r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 326898eb925368408f6f42ee173b9d89
b8b20ee34b7e7b139e7729b8e46a54ea25f54ac8
96c2c75f700ab55649882111713ca3cfb2eaf08e404c2bc245a641dc12ae168a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96C2C75F700AB55649882111713CA3CFB2EAF08E404C2BC245A641DC12AE168A"
Last-Modified: Wed, 04 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11717
Expires: Sat, 07 Jan 2023 07:13:05 GMT
Date: Sat, 07 Jan 2023 03:57:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 516b9d6951b09439a51d5284994ed92f
5c78edb38bae36caa8e2db8ed6635a32e46c91dd
eaaf4ebc59d2a06d02b552154c5adb7c713ffc4a7f5caabcff1c2b4cd6ec5c7b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EAAF4EBC59D2A06D02B552154C5ADB7C713FFC4A7F5CAABCFF1C2B4CD6EC5C7B"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14944
Expires: Sat, 07 Jan 2023 08:06:52 GMT
Date: Sat, 07 Jan 2023 03:57:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 600f7ba6e1a6fbbd176cd2df19b1e4d9
cdd72b25fd91ee980aba193b12e890096e4fe852
860214860947dfbe26099f018747154823b175fceb2821a390cc655da191a6d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "860214860947DFBE26099F018747154823B175FCEB2821A390CC655DA191A6D0"
Last-Modified: Thu, 05 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13007
Expires: Sat, 07 Jan 2023 07:34:35 GMT
Date: Sat, 07 Jan 2023 03:57:48 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 07 Jan 2023 03:48:05 GMT
content-type: application/json
age: 583
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: rdxtij+4Tmoz5FvOXKpDOD/vBPD69O+b4EMxmx2GLKoGMemI9+M1NSQDL7cH1pdz4yuc+ClZkm4d7TnhLcxlxA==
x-amz-request-id: MS2CF5HVK5WYG8BK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 07 Jan 2023 03:02:26 GMT
age: 3322
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 07 Jan 2023 03:57:48 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 07 Jan 2023 03:08:13 GMT
age: 2975
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 43c8442b7447debab97b0f6bc973e23a
38a5f1869cff7f6ddbfd3a24e57a3da7851ba3b0
4eb7adc914570287dde1317395d1d95b07271c8fe20b97a8928025c292c47dba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1432
Cache-Control: max-age=106370
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 03:57:49 GMT
Etag: "63b7e4a8-1d7"
Expires: Sun, 08 Jan 2023 09:30:39 GMT
Last-Modified: Fri, 06 Jan 2023 09:06:48 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
pmincusa.com/1qo7o
162.240.44.152301 Moved Permanently 0 B IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /1qo7o HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 07 Jan 2023 03:57:47 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://pmincusa.com/1qo7o
Content-Length: 0
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
52.89.20.60101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.20.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EbQwdPfpXNGfstZHRdfokA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: emgHZz0dlwJeIPykzigUZAO1fuc=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11880
Expires: Sat, 07 Jan 2023 07:15:50 GMT
Date: Sat, 07 Jan 2023 03:57:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11880
Expires: Sat, 07 Jan 2023 07:15:50 GMT
Date: Sat, 07 Jan 2023 03:57:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11880
Expires: Sat, 07 Jan 2023 07:15:50 GMT
Date: Sat, 07 Jan 2023 03:57:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11880
Expires: Sat, 07 Jan 2023 07:15:50 GMT
Date: Sat, 07 Jan 2023 03:57:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e832123ea0c92a446b5894e75efc86ae
bb438ca635b43819701067ef07a3d910ad29a0c7
e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 93353c3e-1b26-424c-b4c6-0d113703edd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFvpBFGvIAMFobw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b22c9f-1d07cff31ae39320693642f0;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 01:00:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vIFVXgt2RmoplkAVOtUrOkXj3LmhRw-XEPe7fugZ2-mv_iDY07XzUg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 00:24:31 GMT
age: 12799
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528de87e-4c51-4e2a-90d5-fa6c5a52a300.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528de87e-4c51-4e2a-90d5-fa6c5a52a300.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c3735c87d612da35bd07f0397b95799a
47a017ef6a57d5ec43482308cda3e15f35bfacf6
e075dd0433540b3c35030bd9312273e1ed472ab1a25cfe2912086d35e6019a60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528de87e-4c51-4e2a-90d5-fa6c5a52a300.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10420
x-amzn-requestid: 07ec4ee5-9bf1-4562-ace2-54878d165362
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eVx2SE-AIAMF9hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8968e-261039fd5a03f8bd318be3f0;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 21:45:50 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: Bt72dHvalgXSITQUzBErtnMBC9FV6i3-PooqUFkv09AS0tOVWkU0gQ==
via: 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront), 1.1 50faaaa196a6b0875217ef7827f97d7c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 03:53:23 GMT
age: 267
etag: "47a017ef6a57d5ec43482308cda3e15f35bfacf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F947f1c49-6957-4cda-b8dd-6b5f93de9d39.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F947f1c49-6957-4cda-b8dd-6b5f93de9d39.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841dfabf529ce5e50ccb825ff518dedb
c208e348fddfaf8ba08e90717096c1b3047a8919
05c661cac438c912207bc9952799d4b9695ec65fb7556a7eb5b24bb8b91f8f39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F947f1c49-6957-4cda-b8dd-6b5f93de9d39.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12452
x-amzn-requestid: f8d06e9b-4211-423e-ba36-89dd85f158df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eP63ZGj8IAMF9MA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b63e95-4c63bd1447f5149050c7b6bd;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 03:05:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: P-vf_XapTHArKMBE1DrFyV_bbtemQXylv59MYknsJNS6RDRW7b99Fg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 05:12:37 GMT
age: 81913
etag: "c208e348fddfaf8ba08e90717096c1b3047a8919"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9065a68-5b6b-48d9-9a67-ee52d64c7fa7.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9065a68-5b6b-48d9-9a67-ee52d64c7fa7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4a9b0814cf080c45bacfd180ad0f7846
a0697b3661eeead7d18f4959207206927d24bebd
6023d83b6cc4054f4f3d4dda9059f4f93ad829b9510db7c1be8b6c9b59a29fd1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9065a68-5b6b-48d9-9a67-ee52d64c7fa7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11399
x-amzn-requestid: ae357a33-b784-49f0-9a22-4cd564c939ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eGCNWEeOIAMFg5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b24a55-794102864eb6796301cf314e;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 03:07:01 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: QCx3r3CVh7eqdpZsnexk664XQXL1ilM44RyZeNeYMeIqS2YTtidN4A==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 6af3b573d8970d5db2a4d03354335b84.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 10:25:33 GMT
age: 63137
etag: "a0697b3661eeead7d18f4959207206927d24bebd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a51093b-a234-4694-9280-6ea68de36744.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a51093b-a234-4694-9280-6ea68de36744.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b970a91b8b2e02c08da490ad7a897a79
0b25447121c9d5d1c276cde893549234ab1d0448
e528ef574f793d899cd41ec3d2f954bc1a3658f4c8faedc04206aaf0c530e2e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a51093b-a234-4694-9280-6ea68de36744.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5815
x-amzn-requestid: c2634739-191d-47c0-98bb-2c91f0d7e5ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d_-8mEtSoAMF1Fg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63afdeb6-55946d3d7784a69409205dfc;Sampled=0
x-amzn-remapped-date: Sat, 31 Dec 2022 07:03:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Z0j6NdKvdYB0clSgL9AMRWTxjsgnUMSxsD3OOh-cHswkPXVnwCnM8g==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 05:12:37 GMT
age: 81913
etag: "0b25447121c9d5d1c276cde893549234ab1d0448"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00386939-61dd-4d7a-a930-6df89a8e0c57.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00386939-61dd-4d7a-a930-6df89a8e0c57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51f29fa68742d72a5ad8ad54a973424d
4941e01c8718adfe7ce13d551e80549236e561df
83b4e946e058ae662e559703f64896ce4c5de969045cf8e3e00806297eab0007
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00386939-61dd-4d7a-a930-6df89a8e0c57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6895
x-amzn-requestid: 9f97f493-9846-4eb3-ad6e-f66ba96ad818
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eGCT7FfIoAMFg5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b24a7f-3e871fb3073afc164927e98a;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 03:07:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: m9Jwqqrb9ithrnRne7cC5MAeD_V3JhQM5jB2AYLBxkTA4hNjZUTbKQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 10:25:33 GMT
age: 63137
etag: "4941e01c8718adfe7ce13d551e80549236e561df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 623e85ff33837eb6c59e11ae2759237a
cea1948490802e652e7f6678dc76694e0d6ab61a
1fb30f3579d3277435c860f472008bea3680db1202d838ad4669d943ec88ba65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 03:57:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e4fdd703d4ebb3209cd70c0ffd234da1
2e3a0a6fe0e63d2991e4b8726d5a2c21406a0dc1
ff40f371b1ebac1fbc0e809a0e85f500977372f25e8a72eda450083755fef11d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 03:57:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-52849488-1
142.250.74.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-52849488-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash fbbc44f610c6f21e1e55126986096196
10a918000f5b44f648663a9225b8b17a93abdba6
9184555f0d3219a57423b5abf2d27385faf330d9f85157bc3e4be1960a581bff
GET /gtag/js?id=UA-52849488-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 07 Jan 2023 03:57:51 GMT
expires: Sat, 07 Jan 2023 03:57:51 GMT
cache-control: private, max-age=900
last-modified: Sat, 07 Jan 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45375
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A100%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COswald%3A100%2C300%2C400%2C500%2C600%2C700%2C800%2C900&subset&display=swap
142.250.74.74200 OK 1.5 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A100%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COswald%3A100%2C300%2C400%2C500%2C600%2C700%2C800%2C900&subset&display=swap
IP 142.250.74.74:0
Hash 09e53e8bcb0bcddfffc81ed0de89564d
06dc3147a117eb2fe1184a0edadf469080f5b7c9
d56175a7260da7b701bb63cbb9cfcfffa5e7c8383ad53a07db95bd769f628071
GET /css?family=Open+Sans%3A100%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COswald%3A100%2C300%2C400%2C500%2C600%2C700%2C800%2C900&subset&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 07 Jan 2023 03:57:51 GMT
date: Sat, 07 Jan 2023 03:57:51 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e4fdd703d4ebb3209cd70c0ffd234da1
2e3a0a6fe0e63d2991e4b8726d5a2c21406a0dc1
ff40f371b1ebac1fbc0e809a0e85f500977372f25e8a72eda450083755fef11d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 03:57:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pmincusa.com/wp-includes/css/classic-themes.min.css?ver=1
162.240.44.152200 OK 217 B URL HTTP/2 pmincusa.com/wp-includes/css/classic-themes.min.css?ver=1
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 11:54:37 GMT
accept-ranges: bytes
content-length: 217
content-type: text/css
date: Sat, 07 Jan 2023 03:57:49 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
162.240.44.152200 OK 95 kB URL HTTP/2 pmincusa.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (47826)
Hash 71d925864153f0edf91037f3d31048e8
cc16a0524ac63b5ce29f703a66412224f0dd771a
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 15 Nov 2022 23:52:53 GMT
accept-ranges: bytes
content-length: 94889
content-type: text/css
date: Sat, 07 Jan 2023 03:57:49 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
162.240.44.152200 OK 19 kB URL HTTP/2 pmincusa.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 May 2022 18:25:12 GMT
accept-ranges: bytes
content-length: 18617
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/css/owl.carousel.css?ver=2.3.4
162.240.44.152200 OK 3.4 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/css/owl.carousel.css?ver=2.3.4
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3184)
Hash b2752a850d44f50036628eeaef3bfcfa
fba46353cf90450ef3d362a123f1e7af3e8c561e
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
GET /wp-content/themes/h-code/assets/css/owl.carousel.css?ver=2.3.4 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 3351
content-type: text/css
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
162.240.44.152200 OK 2.7 kB URL HTTP/2 pmincusa.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash e6fae855021a88a0067fcc58121c594f
6299ac3987b5e81725781799dad361d19ac3b99d
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 16 May 2022 22:16:12 GMT
accept-ranges: bytes
content-length: 2731
content-type: text/css
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/css/owl.transitions.css?ver=2.3.4
162.240.44.152200 OK 4.5 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/css/owl.transitions.css?ver=2.3.4
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 4276863948d6d6810bac12d419bf32ba
99304e9d3a1e6540ea1bf2f10823a0a58354cdb9
a3b3e723ed60113e68c8f8c1e67adb206e63149c4e8fa714643781300aac19aa
GET /wp-content/themes/h-code/assets/css/owl.transitions.css?ver=2.3.4 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 4465
content-type: text/css
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/css/menu-hamburger.css?ver=2.2
162.240.44.152200 OK 4.0 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/css/menu-hamburger.css?ver=2.2
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash e1755e3aa1925deba51291a2e324802f
4d2d925cc9d1894a82da7702e4650a7479399068
34b6ff378c3e587675128c6552765727d93d9a3edfc0d0e982ced7818d0329fe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/h-code/assets/css/menu-hamburger.css?ver=2.2 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 4038
content-type: text/css
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/css/et-line-icons.css?ver=2.2
162.240.44.152200 OK 7.1 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/css/et-line-icons.css?ver=2.2
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1512)
Hash 9360037a74ee764e54ae56aa55f213f5
231de9bcdb8c6a776fb8ef01caf0461f83434ac4
feebe94d4080a8e4d06353cf464f6d902f4fbfd3f8101f605ec7738201f4d9ce
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/h-code/assets/css/et-line-icons.css?ver=2.2 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 7090
content-type: text/css
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/1qo7o
162.240.44.152404 Not Found 64 kB IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11629), with CRLF, LF line terminators
Hash 61ba5b3a8dca7ef9b72366e45059980b
6356972067144c717cc84cd6b26526b25eebc4a0
0b283410618d894d0abcc724f2e59e90e497dbdbe57cd6525eb897a5406969d2
Analyzer Verdict Alert fortinet Malware
GET /1qo7o HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://pmincusa.com/wp-json/>; rel="https://api.w.org/"
content-type: text/html; charset=UTF-8
date: Sat, 07 Jan 2023 03:57:48 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
162.240.44.152200 OK 11 kB URL HTTP/2 pmincusa.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Nov 2020 20:06:06 GMT
accept-ranges: bytes
content-length: 11224
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/css/magnific-popup.css?ver=2.2
162.240.44.152200 OK 14 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/css/magnific-popup.css?ver=2.2
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (544)
Hash 5a453794abe03316994b11781e7e2b55
63aea0029881d9319ab1e2638a23261dc3960d43
3568f52de8bf5faa3c46f4cae5beb553185e699423082f243ae3b01bb15e5bbb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/h-code/assets/css/magnific-popup.css?ver=2.2 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 13636
content-type: text/css
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/css/jquery.mCustomScrollbar.css?ver=2.2
162.240.44.152200 OK 16 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/css/jquery.mCustomScrollbar.css?ver=2.2
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 40cf8a469e36d9bdb4ca969d2a5336cd
a28cd50c6daea4b87983b97ac45087551c869d68
e3b5f41e4706b1b6e75921b3ee4c0f7d5b685c68a6ef0316a79d9615144fc3d5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/h-code/assets/css/jquery.mCustomScrollbar.css?ver=2.2 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 15521
content-type: text/css
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/css/text-effect.css?ver=2.2
162.240.44.152200 OK 24 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/css/text-effect.css?ver=2.2
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (454)
Hash a6e4c7dc935b2f9a61cd9d323fbf62b7
e852efb41a782672ea41f17d73f05bb03c6af927
d74229e6a1bfbf4017bd145028f90cb429d8fbcbcfd0fd59a19327928723f880
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/h-code/assets/css/text-effect.css?ver=2.2 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 24128
content-type: text/css
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/js/jquery.viewport.mini.js?ver=1.0
162.240.44.152200 OK 1.2 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/js/jquery.viewport.mini.js?ver=1.0
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1202)
Hash 318ed33bbdee2ef7181386682cdf6e63
500935bda0e7fe800266206c5d2a40e1392815fa
86c0fbbc6709dc98cb3447e00f325743b2f006521654a71f4d38c5247b1ff8c4
GET /wp-content/themes/h-code/assets/js/jquery.viewport.mini.js?ver=1.0 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 1203
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/css/extralayers.css?ver=2.2
162.240.44.152200 OK 43 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/css/extralayers.css?ver=2.2
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (43274), with no line terminators
Hash 894c54efb413422aa765ab52f4c18baa
e4ec8f47172fe4f2e6846caa8d666322cb693bf3
e1da168f0dfeb0bc66cba2f5f2f6af707768b4a00ac5797d6cb71d8efe43b0af
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/h-code/assets/css/extralayers.css?ver=2.2 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 43274
content-type: text/css
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/css/animate.css?ver=3.6.2
162.240.44.152200 OK 53 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/css/animate.css?ver=3.6.2
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (53270)
Hash 55009d64191e6f9e712a841773ee6611
5f120f4be43d67152bf4bd8f63cca0e027d25a57
b48f9a7031474a0f73f92f2e6cbbfad730b5466cda96d86a4459c06efc986173
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/h-code/assets/css/animate.css?ver=3.6.2 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 53431
content-type: text/css
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/js/jquery.parallax.js?ver=1.1.3
162.240.44.152200 OK 1.9 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/js/jquery.parallax.js?ver=1.1.3
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash eee3e20608257d6479e2733150e6d3bc
dfbd418190bcc936f0c2bf29ba869a0e6454114e
6bd88997072ad2e2708e66ba3a473b35fc23d5cdad46ccbbeb146e38546e1b1c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/h-code/assets/js/jquery.parallax.js?ver=1.1.3 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 1883
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/css/font-awesome.min.css?ver=5.15.3
162.240.44.152200 OK 59 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/css/font-awesome.min.css?ver=5.15.3
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (59101)
Hash a5d68888e38d8d8384b5ebca37d83421
25671d327fcc803dff4172b9f1b378844df47e6e
00a5e744392416c3934fe585ee6b9d04e1e21576a8fb81b02b5d580e8b865240
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/h-code/assets/css/font-awesome.min.css?ver=5.15.3 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 59287
content-type: text/css
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/js/classie.js?ver=1.0.1
162.240.44.152200 OK 1.9 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/js/classie.js?ver=1.0.1
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 42db5fa5dce7cffb57a1c0b4935b9903
45b8990a24304129fc206a81109dd2c8b1449b1a
7764cf7df39dbc17ee4eac4ce4ad28acae9589cfa11ea42db333378bae352be6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/h-code/assets/js/classie.js?ver=1.0.1 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 1858
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/js/hamburger-menu.js?ver=2.2
162.240.44.152200 OK 1.7 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/js/hamburger-menu.js?ver=2.2
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 00f30e5a19c9f85f840199eb7d1ede5a
9aef702e392a82eea183c8b4e0aad9cd4bc5c181
01d765eff30fd8bc6fb192f2fc43196ed60bb16ede7f2da6c0b5440125c19e5b
GET /wp-content/themes/h-code/assets/js/hamburger-menu.js?ver=2.2 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 1675
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.5
162.240.44.152200 OK 59 kB URL HTTP/2 pmincusa.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.5
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash 8b19c7f2e2f079405832a60776d26af4
fea9d5e85146d2736ee11fe34e039e418447fb9c
6abe94c8db415593d42b093301152b1e9c727364c2b5ed05b5ca2f163d8aa747
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.5 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 16 May 2022 22:15:58 GMT
accept-ranges: bytes
content-length: 59103
content-type: text/css
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/js/jquery.smooth-scroll.min.js?ver=2.2.0
162.240.44.152200 OK 3.8 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/js/jquery.smooth-scroll.min.js?ver=2.2.0
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3649)
Hash 20c44e2797c4ac5f1b18ad7f2ac1b825
345fa9a943a172d8e7b180f02fae34ba174f6c8d
b982f590d24a343b8efa6726ff7b6675d031daab262cc9f6b77ac7d74b38176f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/h-code/assets/js/jquery.smooth-scroll.min.js?ver=2.2.0 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 3809
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/js/jquery.appear.js?ver=0.3.6
162.240.44.152200 OK 2.7 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/js/jquery.appear.js?ver=0.3.6
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 428eafba7d461d5d803b8977a24d4e19
b6842a9e59e81c49fcae8b161d41109cd1e39925
8e5b61f5bb5e1af9f9b5c71bdc5de666d3e7ad36e1ac52e199c7b6e53f41abbc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/h-code/assets/js/jquery.appear.js?ver=0.3.6 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 2702
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/js/jquery.fitvids.js?ver=1.1
162.240.44.152200 OK 3.2 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/js/jquery.fitvids.js?ver=1.1
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text
Hash 4862c3f30420198f2c5456271e280425
efe071a42afc35a4ed953bd56cab72db8bb87d8d
9f541bd7e952b7302372186b170fd43c1f640b22405ce7d73df8a389c41bd95b
GET /wp-content/themes/h-code/assets/js/jquery.fitvids.js?ver=1.1 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 3240
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/js/jquery.placeholder.min.js?ver=2.3.1
162.240.44.152200 OK 3.3 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/js/jquery.placeholder.min.js?ver=2.3.1
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3191)
Hash ee60835ea8faa661d4e1ce6c1a97b141
9a104e99d521e20ba205be6fae4668d4eb2f1594
be8e211636765e2b05f2a97b3fa9065420c06ee5baf21e8fd96ba7c03f90239e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/h-code/assets/js/jquery.placeholder.min.js?ver=2.3.1 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 3289
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
162.240.44.152200 OK 90 kB URL HTTP/2 pmincusa.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65447)
Hash 17738318d61d394f1de8890d589afaec
f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 11:54:36 GMT
accept-ranges: bytes
content-length: 89684
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/js/bootstrap-hover-dropdown.js?ver=2.2.1
162.240.44.152200 OK 6.0 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/js/bootstrap-hover-dropdown.js?ver=2.2.1
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash b833e5ce0d5c5951e943c8ff62133765
bd2adfdf114513316e3567c440d096edcc3d1c77
37420c2b7516aa7af3c3abdd95b657bd7d786c152adad0cb3c348edc422abe2f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/h-code/assets/js/bootstrap-hover-dropdown.js?ver=2.2.1 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 5988
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/js/text-effect.js?ver=1.0
162.240.44.152200 OK 5.5 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/js/text-effect.js?ver=1.0
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 497ebc8ef71e0997ba5fda09be7ef211
77855aa2dfb40817b07d80d2f3e121afcdc8f427
d20866ac54b17d2205264f37b531fbb71b6a6425d124f551bd4c97a949dd43bf
GET /wp-content/themes/h-code/assets/js/text-effect.js?ver=1.0 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 5532
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/js/jquery.countdown.min.js?ver=2.2.0
162.240.44.152200 OK 5.4 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/js/jquery.countdown.min.js?ver=2.2.0
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4136), with CRLF line terminators
Hash 76a923d3d69255c45cd24bf9b100244f
eb3c96f9901692f1a03500ea632963a16afdb985
8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5
GET /wp-content/themes/h-code/assets/js/jquery.countdown.min.js?ver=2.2.0 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 5360
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/js/imagesloaded.pkgd.min.js?ver=4.1.4
162.240.44.152200 OK 5.6 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/js/imagesloaded.pkgd.min.js?ver=4.1.4
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5477)
Hash e2c1a80b99251b7b94726b41312fb160
6d3e11174e22668e69df236e5c4542168f7cbfec
96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/h-code/assets/js/imagesloaded.pkgd.min.js?ver=4.1.4 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 5594
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
162.240.44.152200 OK 9.7 kB URL HTTP/2 pmincusa.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (9720), with no line terminators
Hash cfb428c02811f0cbe515d5f3dca61de6
e95f8696fbe29a706e66ccf582b36d9bd650ab9f
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 16 May 2022 22:16:12 GMT
accept-ranges: bytes
content-length: 9720
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/uploads/2022/05/paragon-logo.png
162.240.44.152200 OK 8.6 kB URL HTTP/2 pmincusa.com/wp-content/uploads/2022/05/paragon-logo.png
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 454 x 137, 8-bit/color RGBA, non-interlaced\012- data
Hash 82d5cbba75d544b3ab764f47f34381c2
ef99eb667179566fd797ce16d6e579b9b7266ed2
cd30a7911cbfe5efa0bc47a68bae8f50ab47959f8ee2f0a790997916a46c811d
GET /wp-content/uploads/2022/05/paragon-logo.png HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 May 2022 01:44:44 GMT
accept-ranges: bytes
content-length: 8626
content-type: image/png
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/css/bootstrap.css?ver=3.2.0
162.240.44.152200 OK 133 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/css/bootstrap.css?ver=3.2.0
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type assembler source, ASCII text, with very long lines (540), with CRLF line terminators
Size 133 kB (133288 bytes)
Hash 82c11d180c89c15c812eed7a9bacc81c
91bcef8f09ed35285ae8fdd622f2cb9ded668887
873639aebdc9c6b10c5f73659946675f3e16a986079ae3ff2af7b0432c224b41
GET /wp-content/themes/h-code/assets/css/bootstrap.css?ver=3.2.0 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 133288
content-type: text/css
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/css/responsive.css?ver=2.2
162.240.44.152200 OK 132 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/css/responsive.css?ver=2.2
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (563), with CRLF line terminators
Size 132 kB (131772 bytes)
Hash b17a399dc9f08820319ae80c884a503b
7da60f16853baee991a7d09504a0ea527d537a40
918ba117c43f5c49a6aba5931d8583fa3dc98663cef2872de42e8339ab5fd63a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/h-code/assets/css/responsive.css?ver=2.2 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 May 2022 04:49:04 GMT
accept-ranges: bytes
content-length: 131772
content-type: text/css
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/js/background-srcset.js?ver=2.1.0
162.240.44.152200 OK 7.7 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/js/background-srcset.js?ver=2.1.0
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash c50e66f79fdf1532f3a2edb408cfdba1
11efb3a657a4de101da0c1afc57a0dee6efeb61a
b17febc73b2a08e5929707c2ad37017e35b57bbd309b57fc992e902127ce64ea
GET /wp-content/themes/h-code/assets/js/background-srcset.js?ver=2.1.0 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 7713
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/js/jquery.easing.1.3.js?ver=1.3
162.240.44.152200 OK 8.1 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/js/jquery.easing.1.3.js?ver=1.3
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 6516449ed5089677ed3d7e2f11fc8942
82e40d060bc269a6dde20c3990ca5a4fea6ca754
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
GET /wp-content/themes/h-code/assets/js/jquery.easing.1.3.js?ver=1.3 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 8097
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/js/modernizr.js?ver=2.7.2
162.240.44.152200 OK 7.8 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/js/modernizr.js?ver=2.7.2
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (7648), with CRLF line terminators
Hash aa939659ad109535f6806db784dd1823
95afbc4e7061a0cf4efcedb8528118e343a28e38
ffe763a2f9f0173df860a0cf3527ff6ee008c3e3ccc2b08a8e1e030db57e8a63
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/h-code/assets/js/modernizr.js?ver=2.7.2 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 7832
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/js/skrollr.min.js?ver=1.0
162.240.44.152200 OK 13 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/js/skrollr.min.js?ver=1.0
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (13001), with no line terminators
Hash 655aba20f41f734e06df4253c3b2ad0e
fa534b004d2f19ed29b1e37251d79f613c624ad0
5b70eb0565e47d383682320919c35981d4cfcd754fbf062a9ea2eba6b25c7262
GET /wp-content/themes/h-code/assets/js/skrollr.min.js?ver=1.0 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 13001
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/js/wow.min.js?ver=1.1.3
162.240.44.152200 OK 8.4 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/js/wow.min.js?ver=1.1.3
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (8385)
Hash 36050285bfeeb7395752f0f9bbc08273
5924f7bbbf1dfa3f0926851d01f782f23a59e805
0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/h-code/assets/js/wow.min.js?ver=1.1.3 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 8415
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/js/jquery.easypiechart.js?ver=1.0
162.240.44.152200 OK 8.9 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/js/jquery.easypiechart.js?ver=1.0
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash c7c6820cc1a24eaab277f74b04a7116d
3c592ed12716487417e5ced1f654f301c87b28d7
b649dbfcbfb73a2433a026b7832da91999f1edf003baf1326960f281bf089165
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/h-code/assets/js/jquery.easypiechart.js?ver=1.0 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 8887
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/style.css?ver=2.2
162.240.44.152200 OK 269 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/style.css?ver=2.2
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (864)
Size 269 kB (269126 bytes)
Hash 3a1dd77d8aaee3c38fb193180becef39
216bafd85ed872dea3a49dd70a2e5e809747cf5d
c64f31e741190529a4550bb6d8c27c9a51d2ac0b628a92ab22f27af6c90332d3
GET /wp-content/themes/h-code/style.css?ver=2.2 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 29 Aug 2022 14:59:23 GMT
accept-ranges: bytes
content-length: 269126
content-type: text/css
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/js/jquery.magnific-popup.min.js?ver=1.0
162.240.44.152200 OK 21 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/js/jquery.magnific-popup.min.js?ver=1.0
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (21154), with no line terminators
Hash ffd11a8ba361ea3bda2667f2133ce706
2892d4b1ee8f2e95b0cc17b3dddbe2b7be012825
2aff2b214aa5df6720bbce6c7fee8e6029a823df1a80d0c4e7bbaa15e3441a51
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/h-code/assets/js/jquery.magnific-popup.min.js?ver=1.0 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 21154
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/js/infinite-scroll.js?ver=2.1.0
162.240.44.152200 OK 22 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/js/infinite-scroll.js?ver=2.1.0
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (21403), with CRLF line terminators
Hash 204bc0ad1f68779e8924809672e7e918
cff75f416aefb63cbf1c15d5140148459c93d3fe
d3c5d52a92e30c7ee4522cfc19ab83d36de96176dff10b0fe437b3441b8ddb14
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/h-code/assets/js/infinite-scroll.js?ver=2.1.0 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 21713
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
162.240.44.152200 OK 18 kB URL HTTP/2 pmincusa.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash e495a4709e3eae31c67f8263f25d2d39
d43ba6a092e4823a71f3bff75d5ed279a481636b
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 11:54:37 GMT
accept-ranges: bytes
content-length: 17823
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/js/page-scroll.js?ver=1.4.9
162.240.44.152200 OK 23 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/js/page-scroll.js?ver=1.4.9
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash f3e8e0cc2562d41f2782d74cad2e33c6
2c8b9b6d0566830192d5680d8b57105b3d54c18f
4dce1f7130cae19886f5306a8277b041508966c6d5144bad2b9ff62344e74969
GET /wp-content/themes/h-code/assets/js/page-scroll.js?ver=1.4.9 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 23314
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/js/jquery.isotope.min.js?ver=3.0.6
162.240.44.152200 OK 35 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/js/jquery.isotope.min.js?ver=3.0.6
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32019)
Hash 2afcff647ed260006faa71c8e779e8d4
c4e5994f24ee8c8d2cf2d6602f0b56b9096a2e98
081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/h-code/assets/js/jquery.isotope.min.js?ver=3.0.6 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 35445
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/js/popup-gallery.js?ver=2.2
162.240.44.152200 OK 30 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/js/popup-gallery.js?ver=2.2
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 1e9f3674e7dbf7f2f7f6d21c6fec6ef6
b469b372717d4514641b012d2ed6bed434d4a037
6dcc3b162a91fc460be72de526b77a1594c5a67f83dba334c6af56aa4b9e03d3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/h-code/assets/js/popup-gallery.js?ver=2.2 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 30167
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/js/owl.carousel.min.js?ver=2.3.4
162.240.44.152200 OK 44 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/js/owl.carousel.min.js?ver=2.3.4
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (31997)
Hash f416f9031fef25ae25ba9756e3eb6978
e2a600e433df72b4cfde93d7880e3114917a3cbe
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/h-code/assets/js/owl.carousel.min.js?ver=2.3.4 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 44342
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/js/jquery.mCustomScrollbar.concat.min.js?ver=3.1.13
162.240.44.152200 OK 46 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/js/jquery.mCustomScrollbar.concat.min.js?ver=3.1.13
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32001)
Hash 42a368e95b4a38989c8984c672d29ec0
70b2b29b138b9ddcdcbb58bd5d825f780eadcdfa
fd8027b53a97cbd5782e85c5908e563c39776703ff9279f50658e630927b4167
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/h-code/assets/js/jquery.mCustomScrollbar.concat.min.js?ver=3.1.13 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 45479
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/js/bootstrap.js?ver=3.2.0
162.240.44.152200 OK 68 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/js/bootstrap.js?ver=3.2.0
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash d21274a4ae2af85750447ee884cbb1de
367a7640cfb27c9706f40017450d88e2ece83e7c
83d911047b3757e0cad384d35a22c403e550f3a2fc93429917bfe92468e44919
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/h-code/assets/js/bootstrap.js?ver=3.2.0 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 68529
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/js/main.js?ver=2.2
162.240.44.152200 OK 111 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/js/main.js?ver=2.2
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (348), with CRLF line terminators
Size 111 kB (110611 bytes)
Hash 45fd18189955adbe77220d78782daceb
8b8d6d2fd59e2e5d84fee16e59478ff0cc9386f5
85d66dfdca0462cee548eb2cb7820789c52bf37b4174cb0722d05277149c6b0f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/h-code/assets/js/main.js?ver=2.2 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 110611
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.5
162.240.44.152200 OK 124 kB URL HTTP/2 pmincusa.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.5
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (42889), with CRLF line terminators
Size 124 kB (124272 bytes)
Hash 45158046da12a8625b17fabca990d080
366f30392bde37bf0eec5c7de4ec8be5498d35e2
87664d848161d3a5bf83a511f4f483dc05e8472d06aedd5111488d267af298bb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.5 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 16 May 2022 22:15:58 GMT
accept-ranges: bytes
content-length: 124272
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.5
162.240.44.152200 OK 376 kB URL HTTP/2 pmincusa.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.5
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (64288)
Size 376 kB (375875 bytes)
Hash 1a73ac13c556f58db6b42f4264862266
936dec84980758c6f1fabadd3d3f9cdb53a44701
e4efcd6ec7d1fc476d9d3f43480ec9fb2b37ebcca255edefd2cfad8d2a96c27a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.5 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 16 May 2022 22:15:58 GMT
accept-ranges: bytes
content-length: 375875
content-type: application/javascript
date: Sat, 07 Jan 2023 03:57:50 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b64a17d9b8c33515817fc19dd6f60d7
a752305109964bc1ef3537debed9c40c44198cea
8f7b7d229100176e82780eb0c3808b410b078025237210d8b5037c30ac3b0987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 03:57:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b64a17d9b8c33515817fc19dd6f60d7
a752305109964bc1ef3537debed9c40c44198cea
8f7b7d229100176e82780eb0c3808b410b078025237210d8b5037c30ac3b0987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 03:57:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b64a17d9b8c33515817fc19dd6f60d7
a752305109964bc1ef3537debed9c40c44198cea
8f7b7d229100176e82780eb0c3808b410b078025237210d8b5037c30ac3b0987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 03:57:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pmincusa.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 02 Jan 2023 18:52:41 GMT
expires: Tue, 02 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 378311
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b64a17d9b8c33515817fc19dd6f60d7
a752305109964bc1ef3537debed9c40c44198cea
8f7b7d229100176e82780eb0c3808b410b078025237210d8b5037c30ac3b0987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 03:57:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pmincusa.com/wp-content/themes/h-code/assets/fonts/et-line.woff
162.240.44.152200 OK 55 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/fonts/et-line.woff
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, CFF, length 55220, version 1.0\012- data
Hash b01ff252761958325faab1535c90c87f
d33413e7bc42acc8837cc9030ca45d29c1ccf0c6
19d2f43d546ada73dd083f7778aa4a5cac1a8e7a3af56efccae580fce07a5e1c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/h-code/assets/fonts/et-line.woff HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://pmincusa.com/wp-content/themes/h-code/assets/css/et-line-icons.css?ver=2.2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 55220
content-type: font/woff
date: Sat, 07 Jan 2023 03:57:51 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/fonts/fa-solid-900.woff2
162.240.44.152200 OK 78 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/fonts/fa-solid-900.woff2
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/h-code/assets/fonts/fa-solid-900.woff2 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://pmincusa.com/wp-content/themes/h-code/assets/css/font-awesome.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 78196
content-type: font/woff2
date: Sat, 07 Jan 2023 03:57:51 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/themes/h-code/assets/fonts/fa-brands-400.woff2
162.240.44.152200 OK 77 kB URL HTTP/2 pmincusa.com/wp-content/themes/h-code/assets/fonts/fa-brands-400.woff2
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Hash f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/h-code/assets/fonts/fa-brands-400.woff2 HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://pmincusa.com/wp-content/themes/h-code/assets/css/font-awesome.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Aug 2021 18:44:52 GMT
accept-ranges: bytes
content-length: 76764
content-type: font/woff2
date: Sat, 07 Jan 2023 03:57:51 GMT
server: Apache
X-Firefox-Spdy: h2
pmincusa.com/wp-content/uploads/2022/05/error-bg.jpg
162.240.44.152200 OK 264 kB URL HTTP/2 pmincusa.com/wp-content/uploads/2022/05/error-bg.jpg
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 1920x1100, components 3\012- data
Size 264 kB (264060 bytes)
Hash c10076bf2b32b727c1f547f1da7cf06c
713549d250b49a2a1d56d38af42b60b5de8b1ed0
61cc60fa1786f577b1a8a2d8193ed8ecf2612bacaa89e015e3a8223652106ffd
GET /wp-content/uploads/2022/05/error-bg.jpg HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 26 May 2022 21:19:02 GMT
accept-ranges: bytes
content-length: 264060
content-type: image/jpeg
date: Sat, 07 Jan 2023 03:57:51 GMT
server: Apache
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 07 Jan 2023 02:41:09 GMT
expires: Sat, 07 Jan 2023 04:41:09 GMT
cache-control: public, max-age=7200
age: 4603
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pmincusa.com/wp-content/uploads/2022/05/favicon.png
162.240.44.152200 OK 2.8 kB URL HTTP/2 pmincusa.com/wp-content/uploads/2022/05/favicon.png
IP 162.240.44.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash d6da4faa4eecceefb7cc3d5fba7c0fd4
203fd29e5c0fae4f2b5c06cf23c623ec31edc996
f55a39ee4eeced5d26592ba51481ba06313e6451212816d5c8e60089ddcfc0a0
GET /wp-content/uploads/2022/05/favicon.png HTTP/1.1
Host: pmincusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmincusa.com/1qo7o
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 May 2022 20:18:26 GMT
accept-ranges: bytes
content-length: 2815
content-type: image/png
date: Sat, 07 Jan 2023 03:57:51 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0521e41515d6353221b262052a1379d0
093c1306189c79f1cadc7b17f2a70ea34c0bc1d6
81d59ed2135bdc6f5987a5a3ff39fd7073c158f0a6fe1b79137799d7b2963a3f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 03:57:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-52849488-1&cid=1213744232.1673063861&jid=5781108&gjid=335012808&_gid=2120242673.1673063861&_u=YEBAAUAAAAAAACAAI~&z=842246370
173.194.222.154200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-52849488-1&cid=1213744232.1673063861&jid=5781108&gjid=335012808&_gid=2120242673.1673063861&_u=YEBAAUAAAAAAACAAI~&z=842246370
IP 173.194.222.154:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-52849488-1&cid=1213744232.1673063861&jid=5781108&gjid=335012808&_gid=2120242673.1673063861&_u=YEBAAUAAAAAAACAAI~&z=842246370 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://pmincusa.com
Connection: keep-alive
Referer: https://pmincusa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://pmincusa.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 07 Jan 2023 03:57:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0521e41515d6353221b262052a1379d0
093c1306189c79f1cadc7b17f2a70ea34c0bc1d6
81d59ed2135bdc6f5987a5a3ff39fd7073c158f0a6fe1b79137799d7b2963a3f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 03:57:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7308753d-b099-45a9-ac63-aeb8be417c01.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7308753d-b099-45a9-ac63-aeb8be417c01.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ac8905d1d5c1d4287877b2cd12c578f
3dba315adee4a143e7368e64c52c8766895a754c
7c19db731473111c9e8a0d939b1204b59e11a887cd90774b48d3dfa974cb491d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7308753d-b099-45a9-ac63-aeb8be417c01.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4795
x-amzn-requestid: b4c86dca-a149-4c6c-bc01-9a7c7b0322a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eJVY7FLNIAMFmqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b39c38-26f2d0e314e8cfdd71807d79;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 03:08:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9IEG-0tjgxCrCfxdqWOqJMo_gmpBuXqULdiSNVBXRlYgDU3lT-ZF6A==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 21:54:33 GMT
age: 21804
etag: "3dba315adee4a143e7368e64c52c8766895a754c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2