firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 19 Sep 2022 06:12:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fVBU4bID7ARwnQ7QqXfXNKDqA1WXr374Uiq0L6tt_R5bJMMY_sZYjA==
Age: 3234
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14408
Expires: Mon, 19 Sep 2022 11:06:41 GMT
Date: Mon, 19 Sep 2022 07:06:33 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MDMvcRY_Ir0_qBlUevfS39QfSOJJSWiJpcsQf5Z1_zYBf6s-HxEDYA==
age: 9080
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:33 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 19 Sep 2022 07:03:22 GMT
Expires: Mon, 19 Sep 2022 07:17:49 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: V44Lbb3pB-Pa7aVLoNN5LIR0rXLm8niLe6VPfEzkH7PpSAglhddaYw==
Age: 192
weeklylive.info/
208.83.233.145301 Moved Permanently 0 B IP 208.83.233.145:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET / HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 19 Sep 2022 07:06:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store
X-Redirect-By: WordPress
Location: https://weeklylive.info/
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5fd1174f35b25298fc44a6de1af3f3d6
d45a47995ec34c7df480b3efafb13f55d9df7eb8
f60573eff255ef3d7603ca813f410c30588931b4018ffa0e07fa0bb2653c47af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2864
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 07:06:34 GMT
Last-Modified: Mon, 19 Sep 2022 06:18:50 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.162.35.244101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.35.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +VK1cBF7MkJVkWd8zQ45Gg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ET1YTz6a4ta+Uq7EO0R0VVslOLI=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d24e2acbda27d533a966b797b39c4c5e
b72fe1f8db3f55a1f67bd8f5e70d216398dc2a5b
595663f7f5b10fa39609627c0d13ddb4ee604817bd047b356264505733a14de8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "595663F7F5B10FA39609627C0D13DDB4EE604817BD047B356264505733A14DE8"
Last-Modified: Fri, 16 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 19 Sep 2022 13:06:34 GMT
Date: Mon, 19 Sep 2022 07:06:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2422
Expires: Mon, 19 Sep 2022 07:46:57 GMT
Date: Mon, 19 Sep 2022 07:06:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2422
Expires: Mon, 19 Sep 2022 07:46:57 GMT
Date: Mon, 19 Sep 2022 07:06:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2422
Expires: Mon, 19 Sep 2022 07:46:57 GMT
Date: Mon, 19 Sep 2022 07:06:35 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad78a6f9-e73d-465c-b7fd-7c8b261e5825.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad78a6f9-e73d-465c-b7fd-7c8b261e5825.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 672ffe8377dcaf5bad2d7e4534441984
e1b634652b4112c30f80745059523cbfce09365a
a4b6bcfb246be2d02b5d04b49f9d8c13fef8661abc7d9f146d5cc9c766fc96f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad78a6f9-e73d-465c-b7fd-7c8b261e5825.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4878
x-amzn-requestid: 2d39705a-e054-428a-a3c8-fc0b12e70724
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeH-EGvAoAMFZSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322538d-6ca748d854879c6b0d6194cd;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:19:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: f_oUXd6cq-KWQHisWISSBu2cMNK706Zy8EhLTx1Ij8YVkKYJNpwPjA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 04:20:07 GMT
age: 9988
etag: "e1b634652b4112c30f80745059523cbfce09365a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51d0e81a-9a24-4b9d-8b77-02caa029aba6.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51d0e81a-9a24-4b9d-8b77-02caa029aba6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 87e0d8be3547c9a4e09c496a8e43bfeb
86e5b19c0c395b8cdac33f0e07d1689d00940fac
268a7135b2d273730a258d6af8317436f87e79b652207432a33fce98a9a9121b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51d0e81a-9a24-4b9d-8b77-02caa029aba6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7637
x-amzn-requestid: d3f7a8f4-c5e8-474e-8b62-0677931aae37
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCrNFO5IAMFygA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e47-7cc884381e0ae1144d212b7c;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HsAE2eWTOBfcIq2e74NaTTUUpmMsfTe8CQFOaPDzmLGWSlIlfSjuQQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 22:08:00 GMT
age: 32315
etag: "86e5b19c0c395b8cdac33f0e07d1689d00940fac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a5d9ce-7d6b-4006-832c-dda7f7999129.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a5d9ce-7d6b-4006-832c-dda7f7999129.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f99c08fdd1a74ec569e02207b9919df8
3f24ca8e9c96f3c9ca2e95946f1f67d242c7e5df
7b5f48166db186dcf19987f5f91cb03cbd069ec74de8ea42059626019b00fc14
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a5d9ce-7d6b-4006-832c-dda7f7999129.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9371
x-amzn-requestid: dd94b1a0-f6a1-4e41-8b97-9c9904b6f6b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRFF6rIAMFY2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf39-289c5acb4e5bcb715b689f55;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:37 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ru8zmqf8FBNIJatpnkFCgjq49arUFR2o8pqE50dzLOXsgsyaf5oMKg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 10:16:51 GMT
age: 74984
etag: "3f24ca8e9c96f3c9ca2e95946f1f67d242c7e5df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3d8aaa4-a2c1-416d-a396-a4c00758ba53.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3d8aaa4-a2c1-416d-a396-a4c00758ba53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash febaa50825802847e9cbc0479e7121ba
36355214d6f866681edc3eacd5f1af87b16bdcc2
7a808fbeb6ce87490299fb3d5de52ec450c9161d9098254f1b54a0d4a97b645c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3d8aaa4-a2c1-416d-a396-a4c00758ba53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9426
x-amzn-requestid: 6569d647-e17c-4456-8d54-b093e1cc1d7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl9trEPNoAMFteg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63257657-7bba0e970a8114a11fd6bf32;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:25:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: sO0jibO4hXSxONHRYPgA2WA9U9GBFbVhCGy9F3RwrJqZoAzU90Tpsg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 08:17:01 GMT
age: 82174
etag: "36355214d6f866681edc3eacd5f1af87b16bdcc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1105b56cf779b6df1cbd081bbd0cda50
58c5d6f8ba1d3236d788ac55ff7cb2ec7863fb5c
10c1f0433baf51e06565ff905688075aaba8fec0a8b3f9cef34168e297f94c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5866
x-amzn-requestid: 3a7db39d-cd4f-486f-954b-39fc7464706c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrNeAE67IAMFSoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63278f8c-66a419ac7fbd977f5f41061b;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:37:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: TdVz72qdwMdsuW1WsOq1qEZk2vmbXJlbppLTTsZ9PlrmN7GEph0dyQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:39 GMT
etag: "58c5d6f8ba1d3236d788ac55ff7cb2ec7863fb5c"
content-type: image/jpeg
age: 33176
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24f3f8eb-09f7-4c60-864d-3ff96da7c86a.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24f3f8eb-09f7-4c60-864d-3ff96da7c86a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 893f3495f1f575e946a57c8e8411b2a5
480182fd29c7edd369339847b85e4e2580cef0f6
097d868881231eae089ac8b97d5dc290583477f63dc35b7458ed4898e0db3e0c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24f3f8eb-09f7-4c60-864d-3ff96da7c86a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6428
x-amzn-requestid: 7dd3072b-403a-4bb4-b8c4-58a6d7c254f7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YRmgCGJVIAMFk5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d5133-0756be8c75da02a857e36a2f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 03:08:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nD62kVNMZRvoZaM85m1kNlgU-KOj2X7tqhy9cPxGJFaBHCMVEsvWXQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:45 GMT
age: 33170
etag: "480182fd29c7edd369339847b85e4e2580cef0f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 07:06:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 07:06:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Rubik%3A400%2C500%2C600%2C700%2C400&display=fallback&ver=1.4
216.58.211.10200 OK 1.0 kB URL HTTP/2 fonts.googleapis.com/css?family=Rubik%3A400%2C500%2C600%2C700%2C400&display=fallback&ver=1.4
IP 216.58.211.10:0
Hash de742a0b6ae564d90a0fd6634a279b1f
7e19ac61b0eeb1934bf8479b1d691443d813e14e
af3c2ed1a13c38c31b4c5eafb90e44dbb44f83680ff2fd8c9739e25e70d22c94
GET /css?family=Rubik%3A400%2C500%2C600%2C700%2C400&display=fallback&ver=1.4 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 19 Sep 2022 07:06:36 GMT
date: Mon, 19 Sep 2022 07:06:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 377cc6ad82bc250b5fc9f7ee68f2e129
6726e0d37fb67318cc5d7b01149e5057ba30ae89
21f4bac878f491505f71aab032a4945a10d381c1510cc129493c0037a54329fc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1562
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 07:06:36 GMT
Last-Modified: Mon, 19 Sep 2022 06:40:34 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2
216.58.211.10200 OK 26 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2
IP 216.58.211.10:0
File type ASCII text, with very long lines (22058)
Hash c36aaf11a001280f7645401a55264767
1fe9732d1b5ea9e4a05735dc41ce90a16075ea71
cea514a4c921d81891cffcdcdecd61800dea6c0ccf24e784d2da8576c8afab79
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 19 Sep 2022 07:06:36 GMT
date: Mon, 19 Sep 2022 07:06:36 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 377cc6ad82bc250b5fc9f7ee68f2e129
6726e0d37fb67318cc5d7b01149e5057ba30ae89
21f4bac878f491505f71aab032a4945a10d381c1510cc129493c0037a54329fc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1562
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 07:06:36 GMT
Last-Modified: Mon, 19 Sep 2022 06:40:34 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 4b6f94f7284c8ed5d668abc13acffa13
c7fe555e5d4ac8ae1817ff7a072988b232962c5b
406bfe1cd6011261486755baa33b0bc6e85a4de11b6dcd286a603b2f9bf9d6b8
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 07:06:36 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "51DB23CD703ADF82AD97A680AFC706015E58B4FD"
Expires: Mon, 19 Sep 2022 18:00:00 GMT
Last-Modified: Mon, 19 Sep 2022 06:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1478
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74d07ac99dc51c02-OSL
weeklylive.info/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.7.0
208.83.233.145200 OK 18 kB URL HTTP/2 weeklylive.info/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.7.0
IP 208.83.233.145:0
File type ASCII text, with very long lines (17809), with no line terminators
Hash 1ddf23fcfd1b2941c456ce01da8180a6
156ef5cc77061010e3f4123a47fa415c6391e5ff
dd18a408a35aa5d393458657eb24fb56ab754ece3f88bd78a038e5793d3f6991
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.7.0 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: text/css
content-length: 17809
last-modified: Mon, 18 Jul 2022 17:47:26 GMT
vary: Accept-Encoding
etag: "62d59cae-4591"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.7.0
208.83.233.145200 OK 63 kB URL HTTP/2 weeklylive.info/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.7.0
IP 208.83.233.145:0
File type Unicode text, UTF-8 text, with very long lines (62753), with no line terminators
Hash 979b8b56e801469d95453055366ef54c
cb8a0bb5f00fee130a289ea4dfafc00fa53e1c04
d3322ccb3912f7a9485eb1d75971fd5e1eb49c6575ff5ad985fb5496333e8c8b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.7.0 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: text/css
content-length: 62755
last-modified: Mon, 18 Jul 2022 17:47:26 GMT
vary: Accept-Encoding
etag: "62d59cae-f523"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=1.4.21
208.83.233.145200 OK 3.8 kB URL HTTP/2 weeklylive.info/wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=1.4.21
IP 208.83.233.145:0
Hash 9c6b63558e5de592c160563dbe08dd0d
e4969ab55cc566759623f6b4e1c7d6b3bcdc21cd
14a77bc82e039ce4be0d9ba9b0237495b0a9578d34eb92d444093d440f6190ba
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=1.4.21 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: text/css
content-length: 3812
last-modified: Mon, 18 Jul 2022 17:47:28 GMT
vary: Accept-Encoding
etag: "62d59cb0-ee4"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/yith-woocommerce-quick-view/assets/css/yith-quick-view.css?ver=1.17.0
208.83.233.145200 OK 3.6 kB URL HTTP/2 weeklylive.info/wp-content/plugins/yith-woocommerce-quick-view/assets/css/yith-quick-view.css?ver=1.17.0
IP 208.83.233.145:0
Hash 4d13e85e4420b2fc5966352a8cca7766
2290b078ee4c793179f324ee79ee8cc58ea4991b
6d24f22bd6032fd318aaf6c1b64e929457aa501daa7bb46b1db8bc12cf2e45fc
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/yith-woocommerce-quick-view/assets/css/yith-quick-view.css?ver=1.17.0 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: text/css
content-length: 3611
last-modified: Mon, 18 Jul 2022 17:47:30 GMT
vary: Accept-Encoding
etag: "62d59cb2-e1b"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
208.83.233.145200 OK 19 kB URL HTTP/2 weeklylive.info/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
IP 208.83.233.145:0
File type ASCII text, with very long lines (19082)
Hash 50be31853049e4b4a10c277d5f95eb75
ac2dffc0c65ad6b209fedf2169d0c50eb4119a3e
b651d87ef113cba0c8ec8a33bfdb694171effeba56b20be12e3c77fc15f6ae9f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: text/css
content-length: 19128
last-modified: Mon, 18 Jul 2022 17:47:17 GMT
vary: Accept-Encoding
etag: "62d59ca5-4ab8"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.6.7
208.83.233.145200 OK 163 kB URL HTTP/2 weeklylive.info/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.6.7
IP 208.83.233.145:0
File type ASCII text, with very long lines (65497)
Size 163 kB (163339 bytes)
Hash 1c01908fb5657fa5bf8aa12eac229b84
eaa8f8ee548f0f329ab95962ece3dce2c830158b
f153daaaa40523b29eaf69df72c5b75c25f8d21b038da14f9b9fcc8cbd3d6292
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.6.7 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: text/css
content-length: 163339
last-modified: Mon, 18 Jul 2022 17:47:17 GMT
vary: Accept-Encoding
etag: "62d59ca5-27e0b"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/elementor/css/post-5.css?ver=1658167200
208.83.233.145200 OK 1.1 kB URL HTTP/2 weeklylive.info/wp-content/uploads/elementor/css/post-5.css?ver=1658167200
IP 208.83.233.145:0
File type ASCII text, with very long lines (1117), with no line terminators
Hash bec864ff3b67d42b24ba37b0b71980a3
f7a447e7bc3e81e061e7b1e394ea52a72be32042
07908f92bb143de138c9cb93abe1f7911c8b20b03ca01eb727244e21d5b42582
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/elementor/css/post-5.css?ver=1658167200 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: text/css
content-length: 1117
last-modified: Mon, 18 Jul 2022 18:00:00 GMT
vary: Accept-Encoding
etag: "62d59fa0-45d"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/elementor/css/post-5092.css?ver=1662155801
208.83.233.145200 OK 8.5 kB URL HTTP/2 weeklylive.info/wp-content/uploads/elementor/css/post-5092.css?ver=1662155801
IP 208.83.233.145:0
File type ASCII text, with very long lines (8470), with no line terminators
Hash 010467d61566a65eb2a6061357af7e5e
340609d00c0872aafaf4f99b6bc848f5702af5e7
1bffa82b96a492e268933ecf03151cb886411e2521c8466e252de89587d793ae
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/elementor/css/post-5092.css?ver=1662155801 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: text/css
content-length: 8470
last-modified: Fri, 02 Sep 2022 21:56:41 GMT
vary: Accept-Encoding
etag: "63127c19-2116"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/fluentform/public/css/fluent-forms-elementor-widget.css?ver=4.3.9
208.83.233.145200 OK 3.9 kB URL HTTP/2 weeklylive.info/wp-content/plugins/fluentform/public/css/fluent-forms-elementor-widget.css?ver=4.3.9
IP 208.83.233.145:0
File type ASCII text, with very long lines (3903)
Hash 7063377e5355793f0bcb4b0d89ee83c8
7609bff65712865876087429842eb14ce12f3b6b
4528102f60ef31eb61cc0bc6e2042814f5efa7409f066099c451033a31dcf934
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/fluentform/public/css/fluent-forms-elementor-widget.css?ver=4.3.9 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: text/css
content-length: 3904
last-modified: Mon, 18 Jul 2022 17:47:22 GMT
vary: Accept-Encoding
etag: "62d59caa-f40"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
208.83.233.145200 OK 19 kB URL HTTP/2 weeklylive.info/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 208.83.233.145:0
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 18617
last-modified: Mon, 18 Jul 2022 14:16:56 GMT
vary: Accept-Encoding
etag: "62d56b58-48b9"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/themes/gamxo/assets/css/bootstrap.min.css?ver=1.4
208.83.233.145200 OK 164 kB URL HTTP/2 weeklylive.info/wp-content/themes/gamxo/assets/css/bootstrap.min.css?ver=1.4
IP 208.83.233.145:0
File type Unicode text, UTF-8 text, with very long lines (65306)
Size 164 kB (163873 bytes)
Hash 94994c66fec8c3468b269dc0cc242151
ec16bd19bf4ae9bc2e2336ac409a503bbbdaacad
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/themes/gamxo/assets/css/bootstrap.min.css?ver=1.4 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: text/css
content-length: 163873
last-modified: Mon, 18 Jul 2022 17:46:47 GMT
vary: Accept-Encoding
etag: "62d59c87-28021"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/themes/gamxo/assets/fonts/flaticon-gamxo/flaticon.css?ver=1.4
208.83.233.145200 OK 3.1 kB URL HTTP/2 weeklylive.info/wp-content/themes/gamxo/assets/fonts/flaticon-gamxo/flaticon.css?ver=1.4
IP 208.83.233.145:0
Hash 1e7cbb8da8d576cb807124cd3840c841
4583959f98c56dcd591f535befb259304d717dfd
acca001c72f00dff3bbc3aa9ca573dcd31affcad0835b4287f381638a33ea2e1
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/themes/gamxo/assets/fonts/flaticon-gamxo/flaticon.css?ver=1.4 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: text/css
content-length: 3139
last-modified: Mon, 18 Jul 2022 17:46:47 GMT
vary: Accept-Encoding
etag: "62d59c87-c43"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/themes/gamxo/assets/css/magnific-popup.css?ver=1.4
208.83.233.145200 OK 7.0 kB URL HTTP/2 weeklylive.info/wp-content/themes/gamxo/assets/css/magnific-popup.css?ver=1.4
IP 208.83.233.145:0
Hash 30b593b71d7672658f89bfea0ab360c9
d6963db6faa9294387bb3175813a61bc3f859437
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/gamxo/assets/css/magnific-popup.css?ver=1.4 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: text/css
content-length: 6951
last-modified: Mon, 18 Jul 2022 17:46:47 GMT
vary: Accept-Encoding
etag: "62d59c87-1b27"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/themes/gamxo/assets/css/font-awesome.min.css?ver=1.4
208.83.233.145200 OK 57 kB URL HTTP/2 weeklylive.info/wp-content/themes/gamxo/assets/css/font-awesome.min.css?ver=1.4
IP 208.83.233.145:0
File type ASCII text, with very long lines (57150)
Hash e3b8b563e36cda2dda793d662396d56b
799e3b1aec0f18be7a1c695cc80f83341b85db42
f479c8026856fbe9aebc9234a1322f9eb81796a312b3c45944c4329f1fdbc52a
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/themes/gamxo/assets/css/font-awesome.min.css?ver=1.4 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: text/css
content-length: 57336
last-modified: Mon, 18 Jul 2022 17:46:47 GMT
vary: Accept-Encoding
etag: "62d59c87-dff8"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/themes/gamxo/assets/css/animate.min.css?ver=1.4
208.83.233.145200 OK 61 kB URL HTTP/2 weeklylive.info/wp-content/themes/gamxo/assets/css/animate.min.css?ver=1.4
IP 208.83.233.145:0
File type ASCII text, with CRLF line terminators
Hash aeee371d71534ea57f47b9d8eafafcdf
27a891b485fd093ea2ed667ea8f9625dfdb42704
f1abdca5fe9f3f60172deab5407c43988d83db6845259fd67069806cd2084ab7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/gamxo/assets/css/animate.min.css?ver=1.4 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: text/css
content-length: 60868
last-modified: Mon, 18 Jul 2022 17:46:47 GMT
vary: Accept-Encoding
etag: "62d59c87-edc4"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/themes/gamxo/assets/css/default.css?ver=1.4
208.83.233.145200 OK 14 kB URL HTTP/2 weeklylive.info/wp-content/themes/gamxo/assets/css/default.css?ver=1.4
IP 208.83.233.145:0
Hash 8f5aaa46e0f3bb895882652d98e78c4c
d0aff2d841c4418a1c269052eab906580fd4bb3f
4910fbc6161296e74d710cda65e9178e33e3a38af92e7f8c54a3dae3866a01ef
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/themes/gamxo/assets/css/default.css?ver=1.4 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: text/css
content-length: 14140
last-modified: Mon, 18 Jul 2022 17:46:47 GMT
vary: Accept-Encoding
etag: "62d59c87-373c"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
208.83.233.145200 OK 58 kB URL HTTP/2 weeklylive.info/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 208.83.233.145:0
File type ASCII text, with very long lines (57726)
Hash eeb705d0bdccfd645d3bbd46dd1fbab3
066def290f42ed8c00860e573cc880bd46e9ced4
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: text/css
content-length: 57912
last-modified: Mon, 18 Jul 2022 17:47:17 GMT
vary: Accept-Encoding
etag: "62d59ca5-e238"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
208.83.233.145200 OK 677 B URL HTTP/2 weeklylive.info/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
IP 208.83.233.145:0
File type ASCII text, with very long lines (491)
Hash 3eef8c9e589a6fd58292e79bbac4ba5d
d3ebdb629b8d9c92380b14b1676b123398f0841b
eea3d6ccda7f6503078cce9dc41176c1357af1c93a5b3625131ef7cf21c9d7c4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: text/css
content-length: 677
last-modified: Mon, 18 Jul 2022 17:47:17 GMT
etag: "62d59ca5-2a5"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/themes/gamxo/assets/css/elementor.css?ver=1.4
208.83.233.145200 OK 67 kB URL HTTP/2 weeklylive.info/wp-content/themes/gamxo/assets/css/elementor.css?ver=1.4
IP 208.83.233.145:0
Hash ed63c3fdac5b7ceda9b87e01208cc264
8c00fe4ab09f114fc7d1d62e2b75b5899271cc4c
c8869a381734696049e91baf0b5da08e39d5f4a57496dea5d62abf5e9a0fc7fa
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/gamxo/assets/css/elementor.css?ver=1.4 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: text/css
content-length: 66672
last-modified: Mon, 18 Jul 2022 17:46:47 GMT
vary: Accept-Encoding
etag: "62d59c87-10470"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/2022/07/weeklylive-logo.png
208.83.233.145200 OK 9.1 kB URL HTTP/2 weeklylive.info/wp-content/uploads/2022/07/weeklylive-logo.png
IP 208.83.233.145:0
File type PNG image data, 548 x 108, 8-bit/color RGBA, non-interlaced\012- data
Hash 962e338f2674060943ebfcd2072e4134
29649ae718012b063cdba8059d734b5e93d4d09f
5474d0d792d41e9e6cfcfd41c3c89af202e76005ee2363a258d71fe574cb837d
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/07/weeklylive-logo.png HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: image/png
content-length: 9058
last-modified: Tue, 19 Jul 2022 14:56:26 GMT
etag: "62d6c61a-2362"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/2022/07/weeklylive-logo-light.png
208.83.233.145200 OK 9.0 kB URL HTTP/2 weeklylive.info/wp-content/uploads/2022/07/weeklylive-logo-light.png
IP 208.83.233.145:0
File type PNG image data, 548 x 108, 8-bit/color RGBA, non-interlaced\012- data
Hash bc2ebaa5b15e2a0bdb5b0435ae3c1f56
d255b6d175dbf1596135e90624a3b1f13d8f0924
a052f6cec1b858d2729b86f28747de057bd6e4dcc062720e4df5ec405b215ffd
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/07/weeklylive-logo-light.png HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: image/png
content-length: 9043
last-modified: Tue, 19 Jul 2022 14:56:27 GMT
etag: "62d6c61b-2353"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/themes/gamxo/assets/element/noimage_540X400.jpg
208.83.233.145200 OK 12 kB URL HTTP/2 weeklylive.info/wp-content/themes/gamxo/assets/element/noimage_540X400.jpg
IP 208.83.233.145:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 540x400, components 3\012- data
Hash f4dddd0450192b9ca16527e10e505be1
5c45c5296447c75aff7c0f20735c6172711ca10c
d20021ae24f0fa2982e91c6de9c5637929ebb301da9dee237f699f398f86b0a6
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/themes/gamxo/assets/element/noimage_540X400.jpg HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: image/jpeg
content-length: 11473
last-modified: Mon, 18 Jul 2022 17:46:47 GMT
etag: "62d59c87-2cd1"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/2022/09/home-insurance.jpg
208.83.233.145200 OK 51 kB URL HTTP/2 weeklylive.info/wp-content/uploads/2022/09/home-insurance.jpg
IP 208.83.233.145:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 360x180, components 3\012- data
Hash 89bee90c04c9663d980090441bfaf05f
de437a56774a8014699f486a05a164b700006a80
ae49c99b7446c6b352b893eae2d65220380709e9b216947f0492f1615497aa8e
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/09/home-insurance.jpg HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: image/jpeg
content-length: 51329
last-modified: Fri, 02 Sep 2022 20:10:04 GMT
etag: "6312631c-c881"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/2022/09/card.png
208.83.233.145200 OK 64 kB URL HTTP/2 weeklylive.info/wp-content/uploads/2022/09/card.png
IP 208.83.233.145:0
File type PNG image data, 360 x 180, 8-bit/color RGB, non-interlaced\012- data
Hash 747d00e4c3db49ad729f82d420b4bb93
05adbb76c3c1f35037ef428e9df28b9cc8b2f4fe
572256f3f64366f43d30cf7da38e88c9eb5b052f3e77cfce63d777d257ddb5e9
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/09/card.png HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: image/png
content-length: 64243
last-modified: Fri, 02 Sep 2022 20:07:14 GMT
etag: "63126272-faf3"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
208.83.233.145200 OK 90 kB URL HTTP/2 weeklylive.info/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 208.83.233.145:0
File type ASCII text, with very long lines (65447)
Hash 02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 89521
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
vary: Accept-Encoding
etag: "6048e0ac-15db1"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/fluentform/public/css/fluent-forms-public.css?ver=4.3.9
208.83.233.145200 OK 9.6 kB URL HTTP/2 weeklylive.info/wp-content/plugins/fluentform/public/css/fluent-forms-public.css?ver=4.3.9
IP 208.83.233.145:0
File type ASCII text, with very long lines (9558)
Hash 66a09ade21e6b34a6876ab59f56bf528
b63068ccf558c1a45d3dd68299caed713e6d9ebe
3490df652bcc0a9bb52f17f61b66a6ed00f85f87a7eeac6f6fa209f868d15a27
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/fluentform/public/css/fluent-forms-public.css?ver=4.3.9 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: text/css
content-length: 9559
last-modified: Mon, 18 Jul 2022 17:47:22 GMT
vary: Accept-Encoding
etag: "62d59caa-2557"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/fluentform/public/css/fluentform-public-default.css?ver=4.3.9
208.83.233.145200 OK 17 kB URL HTTP/2 weeklylive.info/wp-content/plugins/fluentform/public/css/fluentform-public-default.css?ver=4.3.9
IP 208.83.233.145:0
File type ASCII text, with very long lines (17117)
Hash eab9d3168f69a064ca48d5eff926a66b
7bc2630ab409908013ada352b8f299ef956a9d2d
3182ce7ea730f9b4d4e451e6f8e4e8e3c72eb0573d19f21e1c66ed3cad9762df
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/fluentform/public/css/fluentform-public-default.css?ver=4.3.9 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: text/css
content-length: 17118
last-modified: Mon, 18 Jul 2022 17:47:22 GMT
vary: Accept-Encoding
etag: "62d59caa-42de"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/
208.83.233.145200 OK 176 kB IP 208.83.233.145:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6021), with CRLF, LF line terminators
Size 176 kB (175976 bytes)
Hash 6ffd09e002797a9e541a581d49c8bffb
4659a37a506d3a7d543f875dd57316a07ec6524e
9fba1bddca9a395488cb3f371999078fc72d8831b87813620d2b13900453c816
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET / HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:35 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-store
link: <https://weeklylive.info/wp-json/>; rel="https://api.w.org/", <https://weeklylive.info/wp-json/wp/v2/pages/5092>; rel="alternate"; type="application/json", <https://weeklylive.info/>; rel=shortlink
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-skin.min.css?ver=6.7.0
208.83.233.145200 OK 7.9 kB URL HTTP/2 weeklylive.info/wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-skin.min.css?ver=6.7.0
IP 208.83.233.145:0
File type ASCII text, with very long lines (7887), with no line terminators
Hash e9832bf9ac8e609f5ece62974257220d
feb78d4ff80fd84163c98a67ded3ad06ef7bacb9
0070e220521a6a69cb33f7da37bd5c1aa7e76d0865fb9cdba6672eb5ba50e425
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-skin.min.css?ver=6.7.0 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: text/css
content-length: 7887
last-modified: Mon, 18 Jul 2022 17:47:26 GMT
vary: Accept-Encoding
etag: "62d59cae-1ecf"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js
208.83.233.145200 OK 78 B URL HTTP/2 weeklylive.info/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js
IP 208.83.233.145:0
File type ASCII text, with CRLF line terminators
Hash 4eaad8a9a1aefaba667d9ab85f1c8c7d
ff0bcfbf3c9a01dae04681c71e0476ee1f263cd5
2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 78
last-modified: Fri, 02 Sep 2022 18:55:54 GMT
etag: "631251ba-4e"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.7.0
208.83.233.145200 OK 9.5 kB URL HTTP/2 weeklylive.info/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.7.0
IP 208.83.233.145:0
File type ASCII text, with very long lines (9139)
Hash 87c54edf7dad7dfdfde015f6eee45ff1
96ec1a06ea3093c47e1e2fc4444ada7f4456135d
ef22199864042b8ceeee3729f3254c140df7217364045737ca3aadf8434fb3da
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.7.0 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 9533
last-modified: Mon, 18 Jul 2022 17:47:26 GMT
vary: Accept-Encoding
etag: "62d59cae-253d"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.7.0
208.83.233.145200 OK 3.0 kB URL HTTP/2 weeklylive.info/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.7.0
IP 208.83.233.145:0
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 8bc2109ef48cabf7a26b73d7c3536c5f
0e0dfee3a3975eafc3dd55f190d1deb3c6c55d3b
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.7.0 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 3037
last-modified: Mon, 18 Jul 2022 17:47:26 GMT
vary: Accept-Encoding
etag: "62d59cae-bdd"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.7.0
208.83.233.145200 OK 1.8 kB URL HTTP/2 weeklylive.info/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.7.0
IP 208.83.233.145:0
File type ASCII text, with very long lines (1668)
Hash d0a6d8547c66b0d7b0172466558d1208
ff93916519c7b9483251f609e4d29f38c30a66e3
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.7.0 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 1834
last-modified: Mon, 18 Jul 2022 17:47:26 GMT
vary: Accept-Encoding
etag: "62d59cae-72a"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.7.0
208.83.233.145200 OK 2.1 kB URL HTTP/2 weeklylive.info/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.7.0
IP 208.83.233.145:0
File type ASCII text, with very long lines (2139), with no line terminators
Hash b72c1cbb1530a011a27bd9800f26765a
27b825c5d8255f33b8427a059d4545ebd65e1746
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.7.0 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 2139
last-modified: Mon, 18 Jul 2022 17:47:26 GMT
vary: Accept-Encoding
etag: "62d59cae-85b"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.7.0
208.83.233.145200 OK 2.9 kB URL HTTP/2 weeklylive.info/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.7.0
IP 208.83.233.145:0
File type ASCII text, with very long lines (2938), with no line terminators
Hash 0fd625c3991a4015814cffdc88e2fc82
d7c2f53e058210ff3ea773297641008bab71a5f3
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.7.0 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 2938
last-modified: Mon, 18 Jul 2022 17:47:26 GMT
vary: Accept-Encoding
etag: "62d59cae-b7a"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.16.0
208.83.233.145200 OK 4.6 kB URL HTTP/2 weeklylive.info/wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.16.0
IP 208.83.233.145:0
File type ASCII text, with very long lines (4602), with no line terminators
Hash 25d887c9c8997522cf1184e1171d605c
8f9fc958307ce831e7313d22d996908f578956e2
ccdea9568a2dafdc3b5dfafd7cc65ed784a235fe1a3c2da2e4183a9bb834c136
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.16.0 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 4602
last-modified: Mon, 18 Jul 2022 17:47:28 GMT
vary: Accept-Encoding
etag: "62d59cb0-11fa"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21
208.83.233.145200 OK 12 kB URL HTTP/2 weeklylive.info/wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21
IP 208.83.233.145:0
File type ASCII text, with very long lines (11827)
Hash 06a3b48689b0314af6c5da5b6ff27bfd
a98a815d90cba195409d39bd74d31b1e6f9dbf95
4cd7a0d2c9eb03966a0dc60658526c20fa4e8ee4a0660da469f55edaf9a18c9f
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 11900
last-modified: Mon, 18 Jul 2022 17:47:28 GMT
vary: Accept-Encoding
etag: "62d59cb0-2e7c"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/yith-woocommerce-quick-view/assets/js/frontend.min.js?ver=1.17.0
208.83.233.145200 OK 2.1 kB URL HTTP/2 weeklylive.info/wp-content/plugins/yith-woocommerce-quick-view/assets/js/frontend.min.js?ver=1.17.0
IP 208.83.233.145:0
File type ASCII text, with very long lines (2014), with CRLF line terminators
Hash a415eeb584b6df672b7e6c287751c2b6
74dae2cda253b217ac763f012d244d897a7d0227
14530df0a96335cfa5fe4d01ba471ee6cb3947d7c3e64602913b19f877672bd6
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/yith-woocommerce-quick-view/assets/js/frontend.min.js?ver=1.17.0 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 2140
last-modified: Mon, 18 Jul 2022 17:47:30 GMT
vary: Accept-Encoding
etag: "62d59cb2-85c"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/themes/gamxo/assets/js/bootstrap.min.js?ver=1.4
208.83.233.145200 OK 59 kB URL HTTP/2 weeklylive.info/wp-content/themes/gamxo/assets/js/bootstrap.min.js?ver=1.4
IP 208.83.233.145:0
File type ASCII text, with very long lines (58940)
Hash 259e416ef6833be43801b8b68a93b008
19080c3b817985336aab5e1ce6925c99803f2efd
70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/gamxo/assets/js/bootstrap.min.js?ver=1.4 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 59219
last-modified: Mon, 18 Jul 2022 17:46:47 GMT
vary: Accept-Encoding
etag: "62d59c87-e753"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/themes/gamxo/assets/js/color-mode.js?ver=1.4
208.83.233.145200 OK 1.4 kB URL HTTP/2 weeklylive.info/wp-content/themes/gamxo/assets/js/color-mode.js?ver=1.4
IP 208.83.233.145:0
File type ASCII text, with CRLF line terminators
Hash b041c3800a7c7b959ec2abd341b31068
39bbfd153c9e7584789a43f173dc8fc675354019
001a797bac2bbd9b86fd59478b4c93880d6a182e8272544d8eaae8141eb1fe36
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/gamxo/assets/js/color-mode.js?ver=1.4 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 1406
last-modified: Mon, 18 Jul 2022 17:46:47 GMT
vary: Accept-Encoding
etag: "62d59c87-57e"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/themes/gamxo/assets/js/jquery.ticker.js?ver=1.4
208.83.233.145200 OK 7.7 kB URL HTTP/2 weeklylive.info/wp-content/themes/gamxo/assets/js/jquery.ticker.js?ver=1.4
IP 208.83.233.145:0
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (7706), with no line terminators
Hash f95350e5fbc6a17219b20196320be3be
82e3703c1485cd583ec10c61896143bc3bb7c2b1
a7615ecead12f35991d652ade3958cf4faa07173549a89d35bd314a28fb10bf7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/gamxo/assets/js/jquery.ticker.js?ver=1.4 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 7706
last-modified: Mon, 18 Jul 2022 17:46:47 GMT
vary: Accept-Encoding
etag: "62d59c87-1e1a"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/themes/gamxo/assets/js/theia-sticky-sidebar.min.js?ver=1.4
208.83.233.145200 OK 5.4 kB URL HTTP/2 weeklylive.info/wp-content/themes/gamxo/assets/js/theia-sticky-sidebar.min.js?ver=1.4
IP 208.83.233.145:0
File type HTML document, ASCII text, with very long lines (5370), with CRLF line terminators
Hash 5476ee50caf76e8cc8e4ba73df45de18
9bd057392c7d26d28bab4d72913f4d3986601339
becf800888dc4f3093e57c79a983953d38b9a21ec330fa02cb585f96eb923eff
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/themes/gamxo/assets/js/theia-sticky-sidebar.min.js?ver=1.4 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 5374
last-modified: Mon, 18 Jul 2022 17:46:47 GMT
vary: Accept-Encoding
etag: "62d59c87-14fe"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/themes/gamxo/assets/js/wow.min.js?ver=1.4
208.83.233.145200 OK 6.3 kB URL HTTP/2 weeklylive.info/wp-content/themes/gamxo/assets/js/wow.min.js?ver=1.4
IP 208.83.233.145:0
File type ASCII text, with very long lines (6273)
Hash b69c9aab55bd732fef07d5bf21b0a761
8f25d4efc8103c5aaf4c6f1aebf3453b4ad0b085
0e758efeef1e7112e28bb08bbecb891bfda1a89c9ff4da69a09259418dd7d7ec
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/gamxo/assets/js/wow.min.js?ver=1.4 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 6303
last-modified: Mon, 18 Jul 2022 17:46:47 GMT
vary: Accept-Encoding
etag: "62d59c87-189f"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/themes/gamxo/assets/js/parallax.js?ver=1.4
208.83.233.145200 OK 1.9 kB URL HTTP/2 weeklylive.info/wp-content/themes/gamxo/assets/js/parallax.js?ver=1.4
IP 208.83.233.145:0
Hash 24602a6d93cf57e1f1b64fb7123fee0a
38904f27b95d45daf4943fdf103cf11e05b5b23e
e0bf568dffb7867df64321aaa31d0a2d3800854b84976157852414accf394693
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/gamxo/assets/js/parallax.js?ver=1.4 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 1855
last-modified: Mon, 18 Jul 2022 17:46:47 GMT
vary: Accept-Encoding
etag: "62d59c87-73f"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/themes/gamxo/assets/js/isotope.pkgd.min.js?ver=1.4
208.83.233.145200 OK 36 kB URL HTTP/2 weeklylive.info/wp-content/themes/gamxo/assets/js/isotope.pkgd.min.js?ver=1.4
IP 208.83.233.145:0
File type ASCII text, with very long lines (32019), with CRLF line terminators
Hash 5fb7c19c9c51cfb99f5ff942629f0f21
14c7f59e73d2a99aa688c2443a9a9b24acbff43c
a931e5af561b1f0efaf6cdb96aeac4c035c30756dd6edd1091da1a68747d35bc
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/gamxo/assets/js/isotope.pkgd.min.js?ver=1.4 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 35456
last-modified: Mon, 18 Jul 2022 17:46:47 GMT
vary: Accept-Encoding
etag: "62d59c87-8a80"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/themes/gamxo/assets/js/jquery.magnific-popup.min.js?ver=1.4
208.83.233.145200 OK 20 kB URL HTTP/2 weeklylive.info/wp-content/themes/gamxo/assets/js/jquery.magnific-popup.min.js?ver=1.4
IP 208.83.233.145:0
File type ASCII text, with very long lines (20087), with CRLF line terminators
Hash b37d7edf99565d3858eaa1ad80df3cff
786a4343711e9af5e5dfcc493e7d2331b48875bb
b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/gamxo/assets/js/jquery.magnific-popup.min.js?ver=1.4 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 20219
last-modified: Mon, 18 Jul 2022 17:46:47 GMT
vary: Accept-Encoding
etag: "62d59c87-4efb"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-includes/js/imagesloaded.min.js?ver=4.1.4
208.83.233.145200 OK 5.6 kB URL HTTP/2 weeklylive.info/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 208.83.233.145:0
File type ASCII text, with very long lines (5477)
Hash 3a56752b736635bf69cb069b8818cbfd
42e0951fe74bb3f56a30f51291823bcd4a84d76e
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 5629
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
vary: Accept-Encoding
etag: "5ee520a7-15fd"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-includes/js/masonry.min.js?ver=4.2.2
208.83.233.145200 OK 24 kB URL HTTP/2 weeklylive.info/wp-includes/js/masonry.min.js?ver=4.2.2
IP 208.83.233.145:0
File type ASCII text, with very long lines (23966)
Hash 3b3fc826e58fc554108e4a651c9c7848
76778fd446e2ff2377588a7b4ac4d79f258427c9
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 24138
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
vary: Accept-Encoding
etag: "5ee520a7-5e4a"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/themes/gamxo/assets/js/main.js?ver=1.4
208.83.233.145200 OK 48 kB URL HTTP/2 weeklylive.info/wp-content/themes/gamxo/assets/js/main.js?ver=1.4
IP 208.83.233.145:0
File type ASCII text, with CRLF line terminators
Hash 4332326dfce76e43d80472c5cf28cb40
2d288a39829f06f31ae0f129f7279dbfd92e4b24
847ef059e5bb36fcc64bf66217840f1f4a60d705ebe7697168e2dab21870beb2
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/gamxo/assets/js/main.js?ver=1.4 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 47451
last-modified: Mon, 18 Jul 2022 17:46:47 GMT
vary: Accept-Encoding
etag: "62d59c87-b95b"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.59
208.83.233.145200 OK 78 B URL HTTP/2 weeklylive.info/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.59
IP 208.83.233.145:0
File type ASCII text, with CRLF line terminators
Hash 4eaad8a9a1aefaba667d9ab85f1c8c7d
ff0bcfbf3c9a01dae04681c71e0476ee1f263cd5
2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.59 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 78
last-modified: Fri, 02 Sep 2022 18:55:54 GMT
etag: "631251ba-4e"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/fluentform/public/js/form-submission.js?ver=4.3.9
208.83.233.145200 OK 18 kB URL HTTP/2 weeklylive.info/wp-content/plugins/fluentform/public/js/form-submission.js?ver=4.3.9
IP 208.83.233.145:0
File type ASCII text, with very long lines (17672), with no line terminators
Hash 8f9d08e7f23b5c8c9a9afb14afab7451
cfca687e0933a45406a75fa5133a798ea11b877c
9b51edd6aa119f10aa09d9d0a9619bfaa5c3f10cd12c8686a64870cd0d697a69
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/fluentform/public/js/form-submission.js?ver=4.3.9 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 17672
last-modified: Mon, 18 Jul 2022 17:47:23 GMT
vary: Accept-Encoding
etag: "62d59cab-4508"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/2022/09/light.jpg
208.83.233.145200 OK 28 kB URL HTTP/2 weeklylive.info/wp-content/uploads/2022/09/light.jpg
IP 208.83.233.145:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 360x180, components 3\012- data
Hash 142e8226aa82b674a56da98a2ab8cb47
6c4844d9b92e3d9e4aa8c0eee65e0915ca48896c
3010b56c0fd9811367b4c58f975a15330a7cbc50c96840244d35e18a3dff7d9e
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/09/light.jpg HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: image/jpeg
content-length: 28204
last-modified: Fri, 02 Sep 2022 20:52:28 GMT
etag: "63126d0c-6e2c"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/2022/09/blackrock.jpg
208.83.233.145200 OK 59 kB URL HTTP/2 weeklylive.info/wp-content/uploads/2022/09/blackrock.jpg
IP 208.83.233.145:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 360x180, components 3\012- data
Hash e708e6ae1db9e9be7ef2880231061bc8
c77c19e6cbcfd2a1efd800fa33ddfff27dc1e260
8944f211b5e83fcad88ad2e716c03ee571669d522e47cd5395048cc4f454e67c
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/09/blackrock.jpg HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: image/jpeg
content-length: 59030
last-modified: Fri, 02 Sep 2022 20:52:25 GMT
etag: "63126d09-e696"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/2022/09/market.jpg
208.83.233.145200 OK 36 kB URL HTTP/2 weeklylive.info/wp-content/uploads/2022/09/market.jpg
IP 208.83.233.145:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 360x180, components 3\012- data
Hash a7b7accc3dc8ffe064fec9323da6687e
8fdadf938c767aa807c7404cecff847208ef2261
21c85d10902c91f6fc57ab296dea597651193d4e3b22f56ede93afc388c79cee
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/09/market.jpg HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: image/jpeg
content-length: 35661
last-modified: Fri, 02 Sep 2022 20:52:28 GMT
etag: "63126d0c-8b4d"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/2022/09/house.jpg
208.83.233.145200 OK 55 kB URL HTTP/2 weeklylive.info/wp-content/uploads/2022/09/house.jpg
IP 208.83.233.145:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 360x180, components 3\012- data
Hash 5af30c1233f5159d328fd61a4776a100
838c71bf7c0c2f895597cacd16a2c02d49f7ea06
4472b71e4b045b0ad2abf05d1f90823bd4bf8e84eb2b380d43f3958b06c5e31b
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/09/house.jpg HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: image/jpeg
content-length: 54704
last-modified: Fri, 02 Sep 2022 20:52:26 GMT
etag: "63126d0a-d5b0"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/2022/09/chillex.jpg
208.83.233.145200 OK 33 kB URL HTTP/2 weeklylive.info/wp-content/uploads/2022/09/chillex.jpg
IP 208.83.233.145:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 360x180, components 3\012- data
Hash 495a696b9e5655095227d7ef0ce11a87
8d3b30c8fa2b2ca3529d4d7e749e0b4e911c62bc
06d407111a5d34446d715e73703c9eb13747252b0b465090e8b7d46a8142d317
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/09/chillex.jpg HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: image/jpeg
content-length: 33448
last-modified: Fri, 02 Sep 2022 20:52:26 GMT
etag: "63126d0a-82a8"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-includes/js/underscore.min.js?ver=1.13.3
208.83.233.145200 OK 19 kB URL HTTP/2 weeklylive.info/wp-includes/js/underscore.min.js?ver=1.13.3
IP 208.83.233.145:0
File type ASCII text, with very long lines (18876)
Hash 42aa17e1f850a414638ee4a32a3aa807
2e42d03a5e042701191650c041eae1cfb2d6c7b9
0da4791b446818516f710c51707081aec7b23a7c5212fc0b2629c973210136a4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-includes/js/underscore.min.js?ver=1.13.3 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 18911
last-modified: Mon, 18 Jul 2022 14:16:56 GMT
vary: Accept-Encoding
etag: "62d56b58-49df"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-includes/js/wp-util.min.js?ver=6.0.2
208.83.233.145200 OK 1.3 kB URL HTTP/2 weeklylive.info/wp-includes/js/wp-util.min.js?ver=6.0.2
IP 208.83.233.145:0
File type ASCII text, with very long lines (1305)
Hash 8637362089372427b52fa10a43d8109c
6009bed674718329dce6055ab09fa95181162d81
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-includes/js/wp-util.min.js?ver=6.0.2 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 1340
last-modified: Fri, 25 Jun 2021 14:50:58 GMT
vary: Accept-Encoding
etag: "60d5ed52-53c"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=6.7.0
208.83.233.145200 OK 14 kB URL HTTP/2 weeklylive.info/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=6.7.0
IP 208.83.233.145:0
File type ASCII text, with very long lines (13590), with no line terminators
Hash a49a60e0186f705f693279985371da20
3419d4683879d6a48e051e38356602a2f5094511
3b55a00b09e9df011435d1f358401cf7153066bbfeafdc3384e5d8cdaf4e3262
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=6.7.0 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 13590
last-modified: Mon, 18 Jul 2022 17:47:26 GMT
vary: Accept-Encoding
etag: "62d59cae-3516"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21-wc.6.7.0
208.83.233.145200 OK 2.7 kB URL HTTP/2 weeklylive.info/wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21-wc.6.7.0
IP 208.83.233.145:0
File type ASCII text, with very long lines (2600)
Hash 6656000d5e9d405df3093dec766256c2
adc0fc077f359ca912305c4d0ec2d56c201c0613
7592aea3e7ee0eb873abaf4872be28881cf3c6427244c884a20c7860d64586da
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21-wc.6.7.0 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 2666
last-modified: Mon, 18 Jul 2022 17:47:26 GMT
vary: Accept-Encoding
etag: "62d59cae-a6a"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1-wc.6.7.0
208.83.233.145200 OK 31 kB URL HTTP/2 weeklylive.info/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1-wc.6.7.0
IP 208.83.233.145:0
File type ASCII text, with very long lines (31256)
Hash e22e98ef098c3b503d9c63461356cbf9
c4174b7ecbcb2eece7e655985238bede4dcee18e
5ce087396aa514135af15c0c8f803df7f81c3e4b5ee662572b2c50656871a3da
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1-wc.6.7.0 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 31357
last-modified: Mon, 18 Jul 2022 17:47:26 GMT
vary: Accept-Encoding
etag: "62d59cae-7a7d"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1-wc.6.7.0
208.83.233.145200 OK 9.7 kB URL HTTP/2 weeklylive.info/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1-wc.6.7.0
IP 208.83.233.145:0
File type HTML document, ASCII text, with very long lines (9566)
Hash 5b1eda76cc9eb1d3bc8127423bb7ac9d
9aea845cb56b9c5836c887b4de94f555ba720e74
8c13efb5481bca7a0fcb4a73cde0c737393d3efb7908a280cb0b6284c8223ecf
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1-wc.6.7.0 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 9677
last-modified: Mon, 18 Jul 2022 17:47:26 GMT
vary: Accept-Encoding
etag: "62d59cae-25cd"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=6.7.0
208.83.233.145200 OK 6.3 kB URL HTTP/2 weeklylive.info/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=6.7.0
IP 208.83.233.145:0
File type Unicode text, UTF-8 text, with very long lines (6320), with no line terminators
Hash 29809bd191c28bebbc4c4ac85d0c4441
385414980c24731fb044e164df677037cc91b619
3d92cc58108d3e5d1b6b0b363627267415889575719ac8238c556507cb672fba
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=6.7.0 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 6323
last-modified: Mon, 18 Jul 2022 17:47:26 GMT
vary: Accept-Encoding
etag: "62d59cae-18b3"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.7
208.83.233.145200 OK 5.0 kB URL HTTP/2 weeklylive.info/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.7
IP 208.83.233.145:0
File type ASCII text, with very long lines (4918)
Hash 0981243ad04e7bfb26ef9d4b6070f08e
e89726f738b980c5dcd7cd805011e217e46c2a8c
e31e1cfb470365c46c451ae94f3a5f9bac9df96a0f403f044f851228a5bf1667
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.7 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 4957
last-modified: Mon, 18 Jul 2022 17:47:17 GMT
vary: Accept-Encoding
etag: "62d59ca5-135d"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.7
208.83.233.145200 OK 14 kB URL HTTP/2 weeklylive.info/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.7
IP 208.83.233.145:0
File type ASCII text, with very long lines (14448)
Hash f7a9fe2494d4fb5b559215de44f8932d
e6f2314d6d1300035cccb8a21d91109b1b98db37
133f35fbfc23c0d8cf814176860427bd6a02da9278de3de662da11d9602d8582
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.7 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 14487
last-modified: Mon, 18 Jul 2022 17:47:17 GMT
vary: Accept-Encoding
etag: "62d59ca5-3897"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
208.83.233.145200 OK 12 kB URL HTTP/2 weeklylive.info/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 208.83.233.145:0
File type ASCII text, with very long lines (12198), with no line terminators
Hash 3819c3569da71daec283a75483735f7e
ecd40a5cc6f0b76200c454ca880210dc301cfab8
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 12198
last-modified: Mon, 18 Jul 2022 17:47:17 GMT
vary: Accept-Encoding
etag: "62d59ca5-2fa6"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
208.83.233.145200 OK 21 kB URL HTTP/2 weeklylive.info/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 208.83.233.145:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 6aaf0a4e8eac131defea126f5b1b5fbf
24da0326af36303e5a1e9799a3c26f7a1077928c
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 20715
last-modified: Mon, 18 Jul 2022 14:16:56 GMT
vary: Accept-Encoding
etag: "62d56b58-50eb"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.7
208.83.233.145200 OK 38 kB URL HTTP/2 weeklylive.info/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.7
IP 208.83.233.145:0
File type ASCII text, with very long lines (37920)
Hash 6f35d3750be3979cdba82cf143093f9b
5d19dc6041e5c24b5ef205e28f9f607bfa9a03aa
e0f0d6d71e313ae3ee40517ae4df4806d42aacf7720c5c0220506c247796c4f7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.7 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 37959
last-modified: Mon, 18 Jul 2022 17:47:18 GMT
vary: Accept-Encoding
etag: "62d59ca6-9447"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/2022/09/humming.jpg
208.83.233.145200 OK 49 kB URL HTTP/2 weeklylive.info/wp-content/uploads/2022/09/humming.jpg
IP 208.83.233.145:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 360x180, components 3\012- data
Hash 4f54407e3525315f80dd467b8746f4b0
c99b19f71d59883062c0dc77cdaaca6702d9e8ef
19c14347565353f65ab2c5ea31cea31969e46ed2a9e417cb0fe041d7435deab8
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/09/humming.jpg HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: image/jpeg
content-length: 48786
last-modified: Fri, 02 Sep 2022 20:52:27 GMT
etag: "63126d0b-be92"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
104.18.11.207200 OK 122 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
IP 104.18.11.207:0
File type ASCII text, with very long lines (27303)
Size 122 kB (122392 bytes)
Hash f1f9fc75e82e178849cc374d8894e031
3285864bed59020d08bcf884f7f7cdf8383a42d5
f2ce3fb80aab677b5c663cc2a5cb2c6cc65856d5e4f1a6ce7421cbbf33936063
GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 19:04:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e9a84d03a1f7c6aa17012c712a6e5dd5
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 9015444
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74d07ac96b48b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/2022/09/life-insurance.jpg
208.83.233.145200 OK 80 kB URL HTTP/2 weeklylive.info/wp-content/uploads/2022/09/life-insurance.jpg
IP 208.83.233.145:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 360x180, components 3\012- data
Hash eec371c844bd444626fda36417a544d1
886c8a7e8bb87d2da1fce4c18ba1a3c5cb8a724c
0852dccc2acf2848d9b3ddd60e8823312f5cf619507603469b24e5f92813e65f
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/09/life-insurance.jpg HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: image/jpeg
content-length: 79988
last-modified: Fri, 02 Sep 2022 20:10:05 GMT
etag: "6312631d-13874"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/2022/09/solar2.jpg
208.83.233.145200 OK 91 kB URL HTTP/2 weeklylive.info/wp-content/uploads/2022/09/solar2.jpg
IP 208.83.233.145:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 360x180, components 3\012- data
Hash d28f070bccee45dd6f3884dfa9da7a12
736c0c07831641fe5590db5a0e3561f2be8350a7
0b63b48c6106d2403695017cf79ff71dd9354512da3bd3c1385d00cbf0ddf7a6
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/09/solar2.jpg HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: image/jpeg
content-length: 90950
last-modified: Fri, 02 Sep 2022 20:10:08 GMT
etag: "63126320-16346"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/2022/09/weeklylive-logo-light.png
208.83.233.145200 OK 9.0 kB URL HTTP/2 weeklylive.info/wp-content/uploads/2022/09/weeklylive-logo-light.png
IP 208.83.233.145:0
File type PNG image data, 548 x 108, 8-bit/color RGBA, non-interlaced\012- data
Hash bc2ebaa5b15e2a0bdb5b0435ae3c1f56
d255b6d175dbf1596135e90624a3b1f13d8f0924
a052f6cec1b858d2729b86f28747de057bd6e4dcc062720e4df5ec405b215ffd
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/09/weeklylive-logo-light.png HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: image/png
content-length: 9043
last-modified: Mon, 05 Sep 2022 18:41:59 GMT
etag: "631642f7-2353"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/2022/09/buzz.png
208.83.233.145200 OK 105 kB URL HTTP/2 weeklylive.info/wp-content/uploads/2022/09/buzz.png
IP 208.83.233.145:0
File type PNG image data, 360 x 180, 8-bit/color RGB, non-interlaced\012- data
Size 105 kB (105137 bytes)
Hash befade6df002c9bf4a88c87d03badf1b
5f04c04c2b5425795c41405631e922f47480a370
9d79bb17dcfa4442a9d63346399f8087f204b1e0075f7e0e72ce456cfd916367
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/09/buzz.png HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: image/png
content-length: 105137
last-modified: Fri, 02 Sep 2022 20:07:13 GMT
etag: "63126271-19ab1"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/themes/gamxo/assets/css/style.css?ver=1.4
208.83.233.145200 OK 278 kB URL HTTP/2 weeklylive.info/wp-content/themes/gamxo/assets/css/style.css?ver=1.4
IP 208.83.233.145:0
Size 278 kB (277812 bytes)
Hash 02a2b9c1617de7152956d7301def7669
e974829ca92d21c98f72fe6c23779f2c982b9251
2c4371a8b193ea540e03b32bde1e360b740e51cd8e35635fb67448bf99c9d900
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/gamxo/assets/css/style.css?ver=1.4 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: text/css
content-length: 277812
last-modified: Mon, 18 Jul 2022 17:46:47 GMT
vary: Accept-Encoding
etag: "62d59c87-43d34"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/themes/gamxo/assets/js/swiper.min.js?ver=1.4
208.83.233.145200 OK 145 kB URL HTTP/2 weeklylive.info/wp-content/themes/gamxo/assets/js/swiper.min.js?ver=1.4
IP 208.83.233.145:0
File type ASCII text, with very long lines (65284)
Size 145 kB (145402 bytes)
Hash 218a1e44055f62f6fa8be6dbf9af8531
f068bdd448100af0ae1f650b178e527bf24c9deb
515b83580607a0740411c249a43b9a699a352def59e5833692f88dfc0c82fffc
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/gamxo/assets/js/swiper.min.js?ver=1.4 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:36 GMT
content-type: application/javascript
content-length: 145402
last-modified: Mon, 18 Jul 2022 17:46:47 GMT
vary: Accept-Encoding
etag: "62d59c87-237fa"
expires: Wed, 19 Oct 2022 07:06:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 07:06:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 07:06:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 07:06:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
142.250.74.163200 OK 34 kB URL HTTP/2 fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 33580, version 1.0\012- data
Hash 848cd2ecd011428969dc6b90431bc482
6b1a7b562a56bd54510e0f6f95e26babca331a1b
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
GET /s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://weeklylive.info
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 21:08:19 GMT
expires: Tue, 12 Sep 2023 21:08:19 GMT
cache-control: public, max-age=31536000
age: 554298
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.7.0
208.83.233.145200 OK 7.0 kB URL HTTP/2 weeklylive.info/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.7.0
IP 208.83.233.145:0
File type ASCII text, with very long lines (7043), with no line terminators
Hash 456663a286a204386735fd775542a59e
0a61620b88f4ae0fa7d71e2c7a014ea2c3ab5749
a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.7.0 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:37 GMT
content-type: text/css
content-length: 7043
last-modified: Mon, 18 Jul 2022 17:47:26 GMT
vary: Accept-Encoding
etag: "62d59cae-1b83"
expires: Wed, 19 Oct 2022 07:06:37 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 07:06:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
weeklylive.info/wp-content/themes/gamxo/assets/webfonts/fa-solid-900.woff2
208.83.233.145200 OK 80 kB URL HTTP/2 weeklylive.info/wp-content/themes/gamxo/assets/webfonts/fa-solid-900.woff2
IP 208.83.233.145:0
File type Web Open Font Format (Version 2), TrueType, length 79464, version 331.524\012- data
Hash b3e460fdd8d304a121b44183473d7522
7ad1ee10d7762fa348e20725cf5e669a36a4360c
15809710190c5c2edbf07f0db683ade85fb801f8ff08a2dbb93eea9d0d4e6df2
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/gamxo/assets/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://weeklylive.info/wp-content/themes/gamxo/assets/css/font-awesome.min.css?ver=1.4
Cookie: quads_browser_width=1280
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:38 GMT
content-type: font/woff2
content-length: 79464
last-modified: Mon, 18 Jul 2022 17:46:47 GMT
etag: "62d59c87-13668"
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
208.83.233.145200 OK 13 kB URL HTTP/2 weeklylive.info/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
IP 208.83.233.145:0
File type Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Hash f0f8230116992e521526097a28f54066
0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://weeklylive.info/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
Cookie: quads_browser_width=1280
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:38 GMT
content-type: font/woff2
content-length: 13276
last-modified: Mon, 18 Jul 2022 17:47:17 GMT
etag: "62d59ca5-33dc"
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/2022/07/10.-Top-5-Financial-Goals-of-Americans-for-2022-and-How-to-Achieve-Them-2-560x600.png
208.83.233.145200 OK 397 kB URL HTTP/2 weeklylive.info/wp-content/uploads/2022/07/10.-Top-5-Financial-Goals-of-Americans-for-2022-and-How-to-Achieve-Them-2-560x600.png
IP 208.83.233.145:0
File type PNG image data, 560 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size 397 kB (397104 bytes)
Hash 061fd9846ea305ae56a1e59c5499b442
0004582b124768aec99dbf7cc844eeeb6ed0f2d9
8b9a42c03ea9f58a3e5f39dcc450c1c37e7d428be8b8812445a20c33559905db
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/07/10.-Top-5-Financial-Goals-of-Americans-for-2022-and-How-to-Achieve-Them-2-560x600.png HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Cookie: quads_browser_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:38 GMT
content-type: image/png
content-length: 397104
last-modified: Mon, 18 Jul 2022 18:24:15 GMT
etag: "62d5a54f-60f30"
expires: Wed, 19 Oct 2022 07:06:38 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/2022/07/6.-6-Factors-That-Determine-the-Cost-of-Your-Car-Insurance-2-540x400.png
208.83.233.145200 OK 238 kB URL HTTP/2 weeklylive.info/wp-content/uploads/2022/07/6.-6-Factors-That-Determine-the-Cost-of-Your-Car-Insurance-2-540x400.png
IP 208.83.233.145:0
File type PNG image data, 540 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 238 kB (238493 bytes)
Hash e5934b22a510b1a7f1d500ed8ecf4cf1
89aeb40e5b61f02823f18f5e4863891dd0a18380
627746cc097d9b537bd9ba3a67ef958b742c046b3a50e1e674fdc5ab1fa74405
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/07/6.-6-Factors-That-Determine-the-Cost-of-Your-Car-Insurance-2-540x400.png HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Cookie: quads_browser_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:38 GMT
content-type: image/png
content-length: 238493
last-modified: Mon, 18 Jul 2022 18:15:32 GMT
etag: "62d5a344-3a39d"
expires: Wed, 19 Oct 2022 07:06:38 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/2022/07/5.-4-Fundamental-Actions-to-Grow-Your-Business-in-2022-1-540x400.png
208.83.233.145200 OK 234 kB URL HTTP/2 weeklylive.info/wp-content/uploads/2022/07/5.-4-Fundamental-Actions-to-Grow-Your-Business-in-2022-1-540x400.png
IP 208.83.233.145:0
File type PNG image data, 540 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 234 kB (234429 bytes)
Hash 1205d24ad6d14745009b66d4b9940d09
54725cbfe4c343f8b6eee491c5994d6462cd20f2
ab1b51025596ea18e8142dea64cb7cbb9608ac11cf85be13dc185560b945e92d
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/07/5.-4-Fundamental-Actions-to-Grow-Your-Business-in-2022-1-540x400.png HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Cookie: quads_browser_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:38 GMT
content-type: image/png
content-length: 234429
last-modified: Mon, 18 Jul 2022 18:13:28 GMT
etag: "62d5a2c8-393bd"
expires: Wed, 19 Oct 2022 07:06:38 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/2022/07/weeklylive-favicon.png
208.83.233.145200 OK 3.8 kB URL HTTP/2 weeklylive.info/wp-content/uploads/2022/07/weeklylive-favicon.png
IP 208.83.233.145:0
File type PNG image data, 133 x 108, 8-bit/color RGBA, non-interlaced\012- data
Hash d0c509ee0bf2cfe7d2d4a6839025c6b4
9bd72f200a6b6977e6e34c9bbfbe95720252aeec
9f5768a3de2bd6914f91ad6550850bdc0b81ffca2df6104824f0bc4dc3279e6c
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/07/weeklylive-favicon.png HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Cookie: quads_browser_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:38 GMT
content-type: image/png
content-length: 3797
last-modified: Tue, 19 Jul 2022 14:56:24 GMT
etag: "62d6c618-ed5"
expires: Wed, 19 Oct 2022 07:06:38 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/2022/07/9.-Spend-Money-to-Get-Richer-Here-are-5-Ways-to-do-Just-That-1-560x600.png
208.83.233.145200 OK 407 kB URL HTTP/2 weeklylive.info/wp-content/uploads/2022/07/9.-Spend-Money-to-Get-Richer-Here-are-5-Ways-to-do-Just-That-1-560x600.png
IP 208.83.233.145:0
File type PNG image data, 560 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size 407 kB (406884 bytes)
Hash 84af85c671166b496baeaba93c12b14d
e98ed098727d8fd10d9fdc76569910b2611addf4
651e5c1b8b79a22daa9a60473fbd6d80b396cb0ed867539991bcaccdcbbb86aa
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/07/9.-Spend-Money-to-Get-Richer-Here-are-5-Ways-to-do-Just-That-1-560x600.png HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Cookie: quads_browser_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:38 GMT
content-type: image/png
content-length: 406884
last-modified: Mon, 18 Jul 2022 18:22:37 GMT
etag: "62d5a4ed-63564"
expires: Wed, 19 Oct 2022 07:06:38 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/2022/07/8.-5-Ways-to-Gain-Financial-Control-During-an-Inflation-2-560x600.png
208.83.233.145200 OK 499 kB URL HTTP/2 weeklylive.info/wp-content/uploads/2022/07/8.-5-Ways-to-Gain-Financial-Control-During-an-Inflation-2-560x600.png
IP 208.83.233.145:0
File type PNG image data, 560 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size 499 kB (499160 bytes)
Hash 069cb98546493af70b2994ec16c17884
c78379979e5e13c820ce54f7fcc5079501403d1e
c03e991365e28d40ed2af219d285f98440bb632882c802a65bc8e660c6144f17
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/07/8.-5-Ways-to-Gain-Financial-Control-During-an-Inflation-2-560x600.png HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Cookie: quads_browser_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:38 GMT
content-type: image/png
content-length: 499160
last-modified: Mon, 18 Jul 2022 18:20:33 GMT
etag: "62d5a471-79dd8"
expires: Wed, 19 Oct 2022 07:06:38 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/2022/07/7.Trash-To-Treasure-%E2%80%93-7-Things-You-Can-Recycle-For-Money-560x600.jpg
208.83.233.145200 OK 40 kB URL HTTP/2 weeklylive.info/wp-content/uploads/2022/07/7.Trash-To-Treasure-%E2%80%93-7-Things-You-Can-Recycle-For-Money-560x600.jpg
IP 208.83.233.145:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Converted from WebP to JPG using ezgif.com", baseline, precision 8, 560x600, components 3\012- data
Hash 3e444a48ae9ceb2481dd70dca0ff975e
ec26fa0b4c6658c4ffe2c761372db6a3248b55b8
1f906c7542631f8ddbf9f7a5d2fdef57db57226813e4ab8fe2ad82c3fdb23d68
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/07/7.Trash-To-Treasure-%E2%80%93-7-Things-You-Can-Recycle-For-Money-560x600.jpg HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Cookie: quads_browser_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:38 GMT
content-type: image/jpeg
content-length: 40128
last-modified: Mon, 18 Jul 2022 18:18:37 GMT
etag: "62d5a3fd-9cc0"
expires: Wed, 19 Oct 2022 07:06:38 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/2022/07/4.-Financial-Habits-To-Start-Your-First-Job-540x400.jpg
208.83.233.145200 OK 33 kB URL HTTP/2 weeklylive.info/wp-content/uploads/2022/07/4.-Financial-Habits-To-Start-Your-First-Job-540x400.jpg
IP 208.83.233.145:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 540x400, components 3\012- data
Hash e842e5c8558e49100deb0ce666506182
f36814704d60a17f93241e71df8432fc39fcbd44
0472070ead6cd00012ad06d7965fe51978c4c8d7d5c57fc6ca39817ace4a979d
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/07/4.-Financial-Habits-To-Start-Your-First-Job-540x400.jpg HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Cookie: quads_browser_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:38 GMT
content-type: image/jpeg
content-length: 32567
last-modified: Mon, 18 Jul 2022 18:11:55 GMT
etag: "62d5a26b-7f37"
expires: Wed, 19 Oct 2022 07:06:38 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/2022/07/3.-financial-woes-768x418-1-540x400.jpg
208.83.233.145200 OK 23 kB URL HTTP/2 weeklylive.info/wp-content/uploads/2022/07/3.-financial-woes-768x418-1-540x400.jpg
IP 208.83.233.145:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2], baseline, precision 8, 540x400, components 3\012- data
Hash 5c24e3e8290afea17ee10e86d3c88b6c
dfc94a8ba488b5539ff99e8f4cdd9fd26cdcf246
88ac7a77c3eed70335f6afb9918e997b633ca3f1515d5859abc7f1d49b90fdd8
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/07/3.-financial-woes-768x418-1-540x400.jpg HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Cookie: quads_browser_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:38 GMT
content-type: image/jpeg
content-length: 22570
last-modified: Mon, 18 Jul 2022 18:09:58 GMT
etag: "62d5a1f6-582a"
expires: Wed, 19 Oct 2022 07:06:38 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/2022/07/5.-4-Fundamental-Actions-to-Grow-Your-Business-in-2022-1-700x600.png
208.83.233.145200 OK 451 kB URL HTTP/2 weeklylive.info/wp-content/uploads/2022/07/5.-4-Fundamental-Actions-to-Grow-Your-Business-in-2022-1-700x600.png
IP 208.83.233.145:0
File type PNG image data, 700 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size 451 kB (450920 bytes)
Hash 0d7b6c8f1d4634ae9b0fa05667a8c5e5
36bf475d8ab6f10f577dcc2b6e9c12634fcdd8c4
5ba1e35470e7cc731831d615200929559fa1aa0b18e0b6212f76d2a14ca0cabc
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/07/5.-4-Fundamental-Actions-to-Grow-Your-Business-in-2022-1-700x600.png HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Cookie: quads_browser_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:38 GMT
content-type: image/png
content-length: 450920
last-modified: Mon, 18 Jul 2022 18:13:29 GMT
etag: "62d5a2c9-6e168"
expires: Wed, 19 Oct 2022 07:06:38 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/2022/07/4.-Financial-Habits-To-Start-Your-First-Job-700x512.jpg
208.83.233.145200 OK 48 kB URL HTTP/2 weeklylive.info/wp-content/uploads/2022/07/4.-Financial-Habits-To-Start-Your-First-Job-700x512.jpg
IP 208.83.233.145:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 700x512, components 3\012- data
Hash e2e97642d7ab8724bea6c235acf5ef68
661e17c3d1f32dd6d10328b525fc8ed1b1e8eae7
3d03643427436079c42de2bd86aa5a0fdef6318b5e167b5744f1ac0a631ac199
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/07/4.-Financial-Habits-To-Start-Your-First-Job-700x512.jpg HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Cookie: quads_browser_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:38 GMT
content-type: image/jpeg
content-length: 48131
last-modified: Mon, 18 Jul 2022 18:11:55 GMT
etag: "62d5a26b-bc03"
expires: Wed, 19 Oct 2022 07:06:38 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/2022/07/3.-financial-woes-768x418-1-700x418.jpg
208.83.233.145200 OK 30 kB URL HTTP/2 weeklylive.info/wp-content/uploads/2022/07/3.-financial-woes-768x418-1-700x418.jpg
IP 208.83.233.145:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2], baseline, precision 8, 700x418, components 3\012- data
Hash 4bcd9cb7ac0dc9edd7fdf825229363b4
e3fa9bfc7a8903eae0869a2bd0186330e5742efa
30b77361814c37f8fb23517d78de78994626637e223eabe8c27bb1067cb229df
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/07/3.-financial-woes-768x418-1-700x418.jpg HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Cookie: quads_browser_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:38 GMT
content-type: image/jpeg
content-length: 29814
last-modified: Mon, 18 Jul 2022 18:09:58 GMT
etag: "62d5a1f6-7476"
expires: Wed, 19 Oct 2022 07:06:38 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/2022/07/2.-consolidating-your-student-loans-768x422-1-700x422.jpg
208.83.233.145200 OK 29 kB URL HTTP/2 weeklylive.info/wp-content/uploads/2022/07/2.-consolidating-your-student-loans-768x422-1-700x422.jpg
IP 208.83.233.145:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 220x220, segment length 16, baseline, precision 8, 700x422, components 3\012- data
Hash 5356487cb990f03321449df0dcb5f8c9
71ebeb3b00a5d81b161d12cbe4134361e1df62f4
c4168897404559a8f405f3d3b47457b03ff0bfaa51d424ba40590e6a7c5d8baa
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/07/2.-consolidating-your-student-loans-768x422-1-700x422.jpg HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Cookie: quads_browser_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:38 GMT
content-type: image/jpeg
content-length: 28598
last-modified: Mon, 18 Jul 2022 18:08:24 GMT
etag: "62d5a198-6fb6"
expires: Wed, 19 Oct 2022 07:06:38 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/2022/07/10.-Top-5-Financial-Goals-of-Americans-for-2022-and-How-to-Achieve-Them-2-420x420.png
208.83.233.145200 OK 217 kB URL HTTP/2 weeklylive.info/wp-content/uploads/2022/07/10.-Top-5-Financial-Goals-of-Americans-for-2022-and-How-to-Achieve-Them-2-420x420.png
IP 208.83.233.145:0
File type PNG image data, 420 x 420, 8-bit/color RGBA, non-interlaced\012- data
Size 217 kB (216791 bytes)
Hash bd430cfdc2dc8c625a90ad696d6b53d1
752c75ff3d0d9b55011cd1c8f6ef7080fbd29a3e
b53d87b36593966e9a639e393b65c17e0e765b179e80a0d54fcd2cc2b5e554e4
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/07/10.-Top-5-Financial-Goals-of-Americans-for-2022-and-How-to-Achieve-Them-2-420x420.png HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Cookie: quads_browser_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:38 GMT
content-type: image/png
content-length: 216791
last-modified: Mon, 18 Jul 2022 18:24:10 GMT
etag: "62d5a54a-34ed7"
expires: Wed, 19 Oct 2022 07:06:38 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
weeklylive.info/wp-content/uploads/2022/07/9.-Spend-Money-to-Get-Richer-Here-are-5-Ways-to-do-Just-That-1.png
208.83.233.145200 OK 906 kB URL HTTP/2 weeklylive.info/wp-content/uploads/2022/07/9.-Spend-Money-to-Get-Richer-Here-are-5-Ways-to-do-Just-That-1.png
IP 208.83.233.145:0
File type PNG image data, 1024 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size 906 kB (906086 bytes)
Hash a36e9854cca2713434d8b004ba874be4
d3a081f0391c36c15aad2e3ad63a71f6bda02244
b45218d452f918c6094abe8485147ccec90db66a093ceb99992768defdac0e7f
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/07/9.-Spend-Money-to-Get-Richer-Here-are-5-Ways-to-do-Just-That-1.png HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://weeklylive.info/
Cookie: quads_browser_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:38 GMT
content-type: image/png
content-length: 906086
last-modified: Mon, 18 Jul 2022 18:21:52 GMT
etag: "62d5a4c0-dd366"
expires: Wed, 19 Oct 2022 07:06:38 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45d6cb12-076a-432f-9153-165d4ddfa7b8.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45d6cb12-076a-432f-9153-165d4ddfa7b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f2b49224f40b4ea819e0c66fc155eec
d37b9b044bdb469678433766470ed36a2384817f
b94b1d4e0df0bac9b4a2b5c86bee900248614756fb24e2b7b182a871b425b2ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45d6cb12-076a-432f-9153-165d4ddfa7b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11345
x-amzn-requestid: 6b78aa51-b7d1-494b-93f9-6906911efa7a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YowwkHc9IAMF8IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632694d0-0f0b85eb5172e8014f0db2a9;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 03:47:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: en9bQR-hlcvBUJkgkKnLgBtYNUbSywwHJ4GZE76oN8eP6m8EnlDgdw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:25:08 GMT
age: 85294
etag: "d37b9b044bdb469678433766470ed36a2384817f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
weeklylive.info/?wc-ajax=get_refreshed_fragments
208.83.233.145200 OK 0 B URL HTTP/2 weeklylive.info/?wc-ajax=get_refreshed_fragments
IP 208.83.233.145:0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: weeklylive.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://weeklylive.info
Connection: keep-alive
Referer: https://weeklylive.info/
Cookie: quads_browser_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 07:06:38 GMT
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://weeklylive.info
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
X-Firefox-Spdy: h2