:06:04 GMT
cache-control: public, max-age=900
age: 494
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.130302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sun, 11 Dec 2022 13:59:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
redirector.googlevideo.com/initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&alr=yes&id=83527&cmo=sensitive_content=yes&sc=yes&cmo=td=c.youtube.com
172.217.21.174200 OK 233 B URL HTTP/2 redirector.googlevideo.com/initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&alr=yes&id=83527&cmo=sensitive_content=yes&sc=yes&cmo=td=c.youtube.com
IP 172.217.21.174:0
File type ASCII text, with no line terminators
Hash 142b9e15e08de167e2636800abb109a9
b4d4e9e11fadda6cbb5a03e27df311cfdd6af002
5cf7615878b4ff19f0e79c0e8a8dc553f27371ee5972e5fa752452c86f44d2b6
GET /initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&alr=yes&id=83527&cmo=sensitive_content=yes&sc=yes&cmo=td=c.youtube.com HTTP/1.1
Host: redirector.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Dec 2022 13:59:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
content-type: text/plain; charset=UTF-8
content-encoding: gzip
server: ClientMapServer
content-length: 233
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 11 Dec 2022 13:59:18 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4ff941976d54fb3509d71d021fee5ec9
1d426b24ca16bb0043a838a9b066d44f23833468
bffa7b806f826caeee50cfc4a24b8ac1b1f9e7bc758cbb08c919c960bcaf082e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 633462c5bc4d631d0f28109676f1c4ef
5e971024687c599a40822616459355ab75a69aa6
464513db00c7735b28f8140ecd0a3a0641fce311481f736a946a1ed8e8e881d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 48517902fe9bfbf94c4cb2d34621016f
fa1c8b065b5b059e67b1c0fccd77902e12b1075d
540d03fbe272c4659a36e28185377ab2f3b17f3b9888c463dd15ad43ac5d186c
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 11 Dec 2022 13:59:18 GMT
server: ESF
cache-control: private
content-length: 30975
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 631c98b8edb36179b33f3850eb048d1b
1cc5a58e934e224c26424cc040409fb0d0ba4969
4a05376b3e7bb334069036bd48a59e49da78b9519f3ba1210a578d39c5dc544e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/Yyvtlm7fGco/maxresdefault.webp
216.58.207.246200 OK 110 kB URL HTTP/2 i.ytimg.com/vi_webp/Yyvtlm7fGco/maxresdefault.webp
IP 216.58.207.246:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 110 kB (109868 bytes)
Hash d8de53c1ba18ac150af1e329250b07b1
b0c68a8d2e9fb394ab16fb5d81f2207b53f91ebd
2416a09c7b9b777fd8500a08ada4d05d1ead13eac4e35ac52f461181984f80d2
GET /vi_webp/Yyvtlm7fGco/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 109868
date: Sun, 11 Dec 2022 13:59:18 GMT
expires: Sun, 11 Dec 2022 15:59:18 GMT
cache-control: public, max-age=7200
etag: "1424937089"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 631c98b8edb36179b33f3850eb048d1b
1cc5a58e934e224c26424cc040409fb0d0ba4969
4a05376b3e7bb334069036bd48a59e49da78b9519f3ba1210a578d39c5dc544e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6d24fb409274bf70a340acf342ba7608
76017f8d8ae7d8767819a894d277a9896efbd20b
820ea05ddb4e13dbeef083d2cfa9505ef927cf772d23d2f6002286d1d4225d57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu_QkvDU4oGYyU5686LVHLJlIt32hELFyRw1jw=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 1.0 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu_QkvDU4oGYyU5686LVHLJlIt32hELFyRw1jw=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash d2b31df6546889c018a425c93a733b33
e8181ddab96f66c3fbdc61cf29e9dbafc0092eed
6f3cad4c378a7da12d22ce4a60490b4504aa5f894444b1235abb6359a586d93d
GET /ytc/AMLnZu_QkvDU4oGYyU5686LVHLJlIt32hELFyRw1jw=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1033
x-xss-protection: 0
date: Sun, 11 Dec 2022 13:09:58 GMT
expires: Mon, 12 Dec 2022 13:09:58 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
age: 2960
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6d24fb409274bf70a340acf342ba7608
76017f8d8ae7d8767819a894d277a9896efbd20b
820ea05ddb4e13dbeef083d2cfa9505ef927cf772d23d2f6002286d1d4225d57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 08ad55dafb2a3424f4cb929a817f223c
8e47a438eb090e644faf8bc5b765c3da0ada053b
bef123bd0861d8f80592815acee853978df2ebda272dafa434f184abb4e0d034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 11 Dec 2022 13:59:18 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 08ad55dafb2a3424f4cb929a817f223c
8e47a438eb090e644faf8bc5b765c3da0ada053b
bef123bd0861d8f80592815acee853978df2ebda272dafa434f184abb4e0d034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r2---sn-5goeenes.c.youtube.com/initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=0&ovd=0&oaad=0&oavd=0&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&ms=su&id=632bed966edf19ca&cpn=66gTCcd05ExTJupy&opr=1&por=1&onem=1&rn=1
74.125.108.231200 OK 44 kB URL HTTP/1.1 r2---sn-5goeenes.c.youtube.com/initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=0&ovd=0&oaad=0&oavd=0&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&ms=su&id=632bed966edf19ca&cpn=66gTCcd05ExTJupy&opr=1&por=1&onem=1&rn=1
IP 74.125.108.231:0
Hash 0776076400c5c189da677f8f5729214c
ee9ddaf6c0a7fbe2b370fdd430832109facbed79
043be959af71f6c780c618b37c458bb67548c0d42d9ee1ea1df6946c9615a812
POST /initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=0&ovd=0&oaad=0&oavd=0&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&ms=su&id=632bed966edf19ca&cpn=66gTCcd05ExTJupy&opr=1&por=1&onem=1&rn=1 HTTP/1.1
Host: r2---sn-5goeenes.c.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3239
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:18 GMT
Expires: Mon, 12 Dec 2022 13:59:18 GMT
Cache-Control: public, max-age=86400
Content-Type: application/vnd.yt-ump
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ae2d98b47ca2262290cf77db3190a73d
cd6f144a3e28d8baa6e05ef972fa1921a005954e
d154592dce4fe2baabc846e39925b06f9cdc6b5c9a1bb1dffd32498f30b43441
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ae2d98b47ca2262290cf77db3190a73d
cd6f144a3e28d8baa6e05ef972fa1921a005954e
d154592dce4fe2baabc846e39925b06f9cdc6b5c9a1bb1dffd32498f30b43441
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1670788758&ei=NuKVY_H7NY2E0u8PptiRiAg&ip=91.90.42.154&id=o-AH4t5ZcOnRD9CgLeqPlrg5v-jtxEBhkQaeYjmHMMaLdo&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=R5&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&pcm2=no&initcwndbps=2232500&spc=SFxXNlGjNXw6VbHy4IqzGwfdEiXxHII&vprv=1&mime=video%2Fwebm&ns=CtiLxKInbHxPtMqRO1caemQJ&gir=yes&clen=55596937&dur=948.880&lmt=1543071473675037&mt=1670766799&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=1311222&n=Lh0fEqRra1AenQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgHAgwrlnj7LNGJlmclYT3GVvR1-02TQ6mxCyKm4Z74NoCIHJ8iyy9n1j49tETCYfeN0k5d-7AS_8GrmKt4p1vktt6&alr=yes&sig=AOq0QJ8wRQIhAMSDZWZ87_MXw9E7mDDmXQmuqtokRVIrmvzNPx-rA8LYAiBcYdfOE9T8RQ59rooBGMl4N8BHlygND-pEL39iZ3hTLw%3D%3D&cpn=66gTCcd05ExTJupy&cver=1.20221206.01.00&range=0-203745&rn=2&rbuf=0&pot=D78mXY-k6Vahvx6B46XgRVcSG6fwyQeyeZsEAeRzmm6yP7pknEt69PsJ0Fm5fZa9HBj_Xgl_SkRRY6LdKBO_kKdRMTaY-YPUjoTQmDpnElGKWwevzSgUPeWdqDrG6Wqh2h3RjdA=
91.90.45.172200 OK 1.3 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1670788758&ei=NuKVY_H7NY2E0u8PptiRiAg&ip=91.90.42.154&id=o-AH4t5ZcOnRD9CgLeqPlrg5v-jtxEBhkQaeYjmHMMaLdo&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=R5&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&pcm2=no&initcwndbps=2232500&spc=SFxXNlGjNXw6VbHy4IqzGwfdEiXxHII&vprv=1&mime=video%2Fwebm&ns=CtiLxKInbHxPtMqRO1caemQJ&gir=yes&clen=55596937&dur=948.880&lmt=1543071473675037&mt=1670766799&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=1311222&n=Lh0fEqRra1AenQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgHAgwrlnj7LNGJlmclYT3GVvR1-02TQ6mxCyKm4Z74NoCIHJ8iyy9n1j49tETCYfeN0k5d-7AS_8GrmKt4p1vktt6&alr=yes&sig=AOq0QJ8wRQIhAMSDZWZ87_MXw9E7mDDmXQmuqtokRVIrmvzNPx-rA8LYAiBcYdfOE9T8RQ59rooBGMl4N8BHlygND-pEL39iZ3hTLw%3D%3D&cpn=66gTCcd05ExTJupy&cver=1.20221206.01.00&range=0-203745&rn=2&rbuf=0&pot=D78mXY-k6Vahvx6B46XgRVcSG6fwyQeyeZsEAeRzmm6yP7pknEt69PsJ0Fm5fZa9HBj_Xgl_SkRRY6LdKBO_kKdRMTaY-YPUjoTQmDpnElGKWwevzSgUPeWdqDrG6Wqh2h3RjdA=
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1271), with no line terminators
Hash f936c1a7ff8805bd0ea8454b4e23fa8d
bfc40d7277a70b49277133a86bd7f447b9044a3d
3ebdb7701fc976795f8f205e87f8a2006432319edcfb2587e76b874e74089d17
POST /videoplayback?expire=1670788758&ei=NuKVY_H7NY2E0u8PptiRiAg&ip=91.90.42.154&id=o-AH4t5ZcOnRD9CgLeqPlrg5v-jtxEBhkQaeYjmHMMaLdo&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=R5&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&pcm2=no&initcwndbps=2232500&spc=SFxXNlGjNXw6VbHy4IqzGwfdEiXxHII&vprv=1&mime=video%2Fwebm&ns=CtiLxKInbHxPtMqRO1caemQJ&gir=yes&clen=55596937&dur=948.880&lmt=1543071473675037&mt=1670766799&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=1311222&n=Lh0fEqRra1AenQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgHAgwrlnj7LNGJlmclYT3GVvR1-02TQ6mxCyKm4Z74NoCIHJ8iyy9n1j49tETCYfeN0k5d-7AS_8GrmKt4p1vktt6&alr=yes&sig=AOq0QJ8wRQIhAMSDZWZ87_MXw9E7mDDmXQmuqtokRVIrmvzNPx-rA8LYAiBcYdfOE9T8RQ59rooBGMl4N8BHlygND-pEL39iZ3hTLw%3D%3D&cpn=66gTCcd05ExTJupy&cver=1.20221206.01.00&range=0-203745&rn=2&rbuf=0&pot=D78mXY-k6Vahvx6B46XgRVcSG6fwyQeyeZsEAeRzmm6yP7pknEt69PsJ0Fm5fZa9HBj_Xgl_SkRRY6LdKBO_kKdRMTaY-YPUjoTQmDpnElGKWwevzSgUPeWdqDrG6Wqh2h3RjdA= HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Sun, 11 Dec 2022 13:59:19 GMT
Expires: Sun, 11 Dec 2022 13:59:19 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1271
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1670788758&ei=NuKVY_H7NY2E0u8PptiRiAg&ip=91.90.42.154&id=o-AH4t5ZcOnRD9CgLeqPlrg5v-jtxEBhkQaeYjmHMMaLdo&itag=251&source=youtube&requiressl=yes&mh=R5&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&pcm2=no&initcwndbps=2232500&spc=SFxXNlGjNXw6VbHy4IqzGwfdEiXxHII&vprv=1&mime=audio%2Fwebm&ns=CtiLxKInbHxPtMqRO1caemQJ&gir=yes&clen=17116628&dur=948.881&lmt=1507068253035016&mt=1670766799&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=Lh0fEqRra1AenQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAMR6SAGVv6JUT6i-KjcBwDaU7opldRrIe2WkTvAF6cmxAiArwvVWWxmLtrjsCM2iStNKmeP2U1no6NW_VBU60owOHw%3D%3D&alr=yes&sig=AOq0QJ8wRAIgCNV3Wq9HXu4ayRXRSden6OH9Xzi09VLEmAVtXH1CeuQCIH8uGOSgTajimJYDXJRbxME5aWh4zGQrufbzmCF0GjvE&cpn=66gTCcd05ExTJupy&cver=1.20221206.01.00&range=0-67420&rn=3&rbuf=0&pot=D78mXY-k6Vahvx6B46XgRVcSG6fwyQeyeZsEAeRzmm6yP7pknEt69PsJ0Fm5fZa9HBj_Xgl_SkRRY6LdKBO_kKdRMTaY-YPUjoTQmDpnElGKWwevzSgUPeWdqDrG6Wqh2h3RjdA=
91.90.45.172200 OK 1.2 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1670788758&ei=NuKVY_H7NY2E0u8PptiRiAg&ip=91.90.42.154&id=o-AH4t5ZcOnRD9CgLeqPlrg5v-jtxEBhkQaeYjmHMMaLdo&itag=251&source=youtube&requiressl=yes&mh=R5&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&pcm2=no&initcwndbps=2232500&spc=SFxXNlGjNXw6VbHy4IqzGwfdEiXxHII&vprv=1&mime=audio%2Fwebm&ns=CtiLxKInbHxPtMqRO1caemQJ&gir=yes&clen=17116628&dur=948.881&lmt=1507068253035016&mt=1670766799&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=Lh0fEqRra1AenQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAMR6SAGVv6JUT6i-KjcBwDaU7opldRrIe2WkTvAF6cmxAiArwvVWWxmLtrjsCM2iStNKmeP2U1no6NW_VBU60owOHw%3D%3D&alr=yes&sig=AOq0QJ8wRAIgCNV3Wq9HXu4ayRXRSden6OH9Xzi09VLEmAVtXH1CeuQCIH8uGOSgTajimJYDXJRbxME5aWh4zGQrufbzmCF0GjvE&cpn=66gTCcd05ExTJupy&cver=1.20221206.01.00&range=0-67420&rn=3&rbuf=0&pot=D78mXY-k6Vahvx6B46XgRVcSG6fwyQeyeZsEAeRzmm6yP7pknEt69PsJ0Fm5fZa9HBj_Xgl_SkRRY6LdKBO_kKdRMTaY-YPUjoTQmDpnElGKWwevzSgUPeWdqDrG6Wqh2h3RjdA=
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1171), with no line terminators
Hash 7922c6ce129e3821aac7c792286a8be8
71d5ad3a407542f2e454b9e9b856b20198ba9349
a4e288cad060e5aa9f9d75fa62d115255d49dbafb88a74f9e544c6aba9b80042
POST /videoplayback?expire=1670788758&ei=NuKVY_H7NY2E0u8PptiRiAg&ip=91.90.42.154&id=o-AH4t5ZcOnRD9CgLeqPlrg5v-jtxEBhkQaeYjmHMMaLdo&itag=251&source=youtube&requiressl=yes&mh=R5&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&pcm2=no&initcwndbps=2232500&spc=SFxXNlGjNXw6VbHy4IqzGwfdEiXxHII&vprv=1&mime=audio%2Fwebm&ns=CtiLxKInbHxPtMqRO1caemQJ&gir=yes&clen=17116628&dur=948.881&lmt=1507068253035016&mt=1670766799&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=Lh0fEqRra1AenQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAMR6SAGVv6JUT6i-KjcBwDaU7opldRrIe2WkTvAF6cmxAiArwvVWWxmLtrjsCM2iStNKmeP2U1no6NW_VBU60owOHw%3D%3D&alr=yes&sig=AOq0QJ8wRAIgCNV3Wq9HXu4ayRXRSden6OH9Xzi09VLEmAVtXH1CeuQCIH8uGOSgTajimJYDXJRbxME5aWh4zGQrufbzmCF0GjvE&cpn=66gTCcd05ExTJupy&cver=1.20221206.01.00&range=0-67420&rn=3&rbuf=0&pot=D78mXY-k6Vahvx6B46XgRVcSG6fwyQeyeZsEAeRzmm6yP7pknEt69PsJ0Fm5fZa9HBj_Xgl_SkRRY6LdKBO_kKdRMTaY-YPUjoTQmDpnElGKWwevzSgUPeWdqDrG6Wqh2h3RjdA= HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Sun, 11 Dec 2022 13:59:19 GMT
Expires: Sun, 11 Dec 2022 13:59:19 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1171
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ae2d98b47ca2262290cf77db3190a73d
cd6f144a3e28d8baa6e05ef972fa1921a005954e
d154592dce4fe2baabc846e39925b06f9cdc6b5c9a1bb1dffd32498f30b43441
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr5---sn-5go7yner.googlevideo.com/videoplayback?expire=1670788758&ei=NuKVY_H7NY2E0u8PptiRiAg&ip=91.90.42.154&id=o-AH4t5ZcOnRD9CgLeqPlrg5v-jtxEBhkQaeYjmHMMaLdo&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&pcm2=no&spc=SFxXNlGjNXw6VbHy4IqzGwfdEiXxHII&vprv=1&mime=video%2Fwebm&ns=CtiLxKInbHxPtMqRO1caemQJ&gir=yes&clen=55596937&dur=948.880&lmt=1543071473675037&keepalive=yes&fexp=24001373,24007246,24432586&c=WEB_EMBEDDED_PLAYER&txp=1311222&n=Lh0fEqRra1AenQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRQIhAMSDZWZ87_MXw9E7mDDmXQmuqtokRVIrmvzNPx-rA8LYAiBcYdfOE9T8RQ59rooBGMl4N8BHlygND-pEL39iZ3hTLw%3D%3D&cpn=66gTCcd05ExTJupy&cver=1.20221206.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=R5&mm=29&mn=sn-5go7yner&ms=rdu&mt=1670767048&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgIu04x_Y_XMgb82PtA5c9eMaSkv72VYWNaiiNPZzmHfMCIDrRExg4RudQFgH0JcrsCOWUmEnVoyEiyY1fyazQxiMH&range=0-203745&rn=4&rbuf=0&pot=D78mXY-k6Vahvx6B46XgRVcSG6fwyQeyeZsEAeRzmm6yP7pknEt69PsJ0Fm5fZa9HBj_Xgl_SkRRY6LdKBO_kKdRMTaY-YPUjoTQmDpnElGKWwevzSgUPeWdqDrG6Wqh2h3RjdA=
74.125.110.170200 OK 1.3 kB URL HTTP/1.1 rr5---sn-5go7yner.googlevideo.com/videoplayback?expire=1670788758&ei=NuKVY_H7NY2E0u8PptiRiAg&ip=91.90.42.154&id=o-AH4t5ZcOnRD9CgLeqPlrg5v-jtxEBhkQaeYjmHMMaLdo&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&pcm2=no&spc=SFxXNlGjNXw6VbHy4IqzGwfdEiXxHII&vprv=1&mime=video%2Fwebm&ns=CtiLxKInbHxPtMqRO1caemQJ&gir=yes&clen=55596937&dur=948.880&lmt=1543071473675037&keepalive=yes&fexp=24001373,24007246,24432586&c=WEB_EMBEDDED_PLAYER&txp=1311222&n=Lh0fEqRra1AenQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRQIhAMSDZWZ87_MXw9E7mDDmXQmuqtokRVIrmvzNPx-rA8LYAiBcYdfOE9T8RQ59rooBGMl4N8BHlygND-pEL39iZ3hTLw%3D%3D&cpn=66gTCcd05ExTJupy&cver=1.20221206.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=R5&mm=29&mn=sn-5go7yner&ms=rdu&mt=1670767048&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgIu04x_Y_XMgb82PtA5c9eMaSkv72VYWNaiiNPZzmHfMCIDrRExg4RudQFgH0JcrsCOWUmEnVoyEiyY1fyazQxiMH&range=0-203745&rn=4&rbuf=0&pot=D78mXY-k6Vahvx6B46XgRVcSG6fwyQeyeZsEAeRzmm6yP7pknEt69PsJ0Fm5fZa9HBj_Xgl_SkRRY6LdKBO_kKdRMTaY-YPUjoTQmDpnElGKWwevzSgUPeWdqDrG6Wqh2h3RjdA=
IP 74.125.110.170:0
File type ASCII text, with very long lines (1288), with no line terminators
Hash fc8b5c8ef1bca83698b418154633e19b
667e11c934d8343612b4474c6276161124849e8f
9167fd213205a260330ae317fea0c95eece2f62ff85a146407dbffaeed61bf67
POST /videoplayback?expire=1670788758&ei=NuKVY_H7NY2E0u8PptiRiAg&ip=91.90.42.154&id=o-AH4t5ZcOnRD9CgLeqPlrg5v-jtxEBhkQaeYjmHMMaLdo&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&pcm2=no&spc=SFxXNlGjNXw6VbHy4IqzGwfdEiXxHII&vprv=1&mime=video%2Fwebm&ns=CtiLxKInbHxPtMqRO1caemQJ&gir=yes&clen=55596937&dur=948.880&lmt=1543071473675037&keepalive=yes&fexp=24001373,24007246,24432586&c=WEB_EMBEDDED_PLAYER&txp=1311222&n=Lh0fEqRra1AenQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRQIhAMSDZWZ87_MXw9E7mDDmXQmuqtokRVIrmvzNPx-rA8LYAiBcYdfOE9T8RQ59rooBGMl4N8BHlygND-pEL39iZ3hTLw%3D%3D&cpn=66gTCcd05ExTJupy&cver=1.20221206.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=R5&mm=29&mn=sn-5go7yner&ms=rdu&mt=1670767048&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgIu04x_Y_XMgb82PtA5c9eMaSkv72VYWNaiiNPZzmHfMCIDrRExg4RudQFgH0JcrsCOWUmEnVoyEiyY1fyazQxiMH&range=0-203745&rn=4&rbuf=0&pot=D78mXY-k6Vahvx6B46XgRVcSG6fwyQeyeZsEAeRzmm6yP7pknEt69PsJ0Fm5fZa9HBj_Xgl_SkRRY6LdKBO_kKdRMTaY-YPUjoTQmDpnElGKWwevzSgUPeWdqDrG6Wqh2h3RjdA= HTTP/1.1
Host: rr5---sn-5go7yner.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Sun, 11 Dec 2022 13:59:19 GMT
Expires: Sun, 11 Dec 2022 13:59:19 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1288
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr5---sn-5go7yner.googlevideo.com/videoplayback?expire=1670788758&ei=NuKVY_H7NY2E0u8PptiRiAg&ip=91.90.42.154&id=o-AH4t5ZcOnRD9CgLeqPlrg5v-jtxEBhkQaeYjmHMMaLdo&itag=251&source=youtube&requiressl=yes&pcm2=no&spc=SFxXNlGjNXw6VbHy4IqzGwfdEiXxHII&vprv=1&mime=audio%2Fwebm&ns=CtiLxKInbHxPtMqRO1caemQJ&gir=yes&clen=17116628&dur=948.881&lmt=1507068253035016&keepalive=yes&fexp=24001373,24007246,24432586&c=WEB_EMBEDDED_PLAYER&n=Lh0fEqRra1AenQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgCNV3Wq9HXu4ayRXRSden6OH9Xzi09VLEmAVtXH1CeuQCIH8uGOSgTajimJYDXJRbxME5aWh4zGQrufbzmCF0GjvE&cpn=66gTCcd05ExTJupy&cver=1.20221206.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=R5&mm=29&mn=sn-5go7yner&ms=rdu&mt=1670767048&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgeNdBaURSXYBCT9_ampeCEXQmTbcCZjiXO8maX_Ozac8CIAg5xof6qeeTba7-aCU0dngqHwoyJpmUxtexp61MuqPe&range=0-67420&rn=5&rbuf=0&pot=D78mXY-k6Vahvx6B46XgRVcSG6fwyQeyeZsEAeRzmm6yP7pknEt69PsJ0Fm5fZa9HBj_Xgl_SkRRY6LdKBO_kKdRMTaY-YPUjoTQmDpnElGKWwevzSgUPeWdqDrG6Wqh2h3RjdA=
74.125.110.170200 OK 67 kB URL HTTP/1.1 rr5---sn-5go7yner.googlevideo.com/videoplayback?expire=1670788758&ei=NuKVY_H7NY2E0u8PptiRiAg&ip=91.90.42.154&id=o-AH4t5ZcOnRD9CgLeqPlrg5v-jtxEBhkQaeYjmHMMaLdo&itag=251&source=youtube&requiressl=yes&pcm2=no&spc=SFxXNlGjNXw6VbHy4IqzGwfdEiXxHII&vprv=1&mime=audio%2Fwebm&ns=CtiLxKInbHxPtMqRO1caemQJ&gir=yes&clen=17116628&dur=948.881&lmt=1507068253035016&keepalive=yes&fexp=24001373,24007246,24432586&c=WEB_EMBEDDED_PLAYER&n=Lh0fEqRra1AenQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgCNV3Wq9HXu4ayRXRSden6OH9Xzi09VLEmAVtXH1CeuQCIH8uGOSgTajimJYDXJRbxME5aWh4zGQrufbzmCF0GjvE&cpn=66gTCcd05ExTJupy&cver=1.20221206.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=R5&mm=29&mn=sn-5go7yner&ms=rdu&mt=1670767048&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgeNdBaURSXYBCT9_ampeCEXQmTbcCZjiXO8maX_Ozac8CIAg5xof6qeeTba7-aCU0dngqHwoyJpmUxtexp61MuqPe&range=0-67420&rn=5&rbuf=0&pot=D78mXY-k6Vahvx6B46XgRVcSG6fwyQeyeZsEAeRzmm6yP7pknEt69PsJ0Fm5fZa9HBj_Xgl_SkRRY6LdKBO_kKdRMTaY-YPUjoTQmDpnElGKWwevzSgUPeWdqDrG6Wqh2h3RjdA=
IP 74.125.110.170:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 67438d1cc78c7072c457fbf77c4835f8
cb9b1d482f17d2b9ea35b4d2d9b8427c95fd40d7
a1f0c03c20a33d962459eb6bfbf8e10abd54ca4dc787bc0403bc44ce62c2b0bf
POST /videoplayback?expire=1670788758&ei=NuKVY_H7NY2E0u8PptiRiAg&ip=91.90.42.154&id=o-AH4t5ZcOnRD9CgLeqPlrg5v-jtxEBhkQaeYjmHMMaLdo&itag=251&source=youtube&requiressl=yes&pcm2=no&spc=SFxXNlGjNXw6VbHy4IqzGwfdEiXxHII&vprv=1&mime=audio%2Fwebm&ns=CtiLxKInbHxPtMqRO1caemQJ&gir=yes&clen=17116628&dur=948.881&lmt=1507068253035016&keepalive=yes&fexp=24001373,24007246,24432586&c=WEB_EMBEDDED_PLAYER&n=Lh0fEqRra1AenQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgCNV3Wq9HXu4ayRXRSden6OH9Xzi09VLEmAVtXH1CeuQCIH8uGOSgTajimJYDXJRbxME5aWh4zGQrufbzmCF0GjvE&cpn=66gTCcd05ExTJupy&cver=1.20221206.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=R5&mm=29&mn=sn-5go7yner&ms=rdu&mt=1670767048&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgeNdBaURSXYBCT9_ampeCEXQmTbcCZjiXO8maX_Ozac8CIAg5xof6qeeTba7-aCU0dngqHwoyJpmUxtexp61MuqPe&range=0-67420&rn=5&rbuf=0&pot=D78mXY-k6Vahvx6B46XgRVcSG6fwyQeyeZsEAeRzmm6yP7pknEt69PsJ0Fm5fZa9HBj_Xgl_SkRRY6LdKBO_kKdRMTaY-YPUjoTQmDpnElGKWwevzSgUPeWdqDrG6Wqh2h3RjdA= HTTP/1.1
Host: rr5---sn-5go7yner.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Tue, 03 Oct 2017 22:04:13 GMT
Content-Type: audio/webm
Date: Sun, 11 Dec 2022 13:59:19 GMT
Expires: Sun, 11 Dec 2022 13:59:19 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 67421
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr4---sn-5hne6nzy.googlevideo.com/videoplayback?expire=1670788758&ei=NuKVY_H7NY2E0u8PptiRiAg&ip=91.90.42.154&id=o-AH4t5ZcOnRD9CgLeqPlrg5v-jtxEBhkQaeYjmHMMaLdo&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&pcm2=no&spc=SFxXNlGjNXw6VbHy4IqzGwfdEiXxHII&vprv=1&mime=video%2Fwebm&ns=CtiLxKInbHxPtMqRO1caemQJ&gir=yes&clen=55596937&dur=948.880&lmt=1543071473675037&keepalive=yes&fexp=24001373,24007246,24432586&c=WEB_EMBEDDED_PLAYER&txp=1311222&n=Lh0fEqRra1AenQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRQIhAMSDZWZ87_MXw9E7mDDmXQmuqtokRVIrmvzNPx-rA8LYAiBcYdfOE9T8RQ59rooBGMl4N8BHlygND-pEL39iZ3hTLw%3D%3D&cpn=66gTCcd05ExTJupy&cver=1.20221206.01.00&cm2rm=sn-capm-vnae7e,sn-5gold76&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=R5&mm=34&mn=sn-5hne6nzy&ms=ltu&mt=1670766770&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgHSuymHjKNTtbZJwKON5cZHEsqw8cLdrbmmL39_vDYZ0CIERh829eSFiwSeYLpqnxvR2hQkoyoDP1lxCTv5oN6Pqv&range=0-203745&rn=8&rbuf=0&pot=D78mXY-k6Vahvx6B46XgRVcSG6fwyQeyeZsEAeRzmm6yP7pknEt69PsJ0Fm5fZa9HBj_Xgl_SkRRY6LdKBO_kKdRMTaY-YPUjoTQmDpnElGKWwevzSgUPeWdqDrG6Wqh2h3RjdA=
172.217.132.169200 OK 204 kB URL HTTP/1.1 rr4---sn-5hne6nzy.googlevideo.com/videoplayback?expire=1670788758&ei=NuKVY_H7NY2E0u8PptiRiAg&ip=91.90.42.154&id=o-AH4t5ZcOnRD9CgLeqPlrg5v-jtxEBhkQaeYjmHMMaLdo&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&pcm2=no&spc=SFxXNlGjNXw6VbHy4IqzGwfdEiXxHII&vprv=1&mime=video%2Fwebm&ns=CtiLxKInbHxPtMqRO1caemQJ&gir=yes&clen=55596937&dur=948.880&lmt=1543071473675037&keepalive=yes&fexp=24001373,24007246,24432586&c=WEB_EMBEDDED_PLAYER&txp=1311222&n=Lh0fEqRra1AenQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRQIhAMSDZWZ87_MXw9E7mDDmXQmuqtokRVIrmvzNPx-rA8LYAiBcYdfOE9T8RQ59rooBGMl4N8BHlygND-pEL39iZ3hTLw%3D%3D&cpn=66gTCcd05ExTJupy&cver=1.20221206.01.00&cm2rm=sn-capm-vnae7e,sn-5gold76&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=R5&mm=34&mn=sn-5hne6nzy&ms=ltu&mt=1670766770&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgHSuymHjKNTtbZJwKON5cZHEsqw8cLdrbmmL39_vDYZ0CIERh829eSFiwSeYLpqnxvR2hQkoyoDP1lxCTv5oN6Pqv&range=0-203745&rn=8&rbuf=0&pot=D78mXY-k6Vahvx6B46XgRVcSG6fwyQeyeZsEAeRzmm6yP7pknEt69PsJ0Fm5fZa9HBj_Xgl_SkRRY6LdKBO_kKdRMTaY-YPUjoTQmDpnElGKWwevzSgUPeWdqDrG6Wqh2h3RjdA=
IP 172.217.132.169:0
File type WebM\012- EBML file, creator webmB\20\012- data
Size 204 kB (203746 bytes)
Hash b30aacc1d5007cbc7c92e6146dd9b160
11609ad93e6526958c82526d166017179e2629a4
78c041f4ef8247bd72c9c89eaffe11f6256c38c26b4595bab06996e17efc2a06
POST /videoplayback?expire=1670788758&ei=NuKVY_H7NY2E0u8PptiRiAg&ip=91.90.42.154&id=o-AH4t5ZcOnRD9CgLeqPlrg5v-jtxEBhkQaeYjmHMMaLdo&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&pcm2=no&spc=SFxXNlGjNXw6VbHy4IqzGwfdEiXxHII&vprv=1&mime=video%2Fwebm&ns=CtiLxKInbHxPtMqRO1caemQJ&gir=yes&clen=55596937&dur=948.880&lmt=1543071473675037&keepalive=yes&fexp=24001373,24007246,24432586&c=WEB_EMBEDDED_PLAYER&txp=1311222&n=Lh0fEqRra1AenQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRQIhAMSDZWZ87_MXw9E7mDDmXQmuqtokRVIrmvzNPx-rA8LYAiBcYdfOE9T8RQ59rooBGMl4N8BHlygND-pEL39iZ3hTLw%3D%3D&cpn=66gTCcd05ExTJupy&cver=1.20221206.01.00&cm2rm=sn-capm-vnae7e,sn-5gold76&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=R5&mm=34&mn=sn-5hne6nzy&ms=ltu&mt=1670766770&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgHSuymHjKNTtbZJwKON5cZHEsqw8cLdrbmmL39_vDYZ0CIERh829eSFiwSeYLpqnxvR2hQkoyoDP1lxCTv5oN6Pqv&range=0-203745&rn=8&rbuf=0&pot=D78mXY-k6Vahvx6B46XgRVcSG6fwyQeyeZsEAeRzmm6yP7pknEt69PsJ0Fm5fZa9HBj_Xgl_SkRRY6LdKBO_kKdRMTaY-YPUjoTQmDpnElGKWwevzSgUPeWdqDrG6Wqh2h3RjdA= HTTP/1.1
Host: rr4---sn-5hne6nzy.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 24 Nov 2018 14:57:53 GMT
Content-Type: video/webm
Date: Sun, 11 Dec 2022 13:59:19 GMT
Expires: Sun, 11 Dec 2022 13:59:19 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 203746
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a15de23015872f999e7b4fe1ff3aa1d2
10a51a76a6f0fb1c146077abb1f70b7e208a1751
26ddae77e27f7c29f921edc208816c5f5d2b10621d31bebd7c3fa3bd80e23a5a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js
142.250.74.132200 OK 14 kB URL HTTP/2 www.google.com/js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (36143)
Hash a08dfd96c563f96f7d11b4858aecfa13
d9abee2c38b89d3dea85e76bb741bb8f4f993d49
fedde263fa3b4116029d93d0250f5eab845964d5fcf24e40ffbcd9bf292a0db4
GET /js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14211
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 06:09:06 GMT
expires: Thu, 07 Dec 2023 06:09:06 GMT
cache-control: public, max-age=31536000
age: 373813
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f74a7ce-34b1-4cb6-a68f-8fd3dc0a2b9f.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f74a7ce-34b1-4cb6-a68f-8fd3dc0a2b9f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6fa9fe07664d7ecc189f2ec5e88d82ab
6c9476510cac4e1aa7f96e46f659381c95de5a53
4955b29a4c20466c6e2f342c6d6e2ff060fe4943005fab0a930ca587e99efa7d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f74a7ce-34b1-4cb6-a68f-8fd3dc0a2b9f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7269
x-amzn-requestid: 95b29dd7-0d7f-4a2c-ab9a-60ae9c683652
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnAeKGDioAMFnPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c478d-4f3ee6ca3df71fc417042644;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:09:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9RcaZW8b8acwMMSFwf3oZEvbWA00C3TUnrIYXaO0qcJcnc_9e0jIow==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 15:06:34 GMT
age: 82366
etag: "6c9476510cac4e1aa7f96e46f659381c95de5a53"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
216.58.211.14200 OK 0 B URL HTTP/2 www.youtube.com/iframe_api
IP 216.58.211.14:0
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jogwt.3rdeyehosting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Sun, 11 Dec 2022 13:59:17 GMT
date: Sun, 11 Dec 2022 13:59:17 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=jzliGOWddO4; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=yVS8TmmJzb4; Domain=.youtube.com; Expires=Fri, 09-Jun-2023 13:59:17 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+478; expires=Tue, 10-Dec-2024 13:59:17 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2