firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 03:08:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vHZC4OON4NJNUxpQAAkrFr9g0quOot4B0QaIxMirLr7IbFbPCTV-lQ==
Age: 2703
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8270
Expires: Tue, 13 Sep 2022 06:11:32 GMT
Date: Tue, 13 Sep 2022 03:53:42 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zcSBJ9xU-SvJd_QIUyft1VqNS9CiecHv8ii3YNsjpHnjJ5xDowh_CA==
age: 74190
X-Firefox-Spdy: h2
hareksaman999.com/
301 Moved Permanently 707 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Tue, 13 Sep 2022 03:53:42 GMT
server: LiteSpeed
location: https://hareksaman999.com/
x-turbo-charged-by: LiteSpeed
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 03:53:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 13 Sep 2022 03:03:22 GMT
Cache-Control: max-age=3600
Expires: Tue, 13 Sep 2022 03:59:26 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: S3ZAS9IACNdh-rqVi6K5SnNYdKN-IcQp1rW3pj3P7vSdOqKO-7KRxg==
Age: 3020
ocsp.sectigo.com/
200 OK 472 B IP
Hash d24885bc7d4e4c664f9850ad386cccce
0eed8db6743c791ae6c076f2fb31f3f3424b8a06
7d458a055275efadfa355de8b5100dd78a1215930e1164bd731fffea179e69e7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 03:53:42 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 10 Sep 2022 07:43:50 GMT
Expires: Sat, 17 Sep 2022 07:43:49 GMT
Etag: "0eed8db6743c791ae6c076f2fb31f3f3424b8a06"
Cache-Control: max-age=358806,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 749deffa2a220b69-OSL
ocsp.digicert.com/
200 OK 471 B IP
Hash cb674936db4af4be99c3c397eff8c6ae
de79d76bac3fae5799b0ff35ecc19360595dfb06
992b884b64f9f6fdb76a6ba91c48fed329325b95b99d8003b282879a52093c08
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1015
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:53:43 GMT
Last-Modified: Tue, 13 Sep 2022 03:36:48 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EE+IHclEU1JgH7DSUB24RA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jjIu8vn1F/TE8/qubD4sF2UiLnk=
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:53:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:53:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Poppins%3A400%2C600%2C500%2C700&1&display=swap&ver=2.1.3
200 OK 974 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins%3A400%2C600%2C500%2C700&1&display=swap&ver=2.1.3
IP
Hash 68d5374a94af571f2fe5e85c5032f96a
de0eced7d7ff71b5ce6ec21dede1a9b89affbf50
7e677f0adc95eeb9f6660b2838aedc45299af19401cd312229f833a07390f616
GET /css?family=Poppins%3A400%2C600%2C500%2C700&1&display=swap&ver=2.1.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Sep 2022 03:53:43 GMT
date: Tue, 13 Sep 2022 03:53:43 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
thumbs.dreamstime.com/b/paypal-logo-printed-paper-chisinau-moldova-september-internet-based-digital-money-transfer-service-128373487.jpg
200 OK 30 kB URL HTTP/2 thumbs.dreamstime.com/b/paypal-logo-printed-paper-chisinau-moldova-september-internet-based-digital-money-transfer-service-128373487.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, progressive, precision 8, 800x801, components 3\012- data
Hash 6db00812e549040c8ff8976e44fb6cb2
3f4e101a09a8ac1ff7a819898a61900ee97f220b
21769a8016f92aded3008e282fd509c1c326f54950b96968fa1ab08f1817315e
GET /b/paypal-logo-printed-paper-chisinau-moldova-september-internet-based-digital-money-transfer-service-128373487.jpg HTTP/1.1
Host: thumbs.dreamstime.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 24735860
cache-control: max-age=31536000
content-type: image/jpeg
date: Tue, 13 Sep 2022 03:53:43 GMT
etag: "3845584727"
expires: Wed, 13 Sep 2023 03:53:43 GMT
last-modified: Tue, 09 Oct 2018 20:03:41 GMT
server: ECS (ska/F6FC)
x-cache: HIT
content-length: 29840
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:53:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash f1642580b2cb55b10e45c9b8f504223b
631e64028c951d1ba9f1cf8711b90e464244a991
d6d3260749f7881525b09541fcdc4c8e30f942a8ed38670303c648892dd6c8e3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4261
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:53:43 GMT
Last-Modified: Tue, 13 Sep 2022 02:42:43 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
www.googletagmanager.com/gtag/js?id=UA-228914276-1
200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-228914276-1
IP
File type ASCII text, with very long lines (1615)
Hash 8c62be7e91be91d83f02b31c83a5929f
cc7915618700456b1db17527f9f2567f763ceebd
fdb9e59600b96c8c59783cb9c79432911bceb6ebec0d12e6662a4e5d3836eab0
GET /gtag/js?id=UA-228914276-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 03:53:43 GMT
expires: Tue, 13 Sep 2022 03:53:43 GMT
cache-control: private, max-age=900
last-modified: Tue, 13 Sep 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41968
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js.stripe.com/v3/?ver=1.4.6
200 OK 83 kB URL HTTP/2 js.stripe.com/v3/?ver=1.4.6
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 527416ab796bd758e836f950a8a1860a
c7f9bffc82f3e6256bb906fab7b5af6c431d82a5
e840c73e40fcc1cc29526180e10147bb63528b9eca379157811bad54be61dae4
GET /v3/?ver=1.4.6 HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 12 Sep 2022 20:53:26 GMT
etag: "36f589ca79cbbf198e9d4ac96dfa46be"
cache-control: max-age=60
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Tue, 13 Sep 2022 03:53:43 GMT
via: 1.1 varnish
age: 19
x-request-id: 65bbaa3d-96e0-4009-89a4-b7ebddbf5623
x-served-by: cache-bma1658-BMA
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding
timing-allow-origin: *
content-length: 83016
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ec7a5bb8e310f5c9c992cf85832d5445
e32b8e200a79da9008985e8e6c272f35b02581c5
6391e4c68631e272509ade559b8f568b03dd88be1956906332ae584f9faee00a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:53:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hareksaman999.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.0.1
200 OK 237 B URL HTTP/2 hareksaman999.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.0.1
IP
Hash 83042c9c72bc38390b52906120f81c35
98a9789c05c0f981dca01d2c3622b5e458ba7589
a193b2efbe3e706cc8c633fff822f5a64eb0ee5f692c4a3495f3c7e58e8b7637
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.0.1 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Thu, 04 Aug 2022 07:11:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 237
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1
200 OK 11 kB URL HTTP/2 hareksaman999.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1
IP
File type ASCII text, with very long lines (43771)
Hash d45207ee05c1f0c57dfa075e61405ccd
a8d35143a2d828a739ea0fdde75f97d33621e7ec
a9a4adbbcee31ec277f1bdd573eef97dc4341f29f2db3b5685a02dfe4d2fe9bb
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.1 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Tue, 02 Aug 2022 21:40:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10946
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.0.0
200 OK 1.1 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.0.0
IP
File type ASCII text, with very long lines (4933), with no line terminators
Hash 8f2da34c6f082c7bec00f9cca661fd59
d0de5b6b29a9788a64826b833465a9d08f7c2ab7
d461fea6636b26aab698f636b2518709cb79416c7d3916d6b03497c4d75befdd
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.0.0 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Wed, 19 Jan 2022 02:24:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1109
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/invoicing/vendor/ayecode/wp-ayecode-ui/assets/css/ayecode-ui-compatibility.css?ver=0.1.72
200 OK 33 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/invoicing/vendor/ayecode/wp-ayecode-ui/assets/css/ayecode-ui-compatibility.css?ver=0.1.72
IP
File type ASCII text, with very long lines (65067)
Hash 77ab55385c33a3da2a1bcf571cedc783
35f61cfad3b914cc62e55c1d18da73b1727c6802
4f04cd8650c51d8f1dae3005e1f9a8ddbde1e69e2153b53bfb41f2b17f02ab58
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/invoicing/vendor/ayecode/wp-ayecode-ui/assets/css/ayecode-ui-compatibility.css?ver=0.1.72 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Wed, 22 Jun 2022 12:21:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 32985
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
uploads.commoninja.com/searchengine/wordpress/esewa.png
200 OK 5.9 kB URL HTTP/2 uploads.commoninja.com/searchengine/wordpress/esewa.png
IP
File type PNG image data, 256 x 255, 8-bit/color RGBA, non-interlaced\012- data
Hash 6631bb45c903abbc48ca34cd8e15fa04
397ea79abdea8c4ba7da2a62528df4ce4018f100
e0e90364d4fec3bfae48dccee0c6dc6251e06fb19280027738e7cf1fbc13d146
GET /searchengine/wordpress/esewa.png HTTP/1.1
Host: uploads.commoninja.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 03:53:44 GMT
content-type: image/png
content-length: 5946
last-modified: Tue, 04 May 2021 10:24:49 GMT
etag: "6631bb45c903abbc48ca34cd8e15fa04"
cache-control: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OM_Atl2kTM9wn9Csb4L2EKy45hGsDzZpcGIPLzaIXIssA5Nazj0Tfg==
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749defff4c51b529-OSL
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.0.0
200 OK 21 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.0.0
IP
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash 844842439ba060ee255a40ec00e69ff5
a37c3b78aeea3c7d58a6e59bfa99ff3d81ec5b8c
169af0ea951379b0d2a47976e8e76c6684fb2c92146e23c31e57079b9cacdba2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.0.0 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Tue, 26 Jul 2022 07:28:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 20786
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/Perfect-Money-Custom-Payment-Getway-By-mdazizul.com_/css/style.css?ver=6.0.1
200 OK 173 B URL HTTP/2 hareksaman999.com/wp-content/plugins/Perfect-Money-Custom-Payment-Getway-By-mdazizul.com_/css/style.css?ver=6.0.1
IP
Hash d4ed8928e0ec1ba709cb82a552074cef
9683266fd8d020395b19eb436b58e9707de6c59f
8af9da4b89d8406be2692e744a5d144865f505369e54275b9288becc0f2a662f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/Perfect-Money-Custom-Payment-Getway-By-mdazizul.com_/css/style.css?ver=6.0.1 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Thu, 04 Aug 2022 11:57:51 GMT
accept-ranges: bytes
content-length: 173
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/everest-forms/assets/css/everest-forms.css?ver=1.9.2
200 OK 3.7 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/everest-forms/assets/css/everest-forms.css?ver=1.9.2
IP
File type ASCII text, with very long lines (31693), with no line terminators
Hash 850cb80039a0c9e97f6a64e7be629fe2
7130e825db863c36d6f3994fbbbbe5ad940e83c0
1e53bcf1ee63baa2a75f6ac1cfc8256a6b85208e2cd861aabf6e2bd151439b13
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/everest-forms/assets/css/everest-forms.css?ver=1.9.2 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Thu, 03 Feb 2022 15:47:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3656
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/add-to-cart-direct-checkout-for-woocommerce/public/css/pi-dcw-public.css?ver=2.1.33
200 OK 294 B URL HTTP/2 hareksaman999.com/wp-content/plugins/add-to-cart-direct-checkout-for-woocommerce/public/css/pi-dcw-public.css?ver=2.1.33
IP
File type ASCII text, with CRLF line terminators
Hash e52994b2f95d8cf696d0f6080875cebe
ed50472c8a2768889869f1a5fac82728682b174d
71496e13203d537ccbe993281143b9b686cc297d9e6a63fdf1dc92f2850478c4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/add-to-cart-direct-checkout-for-woocommerce/public/css/pi-dcw-public.css?ver=2.1.33 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Wed, 14 Apr 2021 08:48:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 294
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woo-multi-currency/css/woo-multi-currency.min.css?ver=2.1.23
200 OK 2.0 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/woo-multi-currency/css/woo-multi-currency.min.css?ver=2.1.23
IP
File type Unicode text, UTF-8 text, with very long lines (13451), with no line terminators
Hash b11408ee636e62f2e36cdf26745ddbb5
479d8da82e4801df5fe622f1f10192ab67628957
22c5d9899a4c54b482e745cf4e0257eb0763d5c75aeefce73d9cbdba9aae9a29
GET /wp-content/plugins/woo-multi-currency/css/woo-multi-currency.min.css?ver=2.1.23 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Thu, 02 Jun 2022 08:17:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2038
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-includes/css/dashicons.min.css?ver=6.0.1
200 OK 35 kB URL HTTP/2 hareksaman999.com/wp-includes/css/dashicons.min.css?ver=6.0.1
IP
File type ASCII text, with very long lines (58981)
Hash 54c5bfb8a890d87139d9abfe01662c83
f9eddf5b8a3269e6d6fa40b4f13083705e6267c6
9685e5cabe4efc8c85e986725af8009b306416aad3ecc9086ca5bb12b84ce4ef
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dashicons.min.css?ver=6.0.1 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Thu, 04 Mar 2021 07:46:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 35110
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woo-multi-currency/css/flags-64.min.css?ver=6.0.1
200 OK 1.2 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/woo-multi-currency/css/flags-64.min.css?ver=6.0.1
IP
File type ASCII text, with very long lines (14739), with no line terminators
Hash b80bd1a7c686d5f2e06e43f77614b55b
c0f9de2777e079f151dbbc6442f55ef410c00b08
8f465f4931fc3107b427bdecc12e164bbb9993fc577d38d9c239f7819ea2ea94
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woo-multi-currency/css/flags-64.min.css?ver=6.0.1 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Mon, 20 Jun 2022 11:27:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1173
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woocommerce-products-filter/css/front.css?ver=1.2.9.2
200 OK 4.7 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/woocommerce-products-filter/css/front.css?ver=1.2.9.2
IP
Hash 3bb3505a7313fd3f22253d4d4d2601d9
225e45eb1f74e359eb1e976e224233e39e8469f3
7db6012d53de03f79ae6b502488144dad085fbd86f7e7fb44e741a01c18a4d0d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce-products-filter/css/front.css?ver=1.2.9.2 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Tue, 21 Jun 2022 14:01:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4742
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woocommerce-products-filter/js/icheck/skins/square/blue.css?ver=1.2.9.2
200 OK 374 B URL HTTP/2 hareksaman999.com/wp-content/plugins/woocommerce-products-filter/js/icheck/skins/square/blue.css?ver=1.2.9.2
IP
Hash 49f3c42606c699a26fbd8d5061465c96
c7b7c74bef242a00f8fc66832696ec9af9704502
14e899427a89ea5a2f22a05a6b8e947d3b7370981d5b88692a0de2eaebee7723
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce-products-filter/js/icheck/skins/square/blue.css?ver=1.2.9.2 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Wed, 04 Aug 2021 02:31:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 374
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woocommerce-products-filter/js/chosen/chosen.min.css?ver=1.2.9.2
200 OK 1.9 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/woocommerce-products-filter/js/chosen/chosen.min.css?ver=1.2.9.2
IP
File type ASCII text, with very long lines (372)
Hash 0602c912830844719cf5132c86066e8e
1a1b17a9672c6efadf66e32c0a2db9db9fb448a8
a4afd9a6f79e825c9bb15b034f9e75e7a41b7e20f8b693f376c368b4e0d5b88b
GET /wp-content/plugins/woocommerce-products-filter/js/chosen/chosen.min.css?ver=1.2.9.2 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Tue, 21 Jun 2022 14:01:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1898
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woocommerce-products-filter/ext/by_onsales/css/by_onsales.css?ver=1.2.9.2
200 OK 57 B URL HTTP/2 hareksaman999.com/wp-content/plugins/woocommerce-products-filter/ext/by_onsales/css/by_onsales.css?ver=1.2.9.2
IP
Hash cf3a71f4f059554809a6c493edab94b3
9e60e866175163112070257aee5019a825c8a024
46c9eb24d0df1f5ebcc4885f9b7eedc7de9998fd9052116b25a5f0fd2a90bc97
GET /wp-content/plugins/woocommerce-products-filter/ext/by_onsales/css/by_onsales.css?ver=1.2.9.2 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Mon, 23 Sep 2019 16:18:06 GMT
accept-ranges: bytes
content-length: 57
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woocommerce-products-filter/ext/label/css/html_types/label.css?ver=1.2.9.2
200 OK 344 B URL HTTP/2 hareksaman999.com/wp-content/plugins/woocommerce-products-filter/ext/label/css/html_types/label.css?ver=1.2.9.2
IP
Hash 88830c96068a2ae24d2b79773f723fc6
e17ff5f2c6669aa94714dc7b48070eb8158cc343
e4a00fd7450a9709046662bcf0a18f370cbd05219858344e36d35f5a919083cd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce-products-filter/ext/label/css/html_types/label.css?ver=1.2.9.2 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Tue, 21 Jun 2022 14:01:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 344
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.8.0
200 OK 2.3 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.8.0
IP
File type ASCII text, with very long lines (17809), with no line terminators
Hash 09d93f4de720fc11a2944fea38fcafcd
e46cf6a8d3373c7fa5feba0b30cd9b9983f719b2
cf900721be13309b96cf6c6f56b1c0a40194e8aea1b0a0361739219c9c0f9998
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.8.0 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Wed, 22 Dec 2021 00:24:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2329
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/themes/zakra/assets/css/woocommerce.css?ver=2.1.3
200 OK 2.0 kB URL HTTP/2 hareksaman999.com/wp-content/themes/zakra/assets/css/woocommerce.css?ver=2.1.3
IP
File type ASCII text, with very long lines (522)
Hash 19c02208b3af384a58b2b9717027072a
acbd88cf91eac48ec12289282c8aa8866e2dce63
0aa7cd0deb7137ac5334ea8547d1dd0b1f424a748fb37fb7c088275bfc0100c2
GET /wp-content/themes/zakra/assets/css/woocommerce.css?ver=2.1.3 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Thu, 11 Aug 2022 09:30:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1970
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.8.0
200 OK 8.4 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.8.0
IP
File type Unicode text, UTF-8 text, with very long lines (62753), with no line terminators
Hash 60aea8fe062ea93aa6dfa342ea23b7fd
bf9a4843acf8f1f116ef2cae7fb40a9a2f37253a
7db430ef3124de87a8a33cf0ffe134a86bff67de803eea16f4b3ed4d2d569d4f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.8.0 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Wed, 22 Dec 2021 00:24:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8432
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woocommerce-products-filter/ext/by_text/assets/css/front.css?ver=1.2.9.2
200 OK 1.2 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/woocommerce-products-filter/ext/by_text/assets/css/front.css?ver=1.2.9.2
IP
Hash 4c6cd7ec2afc77161c9e8cc6e4a987f4
4a85cecdff2c926fad0f84836e4fdd98418de694
c1d3b560fd41e4c36d71646846ca79e18b19d27907170f5f713321664afa4522
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce-products-filter/ext/by_text/assets/css/front.css?ver=1.2.9.2 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Fri, 15 Jul 2022 02:57:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1190
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/themes/zakra/style.css?ver=2.1.3
200 OK 9.5 kB URL HTTP/2 hareksaman999.com/wp-content/themes/zakra/style.css?ver=2.1.3
IP
File type ASCII text, with very long lines (1208)
Hash 8938872d51823ebabf99b7637e9537ee
5a7074a3bddfaef7d87447f3bf06af8adbb83f19
24a9b7b2f9298cbb910645e0d1955160236d38a7f8f36fd7fb070c4e66414901
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/zakra/style.css?ver=2.1.3 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Thu, 11 Aug 2022 09:30:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9461
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.7.1
200 OK 4.0 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.7.1
IP
File type ASCII text, with very long lines (26516)
Hash 32699c444a181cd316ee6cb56688144a
1366537c3db165e86947a2e963407283a1ea5b58
6b6910bbb4dacf40ae040c445dd7dd1871097c97a1520b6d5f528d7d88c072a4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.7.1 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3987
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.6.5
200 OK 1.5 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.6.5
IP
File type ASCII text, with very long lines (11362)
Hash 18aae71c1a70ffd06aeb9df0e1cfbe0f
6638ca18792459391a21f0f3ac867dd919d99b8c
dbdf44256dbb506f3921c9beaccd92ec124b58d8c5e7ceae96712cc4fed4f403
GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.6.5 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Wed, 11 May 2022 23:32:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1505
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
200 OK 283 B URL HTTP/2 hareksaman999.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
IP
File type ASCII text, with very long lines (491)
Hash 453a93dc816be89f942ebb253ff199fb
01563d6019803e3ff2a94c5397e7e771ee6f440d
36beebcd3778e04c8973faa581d07c7e7dc0bac2a77f637379e7d110383ab5d7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 283
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.1
200 OK 12 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.1
IP
File type ASCII text, with very long lines (59158)
Hash 178f113615fea1b059cb42a9fcc9bb3d
a309d33fbab460ecc17467c18f99825c03ce039c
9fc6c8540b2078cfcec74cbd21ef6cedf7e2a4ec99d46a4868111eb601572859
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.1 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12380
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
200 OK 12 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP
File type ASCII text, with very long lines (57726)
Hash f463afd8661ddc733305df1f0cbdaff2
77262f0209e75e340eb7014aba9cd8d69966032f
c4b6541be58a0ca61549cd4562850315077880c459c019f01e835cf2d7b764de
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12133
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/uploads/elementor/css/post-3049.css?ver=1662052575
200 OK 335 B URL HTTP/2 hareksaman999.com/wp-content/uploads/elementor/css/post-3049.css?ver=1662052575
IP
File type ASCII text, with very long lines (1184), with no line terminators
Hash 5d41ce99726e0a9eef7c2bc5959bd8f5
bbd376a7650f8ffad7eda66c773465e98230bff7
1a6389bec41e5c400f71fd42836570fe913a7135f38ede1138cbd91f1a0028ab
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-3049.css?ver=1662052575 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Sun, 14 Aug 2022 10:59:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 335
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/uploads/elementor/css/post-646.css?ver=1662126955
200 OK 3.0 kB URL HTTP/2 hareksaman999.com/wp-content/uploads/elementor/css/post-646.css?ver=1662126955
IP
File type ASCII text, with very long lines (40157), with no line terminators
Hash bc6268f03e12e975801dd951b305bda5
ade5ae374cf2936aa58416335f593808e558d512
b8276800cadaff1f1d30fd48871ad62b79093232c880e182b52d1ff7f6739b7a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-646.css?ver=1662126955 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 23:24:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3011
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
200 OK 31 kB URL HTTP/2 hareksaman999.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
File type ASCII text, with very long lines (65447)
Hash 5a89c75f360a565913ca3e205dc4ff3d
aece59c9d5c4b275a1949f8cf7d590e618bb963c
b10c72db6a3abcda513cb9bb8d4449b8602a1458f78b9b6378a3ae15f82752ae
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Thu, 11 Mar 2021 01:37:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 31197
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
200 OK 3.6 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP
File type ASCII text, with very long lines (19233)
Hash af3bdf44d09914e8adb51fec560d8816
84bb225e096bab405868dd504e62133ba75cf1c1
4325dab21d3eb9efb8e285a0926be743f27e46446ccf5f9be65bb4b60c024152
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Mon, 01 Aug 2022 04:11:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3629
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.1
200 OK 13 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.1
IP
File type ASCII text, with very long lines (65497)
Hash 80c032eb52bb330e7ab101fb2cecf890
190742b7dc21eef1c09319ecc56a35cd058bc6aa
27e4ce44e91f44ac81759eae985b981f237012d9374437e73f1e5612314f2fcd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.1 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Sun, 14 Aug 2022 12:28:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12973
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
200 OK 286 B URL HTTP/2 hareksaman999.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP
File type ASCII text, with very long lines (483)
Hash 8828fa3c5bdcfa66615714a2b8c9d807
4f556d0b005ac7754af607418df445f8cf98e8b1
16950dcce60bc3ee2613b60439c99e7ed74d10245f59fe6f68346b7e72dd95e7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 286
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6491
Expires: Tue, 13 Sep 2022 05:41:55 GMT
Date: Tue, 13 Sep 2022 03:53:44 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6491
Expires: Tue, 13 Sep 2022 05:41:55 GMT
Date: Tue, 13 Sep 2022 03:53:44 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6491
Expires: Tue, 13 Sep 2022 05:41:55 GMT
Date: Tue, 13 Sep 2022 03:53:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9bab12-4fd5-4be7-b453-25dfb0d4c606.jpeg
200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9bab12-4fd5-4be7-b453-25dfb0d4c606.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c824a7db30839607b01c7a164f6f6ec
bbab791971056750a46dd6ed9c5d7c8e12ab457e
872262a28a383a9eafd1f453014a3edfde4872160b772874271be6358a47449f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9bab12-4fd5-4be7-b453-25dfb0d4c606.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9606
x-amzn-requestid: bf72ce8c-1272-42df-8958-d392210106c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIR7NFh2oAMFXIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631996ad-4646091a428db21e2dce1a61;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 07:15:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4skZVE5BinFMAJV196j5-qtDez6m26DtU8NZvU6K2VuhFnC7E1zXWw==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:49:29 GMT
age: 18255
etag: "bbab791971056750a46dd6ed9c5d7c8e12ab457e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9ab2ec10c79b91d15edb1d1e3dc763c
744fee4a0baa22ba3aa352d60620a916972b47dd
f7bb66f5bb572d73f936fc74823f51ede1f2c4e309a939b39d9529ff8f757fbe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9945
x-amzn-requestid: a347749f-a63a-4533-a274-7151b9f235ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXcX8HAKoAMF5EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa765-56cff18515b2a5b3397231df;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:40:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 43wWNADffkA0e8T-SYvAMjp266nAE5hrDjNMQQsuYeT0i6xQt7wLVg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:55:34 GMT
age: 21490
etag: "744fee4a0baa22ba3aa352d60620a916972b47dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F898fa8c6-1f06-4fa4-88d0-333a32c1a7a8.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F898fa8c6-1f06-4fa4-88d0-333a32c1a7a8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 019416755742a78ddf35671ba5eaccc7
ec2e96359ef3a236514cab21af80ea5b9420e9c3
a6b0e0ec56c2ce2f94dae8032e0deb297236c35f7a8928a14a254e3fdb2a255a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F898fa8c6-1f06-4fa4-88d0-333a32c1a7a8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10245
x-amzn-requestid: 20d58a44-c942-46a8-9136-a824d775275c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLNZPFsjoAMFv7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ac2a1-24d2272a61fd0f39088251b4;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 04:35:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2E2yaVqFHLXdfuJns8hs9DNomHNQWVNVSeZSCMdD2W7bGMMgA0QoZQ==
via: 1.1 024f97192fe648974da2251fbcc71f38.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:17:59 GMT
age: 20145
etag: "ec2e96359ef3a236514cab21af80ea5b9420e9c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106eeeca-4365-4ffc-b701-f952d0b09dcb.jpeg
200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106eeeca-4365-4ffc-b701-f952d0b09dcb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 47e1f64348aa12d707bf070f39877c7e
7a1f13d32de956fd50fccba0f813fb71bda79f63
9b3cee8039a2adb1291006a9ad55cd5032a2a6c10de3c5f57222692b02c0faac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106eeeca-4365-4ffc-b701-f952d0b09dcb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7965
x-amzn-requestid: c0ddd7c6-9709-4251-8e7b-4a551f9a7d2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YBro8EjxIAMFi0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6316f305-26023e0714937dca063dcbfa;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 07:13:09 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: M8hApWUPiRtGNRAjsaGnjo2w9myX6knC1Rk0-reejbUO7aVqYPttRw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 23:23:42 GMT
age: 16202
etag: "7a1f13d32de956fd50fccba0f813fb71bda79f63"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F909eacf9-8e5f-4cbb-aa74-803702af05cc.jpeg
200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F909eacf9-8e5f-4cbb-aa74-803702af05cc.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 72d299fa183dd450fc6a065c6705d8f8
b92938c3202d126a14c2b5188a10bff2a6e5cdbb
33e34e0f624b1a8e1a502ce9087b507f631a3debe0c7c5e62ba528114b1e0cd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F909eacf9-8e5f-4cbb-aa74-803702af05cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7170
x-amzn-requestid: 00af58fc-9faf-4c4e-8650-f9f7013a0708
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXbw2HqjoAMFjVg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa66b-42d241ad62d240b10368efb1;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:36:43 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: XxHrSf4TfYOv8k2DrepWg3Mdm1za4uxiwhP4tF0nbJamiRbOPeBp3A==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:47:05 GMT
age: 21999
etag: "b92938c3202d126a14c2b5188a10bff2a6e5cdbb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
c7.alamy.com/comp/3/bc7aa0fa8df2475680977c9679e5413e/f4a4k1.jpg
200 OK 26 kB URL HTTP/2 c7.alamy.com/comp/3/bc7aa0fa8df2475680977c9679e5413e/f4a4k1.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 300x320, components 3\012- data
Hash 06023cbe72cc0736e3727bf758cb428a
eedad0954c4ef22e746b0a44db9942d9294276ab
bb0106ba1c729e7a86c5848ba2307c44bc5ee88b15cb4c5ef936e8718d380bf0
GET /comp/3/bc7aa0fa8df2475680977c9679e5413e/f4a4k1.jpg HTTP/1.1
Host: c7.alamy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
date: Tue, 13 Sep 2022 03:35:50 GMT
cache-control: max-age=604800
access-control-allow-origin: *
last-modified: Tue Oct 19 2021 00:00:00 GMT+0000 (Coordinated Universal Time)
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hiw1YFTbEfMRyL3fTEczdzurBlDMp1zAc3cCcNyuGrr3EUGJeNyWEw==
age: 1073
X-Firefox-Spdy: h2
hareksaman999.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
200 OK 4.9 kB URL HTTP/2 hareksaman999.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
File type ASCII text, with very long lines (11126)
Hash eebb65c2a0bfcbbb2e9d9c427477ad5d
5cfed73f11838d6c5018a993e5ee89e58ac2b9f4
ac879952243e1f83fb4804302692a191a1caa9604641992daaff824ec69cd461
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4917
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/invoicing/vendor/ayecode/wp-ayecode-ui/assets/js/bootstrap.bundle.min.js?ver=0.1.72
200 OK 29 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/invoicing/vendor/ayecode/wp-ayecode-ui/assets/js/bootstrap.bundle.min.js?ver=0.1.72
IP
File type ASCII text, with very long lines (32016)
Hash 1ffef1d95ef25685da29fae232057ddb
4290daa331cc3a8b3659039e0c954b31de30df5e
223569da7d483e06ae823b56361ccc79ca55cd0eb366f8075e42bade8e309220
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/invoicing/vendor/ayecode/wp-ayecode-ui/assets/js/bootstrap.bundle.min.js?ver=0.1.72 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Wed, 30 Mar 2022 17:16:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 29232
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/add-to-cart-direct-checkout-for-woocommerce/public/js/pi-dcw-public.js?ver=2.1.33
200 OK 1.9 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/add-to-cart-direct-checkout-for-woocommerce/public/js/pi-dcw-public.js?ver=2.1.33
IP
File type ASCII text, with very long lines (1787), with CRLF line terminators
Hash f30556923a2e76b3fee595b94765c83e
d1ed1253fe01c7f6cc87d73568dc5887f603cc67
cb22aa8d4e54dd9de1a01c29e22adda4286e1131cb07ae59b3ca223995bafc5d
GET /wp-content/plugins/add-to-cart-direct-checkout-for-woocommerce/public/js/pi-dcw-public.js?ver=2.1.33 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 07:18:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1915
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
200 OK 284 B URL HTTP/2 hareksaman999.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
IP
File type ASCII text, with very long lines (489)
Hash dc279c928e2924b07a4a7575f8070ee8
0196756cacdb61ef40483af7ea982b699b0933de
80b6d9e3f0304f4199350c6015fd96084646c2a0121332bcb5a46d3956b7df5c
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 284
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woo-multi-currency/js/woo-multi-currency.min.js?ver=2.1.23
200 OK 2.3 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/woo-multi-currency/js/woo-multi-currency.min.js?ver=2.1.23
IP
File type ASCII text, with very long lines (5942), with no line terminators
Hash cfbcdef17ffcf555a0e660f7e341bdf5
52626e5c1536d85c130cc844a83398e2522d8263
6f3ff643d5a5b8e8148b326ae3ad6d9b6753df33caa9434df6bd1efa3251d92d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woo-multi-currency/js/woo-multi-currency.min.js?ver=2.1.23 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Sat, 18 Jun 2022 13:01:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2297
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.7.1
200 OK 5.0 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.7.1
IP
File type ASCII text, with very long lines (16656)
Hash a9cb54c063d17b78524dcf388da5a08b
78fe23ecef15f2aa2d0ce8fbf5937d13320a9f6b
d84c38cf17ca671711574971d722aaad76ff10964dc010851098018f539c15da
GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.7.1 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Thu, 07 Jan 2021 21:38:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4979
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/elementor-pro/assets/css/widget-woocommerce.min.css
200 OK 15 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/elementor-pro/assets/css/widget-woocommerce.min.css
IP
File type ASCII text, with very long lines (65493)
Hash 13e122ddaa40cd3ccf7265806e525985
3f2bbac484b96bcd5fa7b881aa91db6cb3c2f273
117cb5dbde86fc493f14545c1c138339a9dc866bc021327987ec80392e833dee
GET /wp-content/plugins/elementor-pro/assets/css/widget-woocommerce.min.css HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Wed, 11 May 2022 23:32:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 14893
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/wp-optin-wheel/public/js/public.min.js?ver=1.3.6
200 OK 4.0 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/wp-optin-wheel/public/js/public.min.js?ver=1.3.6
IP
File type ASCII text, with very long lines (3126)
Hash 2790c6114e69311be91404864243b305
7121749ab6e4c12f440498f7ed97e5e5c950bfbd
6fab614bae07d0c09b1a8415e424ea9a74dab1eb6da4af4a45d2042184b23ad0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-optin-wheel/public/js/public.min.js?ver=1.3.6 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 10:07:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3982
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
200 OK 5.5 kB URL HTTP/2 hareksaman999.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
IP
File type ASCII text, with very long lines (15660)
Hash db376ccdba8938ef007d31853f9f6e67
f26492f7fed8db0f783f78082c5d0ff5332064cd
2d075b476f15f49a11706a74a40d7d3a3f9d7ba19011257119310eb122a81724
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.1 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Tue, 02 Aug 2022 21:40:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5529
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/Perfect-Money-Custom-Payment-Getway-By-mdazizul.com_/js/scripts.js?ver=1.0
200 OK 1.0 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/Perfect-Money-Custom-Payment-Getway-By-mdazizul.com_/js/scripts.js?ver=1.0
IP
File type ASCII text, with very long lines (1791), with CRLF line terminators
Hash 2e7c9a2df256e60855bb24dba3cb456f
fa89933d7de3bd6614bdc70989f45462e34fdef4
5a2a30245a4804873b33add733f5ae2a16c2aed0bc895b2920211a3c0dce466d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/Perfect-Money-Custom-Payment-Getway-By-mdazizul.com_/js/scripts.js?ver=1.0 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 11:57:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1000
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.8.0
200 OK 974 B URL HTTP/2 hareksaman999.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.8.0
IP
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash fd8b126d3265cc6afc5b672273f78531
5058e579885cccf36c44bdeb5b7318bd75952af9
72da6709db061566cb5f67322f674a77f68acb69ac6181d37f9ca4a1bb7287b7
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.8.0 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Tue, 19 Jul 2022 23:16:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 974
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woocommerce-products-filter/js/tooltip/css/plugins/tooltipster/sideTip/themes/tooltipster-sideTip-noir.min.css?ver=1.2.9.2
200 OK 245 B URL HTTP/2 hareksaman999.com/wp-content/plugins/woocommerce-products-filter/js/tooltip/css/plugins/tooltipster/sideTip/themes/tooltipster-sideTip-noir.min.css?ver=1.2.9.2
IP
File type ASCII text, with very long lines (1324), with no line terminators
Hash 9104e0bf878b49b4c1ed04430bb60175
2838e2a7ffe68d951d62f6784fc808b2c98b266c
f913940f64b9734b3a61012479cfac4a85731e9a0fda755a73c3f7d48a3006e5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce-products-filter/js/tooltip/css/plugins/tooltipster/sideTip/themes/tooltipster-sideTip-noir.min.css?ver=1.2.9.2 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Mon, 29 Oct 2018 21:01:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 245
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/wp-optin-wheel/public/css/theme-deep-purple.css?ver=1.3.6
200 OK 147 B URL HTTP/2 hareksaman999.com/wp-content/plugins/wp-optin-wheel/public/css/theme-deep-purple.css?ver=1.3.6
IP
File type ASCII text, with very long lines (543), with no line terminators
Hash b51bc7bed5e360397c6dae6f330bfcba
f8bdc4dd6a77ee4b6458649123e84410c1929aea
1773b8d595370cfd68647df6fb578bd1878d7bbc80746144b98a763b427fd49a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-optin-wheel/public/css/theme-deep-purple.css?ver=1.3.6 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Thu, 04 Aug 2022 10:07:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 147
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v6.2.0/css/all.css?wpfas=true
200 OK 26 kB URL HTTP/2 use.fontawesome.com/releases/v6.2.0/css/all.css?wpfas=true
IP
File type ASCII text, with very long lines (65317)
Hash f3449041864f8e804e53a3d7cfc466c9
46c7857262d495fdfb0e4ac93ab332446bf7b7c1
23366ac986ab5ad95d103af6c8f21ae4459b567be61bb5c3188f4beb8a3471a3
GET /releases/v6.2.0/css/all.css?wpfas=true HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 03:53:43 GMT
content-type: text/css
x-amz-id-2: rcjdRn1L0sPqEvOS10AHMAVCN8VKf/mDvOVmg9E/1FUe7rs9ZBgY6fCoEen81q/C8oj+yxRnghg=
x-amz-request-id: F0TSVZ8A3RWD6CJK
last-modified: Tue, 30 Aug 2022 16:39:37 GMT
etag: W/"6cb5a85b30082e3d59d7e371e002ce8d"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1060879
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BF5dEdiY5uU1RFlXxu5F07tqeDE6T1kxUonqQXQyamfoUwLsPa5qorUZ16JNemyIN2RN%2F2kirmAOB2V%2FyGnJqH%2FgwR2ajzi3uu7GuyVhCXd60K26aL%2Fl9Ar99cX7%2Bj6OPPPPeUP4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749deffe98dfb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hareksaman999.com/
200 OK 43 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (21194), with CRLF, LF line terminators
Hash 62c17eb0f1a6b58223056f0a115d0b33
015e95f9b990f8f04a95ec873cad2b7f53b521b5
9a225d7abab1443e6330082f303ac2ed84ef4e67ecc5fd4a686c441d57e50345
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.4.30
content-type: text/html; charset=UTF-8
link: <https://hareksaman999.com/wp-json/>; rel="https://api.w.org/", <https://hareksaman999.com/wp-json/wp/v2/pages/646>; rel="alternate"; type="application/json", <https://hareksaman999.com/>; rel=shortlink
etag: "10-1663037495;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woocommerce-products-filter/js/tooltip/css/tooltipster.bundle.min.css?ver=1.2.9.2
200 OK 989 B URL HTTP/2 hareksaman999.com/wp-content/plugins/woocommerce-products-filter/js/tooltip/css/tooltipster.bundle.min.css?ver=1.2.9.2
IP
File type ASCII text, with very long lines (6495), with no line terminators
Hash c00ebc5ec5da17ab205229ba51fbb310
b23f9bb753c3d412d9ce07eac4ca4ed50d25ca3a
195f2a6de0f22d0d177a8aacb23986ab3296480ff68caddf9e6faa9113345afd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce-products-filter/js/tooltip/css/tooltipster.bundle.min.css?ver=1.2.9.2 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Mon, 29 Oct 2018 21:01:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 989
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.0
200 OK 899 B URL HTTP/2 hareksaman999.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.0
IP
File type ASCII text, with very long lines (1668)
Hash 22d65ba38528349e705d912ce26bf8ac
c89ba006009043d93b88ff155b4fec8797330550
6253bcb85e4267ad3ba843145534e729ee2c1d7e85e5b4ab5b2e074ae636bca3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.0 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Wed, 20 Jan 2021 04:55:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 899
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.0
200 OK 934 B URL HTTP/2 hareksaman999.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.0
IP
File type ASCII text, with very long lines (2938), with no line terminators
Hash cf25dd071a208312bdc07f34d2cee027
76119563119eaae392ecc8903c989d98d0b93002
8635ba2cad8f887e72779bd526f8738ff6343c74cba715caf2eddea383ba7ce6
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.0 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Wed, 24 Nov 2021 03:30:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 934
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/invoicing/assets/js/payment-forms.js?ver=1660129254
200 OK 6.1 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/invoicing/assets/js/payment-forms.js?ver=1660129254
IP
File type ASCII text, with very long lines (24022), with no line terminators
Hash fdae0a7a08f7a0fc19bdabb5a08787d8
8b46499242ec07822f6aeaa24855dc468ec9c563
4ea630cde528f3e6c28cf1d95471a5cf506264f87d4bd2b33485ab0a690aac8c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/invoicing/assets/js/payment-forms.js?ver=1660129254 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Wed, 10 Aug 2022 11:00:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6075
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/wp-optin-wheel/public/css/public.min.css?ver=1.3.6
200 OK 1.9 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/wp-optin-wheel/public/css/public.min.css?ver=1.3.6
IP
File type ASCII text, with very long lines (9537), with no line terminators
Hash a805eb4e50e983c292681e3cb0df31c4
aa0def40475853281445ca62d7b80b5013b04968
a39d6ba15c243a9b5df462493166bff70d3e0ee0ecbe7f674f7f6505e45c6e80
GET /wp-content/plugins/wp-optin-wheel/public/css/public.min.css?ver=1.3.6 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: text/css
last-modified: Thu, 04 Aug 2022 10:07:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1861
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/themes/zakra/assets/js/skip-link-focus-fix.min.js?ver=20151215
200 OK 1.1 kB URL HTTP/2 hareksaman999.com/wp-content/themes/zakra/assets/js/skip-link-focus-fix.min.js?ver=20151215
IP
File type ASCII text, with very long lines (2114), with no line terminators
Hash a709e33491a3e4f121087bb2aba9e8ff
8eb8e59c1679c3f035371a07844db51904bdca8d
0a983325cddb2c27f5254bb4bb48f672f545c31ffc075644ae5fa1b7a12798ed
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/zakra/assets/js/skip-link-focus-fix.min.js?ver=20151215 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Wed, 09 Jun 2021 16:59:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1066
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/themes/zakra/assets/js/zakra-custom.min.js?ver=6.0.1
200 OK 2.3 kB URL HTTP/2 hareksaman999.com/wp-content/themes/zakra/assets/js/zakra-custom.min.js?ver=6.0.1
IP
File type ASCII text, with very long lines (6517), with no line terminators
Hash afa8507148c7f3e300e05bc43fb2c5be
1a33f5efc021f54862233bd2ff37c2d6ed953fdf
5e704a3201089790b7e1dff5771e10c9c3351d2fc0ea9fea33b660f9f4c4e61b
GET /wp-content/themes/zakra/assets/js/zakra-custom.min.js?ver=6.0.1 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Wed, 03 Aug 2022 16:34:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2295
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woocommerce-products-filter/ext/by_text/assets/js/husky.js?ver=1.2.9.2
200 OK 3.9 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/woocommerce-products-filter/ext/by_text/assets/js/husky.js?ver=1.2.9.2
IP
File type C++ source textAlgol 68 source text\012- Pascal source, ASCII text, with very long lines (1787)
Hash f87696df16bec2dd0f4b79090d40d4ac
98760caf2b81d5a408e6c47d7527ef1371d8de8c
ea8627d41417a0af77a2e6c4f4ca40d9fa7d25af6b862d97d29a64f42a65cfd3
GET /wp-content/plugins/woocommerce-products-filter/ext/by_text/assets/js/husky.js?ver=1.2.9.2 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Fri, 15 Jul 2022 02:57:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3869
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/themes/zakra/assets/js/navigation.min.js?ver=20151215
200 OK 2.3 kB URL HTTP/2 hareksaman999.com/wp-content/themes/zakra/assets/js/navigation.min.js?ver=20151215
IP
File type ASCII text, with very long lines (6232), with no line terminators
Hash 78bb65f8ea67eb78388f6535c6f192cc
e5e87517860c6ae0a57f075ea6dd09c1959a5e20
8261b3287e38c10d05442171cbc942e27d79b68cbf8ae238382b9630c5d2e911
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/zakra/assets/js/navigation.min.js?ver=20151215 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Fri, 10 Jun 2022 13:20:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2285
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woocommerce-products-filter/ext/by_onsales/js/by_onsales.js?ver=1.2.9.2
200 OK 1.2 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/woocommerce-products-filter/ext/by_onsales/js/by_onsales.js?ver=1.2.9.2
IP
File type ASCII text, with very long lines (1787)
Hash 600d878ed687ff17a4cf09ab6feed21f
d7e63628e44a84925a273105c6244992f8d0bb07
617c22d8a8ba73d05ec53a0e071d69437aae9043125d71d837429f4b40de9bd7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce-products-filter/ext/by_onsales/js/by_onsales.js?ver=1.2.9.2 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Wed, 04 Aug 2021 02:31:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1232
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woocommerce-products-filter/js/icheck/icheck.min.js?ver=1.2.9.2
200 OK 3.0 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/woocommerce-products-filter/js/icheck/icheck.min.js?ver=1.2.9.2
IP
File type ASCII text, with very long lines (2189)
Hash 2fd1992524a988ebbd36e7fe8103732b
51550a6e5002b3ad066f756a71089f3f5ca4fda8
9896f7f1345fd658a46009838ae515c4e7054e45262a8aba5711b7ea7a3fd4a3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce-products-filter/js/icheck/icheck.min.js?ver=1.2.9.2 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Wed, 04 Aug 2021 02:31:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3010
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woocommerce-products-filter/js/tooltip/js/tooltipster.bundle.min.js?ver=1.2.9.2
200 OK 11 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/woocommerce-products-filter/js/tooltip/js/tooltipster.bundle.min.js?ver=1.2.9.2
IP
File type ASCII text, with very long lines (31915)
Hash 0a325a40b9bd897dc6576267beaf447c
54c3b07bb5b9e3e86272ff89657daf2c84c93a0e
14a59fd36c31fc2ebe8251311fdc5eb0338c8b2923078ec982afd171cb823b14
GET /wp-content/plugins/woocommerce-products-filter/js/tooltip/js/tooltipster.bundle.min.js?ver=1.2.9.2 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Wed, 04 Aug 2021 02:31:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10693
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woocommerce-products-filter/js/html_types/mselect.js?ver=1.2.9.2
200 OK 1.5 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/woocommerce-products-filter/js/html_types/mselect.js?ver=1.2.9.2
IP
File type ASCII text, with very long lines (1787)
Hash 69772c57e46e5930bda4feef17d24bf6
72e5e1898be5600b37ed1061cbdd165aa648c73f
378bfbfd6392ca7a05eb5d416bea9ff687ecb3f08f5dd5087cf76d7fb105d012
GET /wp-content/plugins/woocommerce-products-filter/js/html_types/mselect.js?ver=1.2.9.2 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Tue, 21 Jun 2022 14:01:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1549
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woocommerce-products-filter/ext/by_text/assets/js/front.js?ver=1.2.9.2
200 OK 1.5 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/woocommerce-products-filter/ext/by_text/assets/js/front.js?ver=1.2.9.2
IP
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (1788)
Hash b9e945feea08fa03cfd4def698de365a
49deafec7ea7428e9209cf7e88f4eea7f4bbde97
8cf89d1846cc0adacca0e30d08a20043c93ee587f2a426e5bad0d596ae0d4809
GET /wp-content/plugins/woocommerce-products-filter/ext/by_text/assets/js/front.js?ver=1.2.9.2 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Wed, 01 Jun 2022 01:41:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1452
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woocommerce-products-filter/js/html_types/select.js?ver=1.2.9.2
200 OK 1.3 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/woocommerce-products-filter/js/html_types/select.js?ver=1.2.9.2
IP
File type ASCII text, with very long lines (1787)
Hash 198061117658ea5293e0062334df886d
e852988122b5dbed46823b4bf4b2b484598170d0
868cd080b8262a955a163f11bce8ffa9d9eae284788a0d98f0324fd51f57ecc0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce-products-filter/js/html_types/select.js?ver=1.2.9.2 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Tue, 21 Jun 2022 14:01:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1319
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.12.1
200 OK 2.8 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.12.1
IP
File type ASCII text, with very long lines (7807), with no line terminators
Hash 553838e5da015ed99a12d762e12ecf78
981feac73d15668434bcf84090ad069db4a01bdd
e988142597279e98cc9a48ff65560822f7367f10beec01712da72e962f626d60
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.12.1 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Wed, 17 Aug 2022 08:51:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2763
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woocommerce-products-filter/js/html_types/checkbox.js?ver=1.2.9.2
200 OK 1.7 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/woocommerce-products-filter/js/html_types/checkbox.js?ver=1.2.9.2
IP
File type ASCII text, with very long lines (1787)
Hash 597b40f275b4e86c1e16289b63260fee
35bd155716869a9d89e6f418e8ab454feb5c7eb4
22212691e2899ce5689e9781c1ed49607490ee5e237d93f64582ea6568ca4379
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce-products-filter/js/html_types/checkbox.js?ver=1.2.9.2 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Wed, 01 Jun 2022 01:41:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1683
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woocommerce-products-filter/js/html_types/radio.js?ver=1.2.9.2
200 OK 1.6 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/woocommerce-products-filter/js/html_types/radio.js?ver=1.2.9.2
IP
File type ASCII text, with very long lines (1787)
Hash e76de6ac5aab26376fc87b3815f3fe45
da23ec5ac0992ebcc4e9a2d45b5055d062a36edd
629c4f9ec3aacc1fcbb31a101a95afa8297828236991908297fa45cada625bcb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce-products-filter/js/html_types/radio.js?ver=1.2.9.2 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Wed, 04 Aug 2021 02:31:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1593
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woocommerce-products-filter/js/chosen/chosen.jquery.js?ver=1.2.9.2
200 OK 9.4 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/woocommerce-products-filter/js/chosen/chosen.jquery.js?ver=1.2.9.2
IP
File type ASCII text, with very long lines (1787)
Hash 1cc9bafc3af5be8e23af3d8247f3bb61
df0502ad595a282a847acf69a2ae78c06d4178c9
2612e5239f99770157dcc90b82b8fb8da75b1af3936bfad0aaefdea4ab233da4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce-products-filter/js/chosen/chosen.jquery.js?ver=1.2.9.2 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Wed, 04 Aug 2021 02:31:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9389
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.6.5
200 OK 3.1 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.6.5
IP
File type ASCII text, with very long lines (6869)
Hash 9f86c0f7099cd53fea48b6a4f2863b47
61a218c50f5e9e39bf83792f154c38a8bf6b1f37
fbcfedd0be5bdcc551f0714a85e385a1e023b30409b3fd84f9993fc349cc9b89
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.6.5 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Wed, 11 May 2022 23:32:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3085
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woocommerce-products-filter/ext/label/js/html_types/label.js?ver=1.2.9.2
200 OK 1.4 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/woocommerce-products-filter/ext/label/js/html_types/label.js?ver=1.2.9.2
IP
File type ASCII text, with very long lines (1787)
Hash 930b5b4a9ce6aa212c90a8b73870406e
8e0379a02e7ed84830936e2d50ec8c73d688ffde
5b9bf425692a7746cd571fe843407290037d76847f2cbf2bfd866191e5ddccf7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce-products-filter/ext/label/js/html_types/label.js?ver=1.2.9.2 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Wed, 04 Aug 2021 02:31:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1416
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
200 OK 3.3 kB URL HTTP/2 hareksaman999.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP
File type ASCII text, with very long lines (8262), with no line terminators
Hash 995afe9810191f5567d9528309d3a26c
058ac6fa848546ae6585c3c2a0675af53e96cf82
b23f8ae056cbc1f9535229ebf1bc24c594be3607f406ceda731d8a96e2280de0
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Tue, 02 Aug 2022 21:40:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3289
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
200 OK 4.6 kB URL HTTP/2 hareksaman999.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
IP
Hash a2680a1799adcf87a13e7a67ddc58f80
9409a5361c3a9ca13a307f708e7535d1f67f9d12
d70b071b628d2d6cd809f09ec247671c3d5f2289d91e58e79ada4b1c57458d2d
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Tue, 02 Aug 2022 21:40:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4647
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
200 OK 3.8 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP
File type ASCII text, with very long lines (13985), with no line terminators
Hash 52d324e57a4b372fc47da55199dbbdb3
06821840784986672db9f6d7c6ae1a19ea7f4f74
ac10b30156503e6bbd25dc313dc936bdf7456ff24222a8f86a46252f5268b358
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Wed, 11 Jan 2017 21:35:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3799
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.6.5
200 OK 6.3 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.6.5
IP
File type ASCII text, with very long lines (22457)
Hash a99a4bc6c5ca2d261f5a54be9a08e534
5b8e9a7eec98cd50277ee9f5dd14142fde250062
e52301d536302a06d657020e74d74406d7847cbf3202208c0511dfe52fa6c77f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.6.5 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Wed, 11 May 2022 23:32:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6269
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
200 OK 7.8 kB URL HTTP/2 hareksaman999.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
File type Unicode text, UTF-8 text, with very long lines (20925), with no line terminators
Hash af6a867500478cebdd86c81f38a311e2
64b6f3f27390e301fbbc89f5b4bb889479189e80
6e6f6a8b64170e7fc118a95e2c2d6a6382346188eb0cb4fce236fdb84e75dc1c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Tue, 02 Aug 2022 21:40:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7776
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.1
200 OK 2.9 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.1
IP
File type ASCII text, with very long lines (6705)
Hash 11d746444ba0cbfb3d09877d38ff74a2
4a55b7fd2f5a0d0cb2ebad86ae9f036bcc8ab90f
9be184ea63a81f9202694e94741e599f529ca8581bd5dec26d4fda804a6f73c6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.1 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 12:28:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2946
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.7
200 OK 3.3 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.7
IP
File type ASCII text, with very long lines (7997), with no line terminators
Hash dfc96cae3651083aeba1451a789d7e08
ead6f2cde7674be38fd4dd989a9fa153bb014a11
9c029fb7ba83d0e2bc3e5ca40835ebff67c3a2eb4cc511a524705d4858a423e5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.7 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Fri, 13 May 2022 19:16:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3303
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.1
200 OK 11 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.1
IP
File type Unicode text, UTF-8 text, with very long lines (34676)
Hash 2a1e4f6852d594760b92af35d34adcc6
5bdb12844d1793f6f1ec131bac66a3949d338dce
b75ed078dc94638c7f32550a65dab1176624114e092a9149d3a8850fb950af81
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.1 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 12:28:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11347
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.6.5
200 OK 6.2 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.6.5
IP
File type ASCII text, with very long lines (26043)
Hash 5bcc4fcb7204681064f565e5c1f56523
51b10d2c9cac6b20614ae5594645273c4d8ac10e
71564c0e177899338dd36a29b4c567c0017d450891cb6c48e4fbc73e424b0dbe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.6.5 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Wed, 11 May 2022 23:32:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6188
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
200 OK 7.6 kB URL HTTP/2 hareksaman999.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP
File type Unicode text, UTF-8 text, with very long lines (9976)
Hash 9311e1ab7e180945189c9fe1a0a08d6e
01d5faa6fd9b0ba0b9fdc705da2b83aab8b2138a
f6d73e592215811670a999365e7f3b11c91301f976d733b3c47b1ee8e757fc98
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Tue, 02 Aug 2022 21:40:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7564
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.1
200 OK 13 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.1
IP
File type ASCII text, with very long lines (42250)
Hash 36dc04c926e5636edaa1882727a901af
9c1283017edfac5ea2e498f488be39d53d810c62
f30da5d343a44565971d61bb8b24e459c68a613d41fd4da7ae13c894221192f5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.1 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 12:28:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12596
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/invoicing/vendor/ayecode/wp-ayecode-ui/assets/js/select2.min.js?ver=4.0.11
200 OK 23 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/invoicing/vendor/ayecode/wp-ayecode-ui/assets/js/select2.min.js?ver=4.0.11
IP
File type C source, Unicode text, UTF-8 text, with very long lines (32213)
Hash c4837d68a0d87a6cf1da91aa450c54b1
f3c71f5356fb61c79ce8a8dfc5d4057d6e0e846c
bcd6af2938472d307b046b8fcf374a080a2b96f3326fe17c407cc48435b9a34d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/invoicing/vendor/ayecode/wp-ayecode-ui/assets/js/select2.min.js?ver=4.0.11 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Mon, 18 Jan 2021 17:37:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 22720
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
200 OK 2.5 kB URL HTTP/2 hareksaman999.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
IP
File type ASCII text, with very long lines (6662)
Hash c0b5e2abda696cdf51e94d6fcd111da6
b6b07cb340595e25b286bd948e5ee96c5ca08b0d
bd9fc4a0d2e283f834c89ce5ef5b9365b187454cc45f271c41973535543ce611
GET /wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Tue, 02 Aug 2022 21:40:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2488
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.8.0
200 OK 1.1 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.8.0
IP
File type ASCII text, with very long lines (7043), with no line terminators
Hash 398489038b789364a5c83f044e11974d
d5caf5f64c45693de65b5c0a801bfbf83a325485
32365dde0c909abbb02d8b6a8d9938056ba47f325d51e75082e3d265ce5f76d5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.8.0 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:44 GMT
content-type: text/css
last-modified: Wed, 17 Feb 2021 04:11:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1058
date: Tue, 13 Sep 2022 03:53:44 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7af2217b9a46c7133de74a474e71320c
1f3aa44da1d806c207e6de0d028328be1b2392a7
6d35836469127c75bae743034f68df332f41aa5aa9858b2c393c71c157a4e8bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D35836469127C75BAE743034F68DF332F41AA5AA9858B2C393C71C157A4E8BC"
Last-Modified: Mon, 12 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18755
Expires: Tue, 13 Sep 2022 09:06:20 GMT
Date: Tue, 13 Sep 2022 03:53:45 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:53:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:53:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hareksaman999.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:32:09 GMT
expires: Thu, 07 Sep 2023 19:32:09 GMT
cache-control: public, max-age=31536000
age: 462096
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLFj_Z1xlFQ.woff2
200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLFj_Z1xlFQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7932, version 1.0\012- data
Hash a7f7eebec745ef48ccf7a3d08c66d84a
2c5f99afe358a3e8570818a99646779aaa607587
6f0c572590421075878908e0b380c5a6d404f72aa7d6d125385943be658f8399
GET /s/poppins/v20/pxiByp8kv8JHgFVrLFj_Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hareksaman999.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7932
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:57:28 GMT
expires: Thu, 07 Sep 2023 19:57:28 GMT
cache-control: public, max-age=31536000
age: 460577
last-modified: Wed, 27 Apr 2022 16:10:29 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hareksaman999.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:30:59 GMT
expires: Thu, 07 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 462166
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:53:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2
200 OK 5.5 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 5544, version 1.0\012- data
Hash 0ed299a4bb5262e17e2145783b2c18f1
65af2a037a5ef8a8d383d518377ea1f9f6837631
cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hareksaman999.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5544
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:37:46 GMT
expires: Thu, 07 Sep 2023 19:37:46 GMT
cache-control: public, max-age=31536000
age: 461759
last-modified: Wed, 27 Apr 2022 17:03:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hareksaman999.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:30:58 GMT
expires: Thu, 07 Sep 2023 19:30:58 GMT
cache-control: public, max-age=31536000
age: 462167
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hareksaman999.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:30:59 GMT
expires: Thu, 07 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 462166
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2
200 OK 5.4 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 5384, version 1.0\012- data
Hash 96b6d54684daa94742f7bfd72a981213
72c3ac29b2fcceea390d3a51c7a892efde65e4d9
4ce2c84c474fb80b33e347ae6f356796021d6fd42e88a6352fc6e9ca0b22bd63
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hareksaman999.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5384
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:35:21 GMT
expires: Thu, 07 Sep 2023 19:35:21 GMT
cache-control: public, max-age=31536000
age: 461904
last-modified: Wed, 27 Apr 2022 16:11:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7840, version 1.0\012- data
Hash 8d91ec1ca2d8b56640a47117e313a3e9
a9e9bafe64666f4595051a0e895b47a5fa39e67e
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
GET /s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hareksaman999.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:31:02 GMT
expires: Thu, 07 Sep 2023 19:31:02 GMT
cache-control: public, max-age=31536000
age: 462163
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woocommerce-paypal-payments/modules/ppcp-button/assets/js/button.js?ver=1.9.2
200 OK 38 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/woocommerce-paypal-payments/modules/ppcp-button/assets/js/button.js?ver=1.9.2
IP
Hash d1ed3b4a5f3468c66d7719444035903c
9de4402758ba68e2e82499213af8a1a00bd4bb04
40e5ad3a5e120fedf2a4d26eaa54091a56914ce59f653b2c3ce61a6fdbc91703
GET /wp-content/plugins/woocommerce-paypal-payments/modules/ppcp-button/assets/js/button.js?ver=1.9.2 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Tue, 09 Aug 2022 23:11:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 58350
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
p.kindpng.com/picc/s/419-4195739_khalti-logo-png-transparent-png.png
200 OK 30 kB URL HTTP/1.1 p.kindpng.com/picc/s/419-4195739_khalti-logo-png-transparent-png.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 500x280, components 3\012- data
Hash 5f6c3c13fc0ddeb9fae52f48bb68ae08
2c9bfa1004acd9cc362545a1f1a9520d9f52b9e1
c92206cf16910e4e67ee6bfac984a25ba496775db78c02bfa40612c336612d5b
GET /picc/s/419-4195739_khalti-logo-png-transparent-png.png HTTP/1.1
Host: p.kindpng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0
Date: Tue, 13 Sep 2022 03:53:45 GMT
Content-Type: image/png
Last-Modified: Mon, 09 Dec 2019 06:47:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5dedee06-8cda"
Content-Encoding: gzip
js.stripe.com/v3/m-outer-9f2b139ad7aae34564fb49d9bbf86914.html
200 OK 114 B URL HTTP/2 js.stripe.com/v3/m-outer-9f2b139ad7aae34564fb49d9bbf86914.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash ef17879fce37cb9aff8bb39213823cbe
88d72c09d506ed7bafe47f49d700a9f6b54d8c00
ea04c7c6caf76dba7f5de7cfa1bb2a941f9edff34713c9075c110ab6cc2b812e
GET /v3/m-outer-9f2b139ad7aae34564fb49d9bbf86914.html HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 12 Sep 2022 20:31:44 GMT
etag: "9f2b139ad7aae34564fb49d9bbf86914"
cache-control: max-age=31536000
content-type: text/html; charset=utf-8
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Tue, 13 Sep 2022 03:53:45 GMT
via: 1.1 varnish
age: 26420
x-request-id: 96482325-747d-4bbe-a973-153b9b860256
x-served-by: cache-bma1658-BMA
x-cache: HIT
x-cache-hits: 1939
vary: Accept-Encoding
timing-allow-origin: *
content-length: 114
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/themes/zakra/assets/fonts/themegrill-icons.woff2?5d42b271f668d2d6461ba91fc5a5a839
200 OK 1.3 kB URL HTTP/2 hareksaman999.com/wp-content/themes/zakra/assets/fonts/themegrill-icons.woff2?5d42b271f668d2d6461ba91fc5a5a839
IP
File type Web Open Font Format (Version 2), TrueType, length 1320, version 1.0\012- data
Hash 26a09c1dc7fd18341da6c6cde110e123
d8710ef9efffc5a97bc62e3f9f1e98b779b07cd4
b84099a6f7f94d98d7e0f52cf017c2a1cc0b2a9aa1d3f542f8e1379a8bc83a99
GET /wp-content/themes/zakra/assets/fonts/themegrill-icons.woff2?5d42b271f668d2d6461ba91fc5a5a839 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://hareksaman999.com/wp-content/themes/zakra/style.css?ver=2.1.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:45 GMT
content-type: font/woff2
last-modified: Thu, 17 Dec 2020 22:01:40 GMT
accept-ranges: bytes
content-length: 1320
date: Tue, 13 Sep 2022 03:53:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/uploads/2022/05/H9f731b1f34454a6a96c8485f7d4b39ddt.jpg
200 OK 256 B URL HTTP/2 hareksaman999.com/wp-content/uploads/2022/05/H9f731b1f34454a6a96c8485f7d4b39ddt.jpg
IP
Hash 81235fac06e9d326aeef8b39a495c8ce
ef91fdb8aefe71c4152a8d5d04a932db00039f49
a1dff1e13da8d931f175c206d6d2bedd4989c3b8f338162b35a18eec08840944
GET /wp-content/uploads/2022/05/H9f731b1f34454a6a96c8485f7d4b39ddt.jpg HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/wp-content/uploads/elementor/css/post-646.css?ver=1662126955
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:45 GMT
content-type: image/jpeg
last-modified: Thu, 12 May 2022 01:05:31 GMT
accept-ranges: bytes
content-length: 177719
date: Tue, 13 Sep 2022 03:53:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
m.stripe.network/inner.html
200 OK 930 B URL HTTP/2 m.stripe.network/inner.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (930), with no line terminators
Hash fc2e029628f163bb59adc6fa5a31161c
0f4547ae510d1bf36e3630d41bdab29d64c03d64
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
GET /inner.html HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-length: 930
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
accept-ranges: bytes
server: Cloudfront
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
date: Tue, 13 Sep 2022 03:53:05 GMT
cache-control: max-age=300, public
etag: "fc2e029628f163bb59adc6fa5a31161c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: E5f_qSlyFsLn_qmhtiVyH9vV3f8n-CrH3h9VHSVnRp3-qeAPemXdYg==
age: 42
X-Firefox-Spdy: h2
zakrademos.com/shop-v2/wp-content/uploads/sites/15/2019/06/banner-polygon-right-2.png
200 OK 3.8 kB URL HTTP/2 zakrademos.com/shop-v2/wp-content/uploads/sites/15/2019/06/banner-polygon-right-2.png
IP
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash deb3c53c4b2b5cb0a748fce98da5e8b9
efdfb6f3907af544d9acd1638ababaee8438207a
337b09853b67ebf76a400f252ace4e1976beb40c5faa1e33c315e5bd98b2bf9c
GET /shop-v2/wp-content/uploads/sites/15/2019/06/banner-polygon-right-2.png HTTP/1.1
Host: zakrademos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 03:53:45 GMT
content-type: image/png
content-length: 3787
last-modified: Thu, 11 Jul 2019 05:43:00 GMT
cache-control: max-age=10368000, public
expires: Wed, 11 Jan 2023 03:46:08 GMT
vary: Accept-Encoding
age: 457
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
200 OK 78 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://hareksaman999.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:45 GMT
content-type: font/woff2
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-length: 78196
date: Tue, 13 Sep 2022 03:53:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
200 OK 13 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Hash f0f8230116992e521526097a28f54066
0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://hareksaman999.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:45 GMT
content-type: font/woff2
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-length: 13276
date: Tue, 13 Sep 2022 03:53:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/uploads/2022/08/tiktok-logo-png-6041-300x300.jpg
200 OK 9.5 kB URL HTTP/2 hareksaman999.com/wp-content/uploads/2022/08/tiktok-logo-png-6041-300x300.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash fc61411c727f62a1245993fe1cd49d4c
03d2b6c2cf38a8f19a6c6ffe5003dfe30c631931
78f98acf2def6fd170db890fc18b0ef74af47a3b27475624899fc519783d3edc
GET /wp-content/uploads/2022/08/tiktok-logo-png-6041-300x300.jpg HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:45 GMT
content-type: image/jpeg
last-modified: Tue, 09 Aug 2022 08:06:19 GMT
accept-ranges: bytes
content-length: 9529
date: Tue, 13 Sep 2022 03:53:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/uploads/2022/08/e32f82be29262215c4a14a956c455e87-300x300.jpg
200 OK 17 kB URL HTTP/2 hareksaman999.com/wp-content/uploads/2022/08/e32f82be29262215c4a14a956c455e87-300x300.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash bd2bda14b90ee39d9fcfd2fb83d2f628
dd1e68e7235ffda3454500de0b8a6f00e0de0f2e
084a248533c2c4a4f0e46b3fc48ffc59821a7a793a5d7bb9de732156d284d992
GET /wp-content/uploads/2022/08/e32f82be29262215c4a14a956c455e87-300x300.jpg HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:45 GMT
content-type: image/jpeg
last-modified: Thu, 04 Aug 2022 11:35:51 GMT
accept-ranges: bytes
content-length: 16625
date: Tue, 13 Sep 2022 03:53:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
m.stripe.network/out-4.5.42.js
200 OK 91 kB URL HTTP/2 m.stripe.network/out-4.5.42.js
IP
Hash 4ba54b7ea836ede01a32df02d50924f8
2ef8aafa4f385dfd49179ceda962ddadf39979d2
9d677110e6e1f13c6eabbd222f2db6f7579195bdba151260cdf6ffe41b65bdf4
GET /out-4.5.42.js HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.stripe.network/inner.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
date: Tue, 13 Sep 2022 03:53:05 GMT
cache-control: max-age=300, public
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mDjtkK5EowipByVAPWrm_u4TRjXJYn3xtsmndqA4l9Z-ZF4mUuVYKw==
age: 131
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 727
Origin: https://hareksaman999.com
Connection: keep-alive
Referer: https://hareksaman999.com/
Cookie: _ttp=2EhI7xqb7HnF6CRRE5frPG2uI8N
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20220913035345C73BF4FF88FFFD98C60A
x-tt-trace-host: 014c3d3a48b720cad047ee4725ef00c61e281f96f689f674bb5ab57408d3ddad9536774e3af92faa42bc2752d303365b80b9a7241e99c511a8987cacb1841981c9547ea7b8e8532b8e3fc0a37ccf295fcc29225964307571a979764a98134a4d64
x-origin-response-time: 34,23.222.16.85
x-akamai-request-id: 1daed860.767c7cb0
expires: Tue, 13 Sep 2022 03:53:45 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 13 Sep 2022 03:53:45 GMT
x-cache: TCP_MISS from a104-84-152-188.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-cache-remote: TCP_MISS from a23-222-16-85.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=34, inner; dur=16
x-parent-response-time: 132,104.84.152.188
X-Firefox-Spdy: h2
zakrademos.com/shop-v2/wp-content/uploads/sites/15/2019/06/banner-circle-bg.png
200 OK 11 kB URL HTTP/2 zakrademos.com/shop-v2/wp-content/uploads/sites/15/2019/06/banner-circle-bg.png
IP
File type PNG image data, 570 x 570, 8-bit/color RGBA, non-interlaced\012- data
Hash 6cc5b4ef2c36f1494c59833e10ed931e
5ef8af23ec59ea7585a16c2a431e0c859fe928c6
1b0be47ca45ad7be623c59cad1541bc2d0cb1be99abcba74942aeb2627ebfea9
GET /shop-v2/wp-content/uploads/sites/15/2019/06/banner-circle-bg.png HTTP/1.1
Host: zakrademos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 03:53:45 GMT
content-type: image/png
content-length: 10911
last-modified: Thu, 11 Jul 2019 05:42:04 GMT
cache-control: max-age=10368000, public
expires: Wed, 11 Jan 2023 02:36:22 GMT
vary: Accept-Encoding
age: 4642
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/uploads/2022/05/Hdec4c5e42ede486d89826e48b1744567Z.jpg
200 OK 189 kB URL HTTP/2 hareksaman999.com/wp-content/uploads/2022/05/Hdec4c5e42ede486d89826e48b1744567Z.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1000x1000, components 3\012- data
Size 189 kB (188653 bytes)
Hash e51c977ff658f9a40e0dcef9ebc85828
4b5e576f44798b26c968b92494d7ec2edd773aac
a2d474d5afa08d4fd9e98844374bfcf73ba9f7ca0d3d4f9ac7421a0eaec3ba5a
GET /wp-content/uploads/2022/05/Hdec4c5e42ede486d89826e48b1744567Z.jpg HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/wp-content/uploads/elementor/css/post-646.css?ver=1662126955
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:45 GMT
content-type: image/jpeg
last-modified: Thu, 12 May 2022 01:14:06 GMT
accept-ranges: bytes
content-length: 188653
date: Tue, 13 Sep 2022 03:53:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
200 OK 77 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Hash f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://hareksaman999.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:45 GMT
content-type: font/woff2
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-length: 76764
date: Tue, 13 Sep 2022 03:53:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/uploads/2022/08/5313469a-8bf7-41d2-9759-ce6330f9f2dc-300x300.jpg
200 OK 14 kB URL HTTP/2 hareksaman999.com/wp-content/uploads/2022/08/5313469a-8bf7-41d2-9759-ce6330f9f2dc-300x300.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 73e4ebde58870330dac3b86994acdfbf
a3ed243d61c3a0acc0da432075e1f6457e868aa1
1586c4981313b8fddbd7fcb2c04939e4e00148a2fa33f19b1a2ae65d5b603fc8
GET /wp-content/uploads/2022/08/5313469a-8bf7-41d2-9759-ce6330f9f2dc-300x300.jpg HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:45 GMT
content-type: image/jpeg
last-modified: Wed, 03 Aug 2022 08:24:42 GMT
accept-ranges: bytes
content-length: 14180
date: Tue, 13 Sep 2022 03:53:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/wp-optin-wheel/public/img/bg-hearts.png
200 OK 1.8 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/wp-optin-wheel/public/img/bg-hearts.png
IP
File type PNG image data, 210 x 209, 8-bit colormap, non-interlaced\012- data
Hash 61becde505059046b865d60de3c1b741
acee7873bd151fbe21f235a94c5c329ecf3f9b77
9f84076e8908ed889d6d3ed86f926e2ba99566f9920f25ec7e5fc96911d5f192
GET /wp-content/plugins/wp-optin-wheel/public/img/bg-hearts.png HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:45 GMT
content-type: image/png
last-modified: Thu, 04 Aug 2022 10:07:03 GMT
accept-ranges: bytes
content-length: 1807
date: Tue, 13 Sep 2022 03:53:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/uploads/2022/05/H1aeadf40ac884af0a305a304e83e8c78X.jpg
200 OK 256 kB URL HTTP/2 hareksaman999.com/wp-content/uploads/2022/05/H1aeadf40ac884af0a305a304e83e8c78X.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1600x1600, components 3\012- data
Size 256 kB (255450 bytes)
Hash 5c98f2e5567fc3f2e5aeb0e553447d95
5ddbe8b91e26bf85f52798c1e15cd02906dc9358
4f7106053cbeb39d8e36bf346896d17ec10f5212939ce87f9668371497eae39a
GET /wp-content/uploads/2022/05/H1aeadf40ac884af0a305a304e83e8c78X.jpg HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/wp-content/uploads/elementor/css/post-646.css?ver=1662126955
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:45 GMT
content-type: image/jpeg
last-modified: Thu, 12 May 2022 02:08:00 GMT
accept-ranges: bytes
content-length: 255450
date: Tue, 13 Sep 2022 03:53:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/wp-optin-wheel/public/img/wheel-deep-purple.png
200 OK 40 kB URL HTTP/2 hareksaman999.com/wp-content/plugins/wp-optin-wheel/public/img/wheel-deep-purple.png
IP
File type PNG image data, 1480 x 1477, 8-bit colormap, non-interlaced\012- data
Hash b46526ac44bfa719d24122229671da78
350bee4a0136d7d070e57ece4ea41a43c17dcc30
f007ffdb50d104624024c25f3c145e65dc3469bb8c60d0bb99fac292b55d6487
GET /wp-content/plugins/wp-optin-wheel/public/img/wheel-deep-purple.png HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/wp-content/plugins/wp-optin-wheel/public/css/theme-deep-purple.css?ver=1.3.6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:45 GMT
content-type: image/png
last-modified: Thu, 04 Aug 2022 10:07:03 GMT
accept-ranges: bytes
content-length: 39642
date: Tue, 13 Sep 2022 03:53:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/uploads/2019/06/banner-girl.png
200 OK 296 kB URL HTTP/2 hareksaman999.com/wp-content/uploads/2019/06/banner-girl.png
IP
File type PNG image data, 364 x 825, 8-bit/color RGBA, non-interlaced\012- data
Size 296 kB (295973 bytes)
Hash a5865365129c5b3c255a2f77b4942e99
e6c444e2da780ec745b57faa92ea4aceb7642265
7cf7532868c3d54698a34f69fe312ae498e7b733bdf3d9474ffc2b2c59d42d74
GET /wp-content/uploads/2019/06/banner-girl.png HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:45 GMT
content-type: image/png
last-modified: Fri, 13 May 2022 19:16:32 GMT
accept-ranges: bytes
content-length: 295973
date: Tue, 13 Sep 2022 03:53:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.paypal.com/sdk/js?client-id=AdBGBNWDmVPh8YMrv--yS8bkTtcHKFdDDOtOuBV7GObH7VfuXygMVdnnuBclU7_Iquusl5EEM-qF5o6A¤cy=NPR&integration-date=2022-04-13&components=buttons,funding-eligibility&vault=false&commit=false&intent=capture&disable-funding=card&enable-funding=venmo,paylater
200 OK 91 kB URL HTTP/2 www.paypal.com/sdk/js?client-id=AdBGBNWDmVPh8YMrv--yS8bkTtcHKFdDDOtOuBV7GObH7VfuXygMVdnnuBclU7_Iquusl5EEM-qF5o6A¤cy=NPR&integration-date=2022-04-13&components=buttons,funding-eligibility&vault=false&commit=false&intent=capture&disable-funding=card&enable-funding=venmo,paylater
IP
File type ASCII text, with very long lines (65472)
Hash 09f592e5454253f8511373fc74bb48e6
d394eb26afbed60410955a13757061354ed744b0
2ba412d9e7101746b485920e94f3223492b54247aaad776fc848db576018518e
GET /sdk/js?client-id=AdBGBNWDmVPh8YMrv--yS8bkTtcHKFdDDOtOuBV7GObH7VfuXygMVdnnuBclU7_Iquusl5EEM-qF5o6A¤cy=NPR&integration-date=2022-04-13&components=buttons,funding-eligibility&vault=false&commit=false&intent=capture&disable-funding=card&enable-funding=venmo,paylater HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
content-encoding: gzip
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-r7zlAUX46EiXqwYerUJQVj8d7hnC47v4MoX0G3jbmLWlZvB3' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-r7zlAUX46EiXqwYerUJQVj8d7hnC47v4MoX0G3jbmLWlZvB3' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: application/javascript; charset=utf-8
etag: W/"163bb-05TrJq++1gQQlVoTdXBhNU7XRLA"
p3p: true
paypal-debug-id: f224139b01e64
traceparent: 00-0000000000000000000f224139b01e64-a49e96f8bb37b36e-01
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 13 Sep 2022 03:53:45 GMT
age: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11543-HHN, cache-bma1629-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1663041225.432129,VS0,VE530
vary: Accept-Encoding
server-timing: "traceparent;desc="00-0000000000000000000f224139b01e64-a41ce407b31ba73c-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
content-length: 91067
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 902fc0ad17c84623b6138cee3b79d990
ac518f960609d9706d75e9eae99bfefc7330e6d3
47479c5d623fa52deb589039eddfae20db884ff7cb008843bc47985ac630bead
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6364
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:53:46 GMT
Last-Modified: Tue, 13 Sep 2022 02:07:42 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 13 Sep 2022 02:41:12 GMT
expires: Tue, 13 Sep 2022 04:41:12 GMT
cache-control: public, max-age=7200
age: 4354
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 7c85e22b75dd559a6c65736bae63c5bd
eb57470991666108a01b8ee0adf707e1c1dc8642
bd05cc5dfc5ddd554cc9ac5395035ce302b0b74343d199a64b2dbdcac0070944
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:53:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ad439cab56126bcc402ee9f92365a209
a4b48a9a733c53cbc7020e190b8c787e1f80f55a
d0e2e52b66a8dec8c57092ec332f452a7348941d778d7b4686ca32696aabd065
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:53:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7098090209582746
200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7098090209582746
IP
File type ASCII text, with very long lines (2903)
Hash 533d85cc0aa4f2f9dbb240095f95214b
08ed3161f216e98c4e817c936602c400a9522c8c
d095452bf89dfbc0bf3b19223f7780ba5166a054463397c03c61d4898b4223a4
GET /pagead/js/adsbygoogle.js?client=ca-pub-7098090209582746 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hareksaman999.com
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Tue, 13 Sep 2022 03:53:46 GMT
expires: Tue, 13 Sep 2022 03:53:46 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 7879091565341238331
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 57485
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.paypal.com/tagmanager/pptm.js?id=hareksaman999.com&t=xo&v=5.0.331&source=payments_sdk&client_id=AdBGBNWDmVPh8YMrv--yS8bkTtcHKFdDDOtOuBV7GObH7VfuXygMVdnnuBclU7_Iquusl5EEM-qF5o6A&comp=buttons,funding-eligibility&vault=false
200 OK 4.3 kB URL HTTP/2 www.paypal.com/tagmanager/pptm.js?id=hareksaman999.com&t=xo&v=5.0.331&source=payments_sdk&client_id=AdBGBNWDmVPh8YMrv--yS8bkTtcHKFdDDOtOuBV7GObH7VfuXygMVdnnuBclU7_Iquusl5EEM-qF5o6A&comp=buttons,funding-eligibility&vault=false
IP
File type ASCII text, with very long lines (12084), with no line terminators
Hash da1b94bdea2eb1769e74df6fbd2c1a2e
4c7f6b5318ffd3d36b6b431f4bd113b55d8f14a7
45cc4e008a654e4ef3f3b3eb0ca92f52ade64445039059b5395b11734b033be4
GET /tagmanager/pptm.js?id=hareksaman999.com&t=xo&v=5.0.331&source=payments_sdk&client_id=AdBGBNWDmVPh8YMrv--yS8bkTtcHKFdDDOtOuBV7GObH7VfuXygMVdnnuBclU7_Iquusl5EEM-qF5o6A&comp=buttons,funding-eligibility&vault=false HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-+7T6x3sKFYYcDk8xC0plJqf4bCB6htwISDtvKDF8agTVW64h' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-type: application/x-javascript; charset=utf-8
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
paypal-debug-id: f814181d4f903
traceparent: 00-0000000000000000000f814181d4f903-9a3a8ac283a00cff-01
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 13 Sep 2022 03:53:46 GMT
age: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4074-HHN, cache-bma1629-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1663041226.050080,VS0,VE330
vary: Accept-Encoding
server-timing: "traceparent;desc="00-0000000000000000000f814181d4f903-cb01350c1454189c-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
content-length: 4299
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
200 OK 27 kB URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
IP
Hash 108ccbf7ea9d8e7ccaeae1ff25006fcf
fe39b2b42627f2c5f7a1476d3317b64a89d3b592
0b7d9d9d000ed191473b732c152bd83cb523dfa8573e4366ce6e3dfea47186eb
GET /translate_a/element.js?cb=googleTranslateElementInit2 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 13 Sep 2022 03:53:46 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+922; expires=Thu, 12-Sep-2024 03:53:46 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ad439cab56126bcc402ee9f92365a209
a4b48a9a733c53cbc7020e190b8c787e1f80f55a
d0e2e52b66a8dec8c57092ec332f452a7348941d778d7b4686ca32696aabd065
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:53:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.googleapis.com/translate_static/css/translateelement.css
200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP
File type ASCII text, with very long lines (18670)
Hash 897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 03:11:32 GMT
expires: Tue, 13 Sep 2022 04:11:32 GMT
cache-control: public, max-age=3600
age: 2534
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
m.stripe.com/6
200 OK 156 B IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 2bc444ad149d5df030027d2c1f011547
52b7efb43f4371b2f496bc646cb8d92002ad1b71
12902b3e8ec3a425cbd96ddf748dc0dc3d58cc42a9dd747840325b8d748da4b8
POST /6 HTTP/1.1
Host: m.stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2224
Origin: https://m.stripe.network
Connection: keep-alive
Referer: https://m.stripe.network/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 03:53:46 GMT
content-length: 156
set-cookie: m=b639b970-8bf0-4e36-b9c5-03c242739a0668ffab;Expires=Thu, 12-Sep-2024 03:53:46 GMT;Secure;HttpOnly; SameSite=None
x-content-type-options: nosniff
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20220908/r20190131/zrt_lookup.html
200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220908/r20190131/zrt_lookup.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 09a8bd805dba1307ae0bd76a0c9ca73d
bdc16e7610abae944da47ff3a0e5fea818241fb0
e3978f36e9c5f0b909ed64015db629e2c64b46e75d165c6d1d146fcb792cdbde
GET /pagead/html/r20220908/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4412
x-xss-protection: 0
date: Tue, 13 Sep 2022 01:27:05 GMT
expires: Tue, 27 Sep 2022 01:27:05 GMT
cache-control: public, max-age=1209600
age: 8801
etag: 8616628553774171045
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/uploads/2020/07/zakra.png
200 OK 663 B URL HTTP/2 hareksaman999.com/wp-content/uploads/2020/07/zakra.png
IP
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash d8d47f505d3f3007e77472c89c3d67d4
9379490acdce250dbfb8dd4964d867593e18d754
4096bed187e9bc4d319d1f948af63cd27c2e4b2de5e80edfc83678a66791fc84
GET /wp-content/uploads/2020/07/zakra.png HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Cookie: _tt_enable_cookie=1; _ttp=077b014a-22b8-42bb-90d8-765d2811f7c2; _ga_P38FYDY0QJ=GS1.1.1663041213.1.0.1663041213.0.0.0; _ga=GA1.1.1856619077.1663041213
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:46 GMT
content-type: image/png
last-modified: Fri, 13 May 2022 19:16:58 GMT
accept-ranges: bytes
content-length: 663
date: Tue, 13 Sep 2022 03:53:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-P38FYDY0QJ>m=2oe970&_p=1801415156&gdid=dZTNiMT&cid=1856619077.1663041213&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663041213&sct=1&seg=0&dl=https%3A%2F%2Fhareksaman999.com%2F&dt=Harekaman999%20-%20Hareksaman999&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-P38FYDY0QJ>m=2oe970&_p=1801415156&gdid=dZTNiMT&cid=1856619077.1663041213&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663041213&sct=1&seg=0&dl=https%3A%2F%2Fhareksaman999.com%2F&dt=Harekaman999%20-%20Hareksaman999&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-P38FYDY0QJ>m=2oe970&_p=1801415156&gdid=dZTNiMT&cid=1856619077.1663041213&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663041213&sct=1&seg=0&dl=https%3A%2F%2Fhareksaman999.com%2F&dt=Harekaman999%20-%20Hareksaman999&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hareksaman999.com
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://hareksaman999.com
date: Tue, 13 Sep 2022 03:53:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Harekaman999%20-%20Hareksaman999&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1663041213831&g=0&completeurl=https%3A%2F%2Fhareksaman999.com%2F&ru=https%3A%2F%2Fhareksaman999.com%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
200 OK 42 B URL HTTP/2 t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Harekaman999%20-%20Hareksaman999&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1663041213831&g=0&completeurl=https%3A%2F%2Fhareksaman999.com%2F&ru=https%3A%2F%2Fhareksaman999.com%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
GET /ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Harekaman999%20-%20Hareksaman999&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1663041213831&g=0&completeurl=https%3A%2F%2Fhareksaman999.com%2F&ru=https%3A%2F%2Fhareksaman999.com%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
expires: Tue, 13 Sep 2022 03:53:46 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: b9332ee28c41a
pragma: no-cache
set-cookie: ts=vreXpYrS%3D1757735626%26vteXpYrS%3D1663043026%26vr%3D34fb47511830aa5bcca6d9acffffffff%26vt%3D34fb47511830aa5bcca6d9acfffffffe; Expires=Sat, 13 Sep 2025 03:53:46 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3D34fb47511830aa5bcca6d9acffffffff%26vt%3D34fb47511830aa5bcca6d9acfffffffe; Expires=Sat, 13 Sep 2025 03:53:46 GMT; Domain=.paypal.com; Path=/; Secure
traceparent: 00-0000000000000000000b9332ee28c41a-e6d5fc53866e84c4-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Tue, 13 Sep 2022 03:53:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4031-HHN, cache-bma1640-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1663041226.490389,VS0,VE167
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 42
X-Firefox-Spdy: h2
translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
200 OK 1.4 kB URL HTTP/2 translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
IP
Hash 3ad547ec47ef63d87eff80e53d6dd861
20cd334266b4bc9b47966d5487f0a2b2d41db765
c9b9dc1b30d38db2a72068eb7d8a5d1af32006b64263cab5e89f500f62856ea3
GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 13 Sep 2022 03:53:46 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
expires: Tue, 13 Sep 2022 03:53:46 GMT
set-cookie: NID=511=s_31s26C19oBByhYdhAjR1Y5spJsEOGE9ohCE33iJ2ReuFHlH3fjdur8sugFJ_GTUjtr5QMOCDpd5KJ70qqzsBfmTHv_emJyQvxmcMR6R_tISaB-Ic2mkW216x0Pz61KsLWa57MxjGtJ1hNxZmd5UxzejSt2FJpQhOUNZnfy5Cw; expires=Wed, 15-Mar-2023 03:53:46 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
CONSENT=PENDING+483; expires=Thu, 12-Sep-2024 03:53:46 GMT; path=/; domain=.googleapis.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 741400b574ef7f9f3236164e28e58c51
811018b86fd196da2faf32b044905e1130002a90
efb8e915e207a776018a5319e449e47a105b1d8692e08317c2b3014135b01418
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:53:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4fd53df42280409cd83e9f2cbd753bb6
c7879abb078bdc6dfd363f72509d1f36e5a8a622
c6eecc725ec5cf4376f99fafaf029eaa6f207dceefb09c09f1e8aaaa1fa1b5f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:53:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=hareksaman999.com
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=hareksaman999.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=hareksaman999.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 13 Sep 2022 03:53:46 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=hareksaman999.com&callback=_gfp_s_&client=ca-pub-7098090209582746
200 OK 202 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=hareksaman999.com&callback=_gfp_s_&client=ca-pub-7098090209582746
IP
File type ASCII text, with no line terminators
Hash f25c2f13f49aaa2ae7617d61e04a7d92
2fd3a2cfc94d9c7b42f871688957e246f901aa36
c6889b2d992faddccb7824c636ffcfa8ce88d10a8112667fa958cc5ae8d95662
GET /gampad/cookie.js?domain=hareksaman999.com&callback=_gfp_s_&client=ca-pub-7098090209582746 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 13 Sep 2022 03:53:46 GMT
server: cafe
cache-control: private
content-length: 202
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=hareksaman999.com
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=hareksaman999.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=hareksaman999.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 13 Sep 2022 03:53:46 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 741400b574ef7f9f3236164e28e58c51
811018b86fd196da2faf32b044905e1130002a90
efb8e915e207a776018a5319e449e47a105b1d8692e08317c2b3014135b01418
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:53:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4fd53df42280409cd83e9f2cbd753bb6
c7879abb078bdc6dfd363f72509d1f36e5a8a622
c6eecc725ec5cf4376f99fafaf029eaa6f207dceefb09c09f1e8aaaa1fa1b5f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:53:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220908&st=env
200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220908&st=env
IP
File type JSON data\012- , ASCII text, with very long lines (14706), with no line terminators
Hash 1e1a38f9dc13a2bd3f1163924651784a
71fe0017edb6d611090ed4b54f4ace98968c4193
b1d894f2cda2f3c80eb124a7259f26a83c22339391bcaea41c6e3f302cb9ff06
GET /getconfig/sodar?sv=200&tid=gda&tv=r20220908&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hareksaman999.com
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 13 Sep 2022 03:53:47 GMT
server: cafe
cache-control: private
content-length: 11166
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 535d274bda0c065485a534026ab497a4
0ee92c6de28c6999632b924ba226c3c449ad2e40
14dd3a50213e32e5768046e3e99cd8fc302a94f6b8f9763bbd51d8605ebd16fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:53:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Tue, 13 Sep 2022 03:53:47 GMT
expires: Tue, 13 Sep 2022 03:53:47 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 07:47:45 GMT
expires: Fri, 08 Sep 2023 07:47:45 GMT
cache-control: public, max-age=31536000
age: 417962
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
200 OK 16 kB URL HTTP/2 pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
IP
File type ASCII text, with very long lines (35773)
Hash 42bf3a3dbd662c86239b8106c5713ade
c88c3e9938b3185cba41069adcd412d5842d851e
baf020dcc9272e32e56cbafd2f60e86041ddc10d7e6aa3e4d0e0b79415689622
GET /bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 15954
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 19:44:16 GMT
expires: Wed, 06 Sep 2023 19:44:16 GMT
cache-control: public, max-age=31536000
age: 547771
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hareksaman999.com/?wc-ajax=get_refreshed_fragments
500 Internal Server Error 471 B URL HTTP/2 hareksaman999.com/?wc-ajax=get_refreshed_fragments
IP
Hash 7faa6a78f896de4528c8cc9ed35bfa11
199ad87495595163d7d16b1eddb9506c8ddb4918
7effc4afbb7417799d0ecbb32fce2a94cba732e488fd4ce81ba5a77f4d7c13ca
Analyzer Verdict Alert fortinet Phishing
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://hareksaman999.com
Connection: keep-alive
Referer: https://hareksaman999.com/
Cookie: _tt_enable_cookie=1; _ttp=077b014a-22b8-42bb-90d8-765d2811f7c2; _ga_P38FYDY0QJ=GS1.1.1663041213.1.0.1663041213.0.0.0; _ga=GA1.1.1856619077.1663041213
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 500 Internal Server Error
x-powered-by: PHP/7.4.30
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1066
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 03:53:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/aframe
200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 531e90b2e805381468b42812a48788c0
09bc9e3eac43ba249698b138b7aca8da916a95b9
5e8fd087475a98d431e638f99e4c21869cfce8d3b9b6a34abe0cbfe76e0fa9ad
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 13 Sep 2022 03:53:47 GMT
date: Tue, 13 Sep 2022 03:53:47 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-6O0LOju2VHVpYLKesWrB0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220908&jk=1409347840512349&rc=
204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220908&jk=1409347840512349&rc=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&li=gda_r20220908&jk=1409347840512349&rc= HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 13 Sep 2022 03:53:47 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.paypal.com/xoplatform/logger/api/logger
200 OK 638 B URL HTTP/2 www.paypal.com/xoplatform/logger/api/logger
IP
Hash 9bb3d275552ca7a9209ab22bb3e3ce04
2fff233561b5baa43c3a8a15c382c9735671a9d0
4be27ab24509d960496acd1facab8fa0042005f61c58863e3b2017c2d7f2b98d
OPTIONS /xoplatform/logger/api/logger HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hareksaman999.com/
Origin: https://hareksaman999.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://hareksaman999.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: f683143780dbc
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Tue, 13 Sep 2022 12:39:43 GMT; HttpOnly; Secure
enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Wed, 13 Sep 2023 03:53:47 GMT; Secure
x-pp-s=eyJ0IjoiMTY2MzA0MTIyNzI1MSIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
tsrce=loggernodeweb; Domain=.paypal.com; Path=/; Expires=Fri, 16 Sep 2022 03:53:47 GMT; HttpOnly; Secure; SameSite=None
l7_az=dcg01.phx; Path=/; Domain=paypal.com; Expires=Tue, 13 Sep 2022 04:23:47 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1757735627%26vteXpYrS%3D1663043027%26vr%3D34fb49e01830a1d4b6f042a6fd1d8e9a%26vt%3D34fb49e01830a1d4b6f042a6fd1d8e99%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Fri, 12 Sep 2025 03:53:47 GMT; HttpOnly; Secure
ts_c=vr%3D34fb49e01830a1d4b6f042a6fd1d8e9a%26vt%3D34fb49e01830a1d4b6f042a6fd1d8e99; Path=/; Domain=paypal.com; Expires=Fri, 12 Sep 2025 03:53:47 GMT; Secure
traceparent: 00-0000000000000000000f683143780dbc-a5c8201a498f9e76-01
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Tue, 13 Sep 2022 03:53:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11549-HHN, cache-bma1629-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1663041227.140866,VS0,VE196
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220908&jk=1409347840512349&bg=!eXqlej7NAAZTikH4c4o7ACkAdvg8Wr3X3YnOZibP2DMrKJx_Q7qPwNkQo3CBljwA6pXhYUQlIsqsMgIAAACVUgAAAAdoAQcKAFSP1xxvgKL8OvxhQgYLPjtgQoMPJ7QtUNugACGbdSkhSjea6WDwefUVwkBx2CxMSOB_EUyJFRRvzq68ismxj_ixyHvUnt3Hi_b7GRRu_NaKQztgRDOZAppSsC762Ri6jdclWjM9dQHbn8g9zOUIWCrNvT4VcK4AXxzGXaJHs-DmZZV1XIzhQ5hErknC7Myjpst4N69js0aW-CIy3UpPAwcmE_TBeH215ldxOwyFSaTyPP9otqbQbb3dxNWM4d3do61uf5_6amCjkEbuYmj6RiWJNBGTsIch7X1lmjcfhmznDCCd-OBpFCP5JNXCUAfP1A53_xa17x7wEPZRvkeAubhIdjUPE59GEEjmXdAsAhUeE08ZfI6MeRN0d2UEV66PYqvanCCugY9TRCQKXQmG_l3oIdmh0KBhcJAE8r3_LuTz9zWisagM9ymfPXYMVBOVx3oa_E3Ma3-aojtP_XopcUfFVY87fI4R4JvLilfurAUfEvI-eDkspdQLbDrStTK0ayeKvQ8QBpVJouqjtyUncaP-buTgeg0U70JyIliy3bTMX2lMWq3lWVMsY_-Ct3-1sKNhkw-JqYIsuVUjHC4O4ewURT8420GL6mtpsd4yrSKH8EoFssBGGWxurz5oZhOwpBAPiMhfhdiQpXU2cO8z26mV9FMymohwSB6us8BNizZI0jvWH3y9RvpVCQwo50k8_wanEzuqrFLhANdpg69isqLObf26QPbkW9GDHQkyBWRhwW1sen6NXmKPck9uFuhHNF88y4YqrfegubOppCPe7jXBEDI4xj_cSEppQaOXCuI5WDCxB9K2urtdHXT2OgZMnRHdjSiVdXk5TLPSaHFAo3rBhyXSWcxJg_4UI1gHGKR3oV8mhn8b7ZKO4PmneFinWEAWR-CGewtW9SJOgXX8WjjDJUnIhNwucQ88xKzJbUKLpFjkQ1tVgTL1TuABbCkq-5WQNHHUh81xDPaiqAFFnY-inZSwYXGH_2adt6bCWGflciQ
204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220908&jk=1409347840512349&bg=!eXqlej7NAAZTikH4c4o7ACkAdvg8Wr3X3YnOZibP2DMrKJx_Q7qPwNkQo3CBljwA6pXhYUQlIsqsMgIAAACVUgAAAAdoAQcKAFSP1xxvgKL8OvxhQgYLPjtgQoMPJ7QtUNugACGbdSkhSjea6WDwefUVwkBx2CxMSOB_EUyJFRRvzq68ismxj_ixyHvUnt3Hi_b7GRRu_NaKQztgRDOZAppSsC762Ri6jdclWjM9dQHbn8g9zOUIWCrNvT4VcK4AXxzGXaJHs-DmZZV1XIzhQ5hErknC7Myjpst4N69js0aW-CIy3UpPAwcmE_TBeH215ldxOwyFSaTyPP9otqbQbb3dxNWM4d3do61uf5_6amCjkEbuYmj6RiWJNBGTsIch7X1lmjcfhmznDCCd-OBpFCP5JNXCUAfP1A53_xa17x7wEPZRvkeAubhIdjUPE59GEEjmXdAsAhUeE08ZfI6MeRN0d2UEV66PYqvanCCugY9TRCQKXQmG_l3oIdmh0KBhcJAE8r3_LuTz9zWisagM9ymfPXYMVBOVx3oa_E3Ma3-aojtP_XopcUfFVY87fI4R4JvLilfurAUfEvI-eDkspdQLbDrStTK0ayeKvQ8QBpVJouqjtyUncaP-buTgeg0U70JyIliy3bTMX2lMWq3lWVMsY_-Ct3-1sKNhkw-JqYIsuVUjHC4O4ewURT8420GL6mtpsd4yrSKH8EoFssBGGWxurz5oZhOwpBAPiMhfhdiQpXU2cO8z26mV9FMymohwSB6us8BNizZI0jvWH3y9RvpVCQwo50k8_wanEzuqrFLhANdpg69isqLObf26QPbkW9GDHQkyBWRhwW1sen6NXmKPck9uFuhHNF88y4YqrfegubOppCPe7jXBEDI4xj_cSEppQaOXCuI5WDCxB9K2urtdHXT2OgZMnRHdjSiVdXk5TLPSaHFAo3rBhyXSWcxJg_4UI1gHGKR3oV8mhn8b7ZKO4PmneFinWEAWR-CGewtW9SJOgXX8WjjDJUnIhNwucQ88xKzJbUKLpFjkQ1tVgTL1TuABbCkq-5WQNHHUh81xDPaiqAFFnY-inZSwYXGH_2adt6bCWGflciQ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220908&jk=1409347840512349&bg=!eXqlej7NAAZTikH4c4o7ACkAdvg8Wr3X3YnOZibP2DMrKJx_Q7qPwNkQo3CBljwA6pXhYUQlIsqsMgIAAACVUgAAAAdoAQcKAFSP1xxvgKL8OvxhQgYLPjtgQoMPJ7QtUNugACGbdSkhSjea6WDwefUVwkBx2CxMSOB_EUyJFRRvzq68ismxj_ixyHvUnt3Hi_b7GRRu_NaKQztgRDOZAppSsC762Ri6jdclWjM9dQHbn8g9zOUIWCrNvT4VcK4AXxzGXaJHs-DmZZV1XIzhQ5hErknC7Myjpst4N69js0aW-CIy3UpPAwcmE_TBeH215ldxOwyFSaTyPP9otqbQbb3dxNWM4d3do61uf5_6amCjkEbuYmj6RiWJNBGTsIch7X1lmjcfhmznDCCd-OBpFCP5JNXCUAfP1A53_xa17x7wEPZRvkeAubhIdjUPE59GEEjmXdAsAhUeE08ZfI6MeRN0d2UEV66PYqvanCCugY9TRCQKXQmG_l3oIdmh0KBhcJAE8r3_LuTz9zWisagM9ymfPXYMVBOVx3oa_E3Ma3-aojtP_XopcUfFVY87fI4R4JvLilfurAUfEvI-eDkspdQLbDrStTK0ayeKvQ8QBpVJouqjtyUncaP-buTgeg0U70JyIliy3bTMX2lMWq3lWVMsY_-Ct3-1sKNhkw-JqYIsuVUjHC4O4ewURT8420GL6mtpsd4yrSKH8EoFssBGGWxurz5oZhOwpBAPiMhfhdiQpXU2cO8z26mV9FMymohwSB6us8BNizZI0jvWH3y9RvpVCQwo50k8_wanEzuqrFLhANdpg69isqLObf26QPbkW9GDHQkyBWRhwW1sen6NXmKPck9uFuhHNF88y4YqrfegubOppCPe7jXBEDI4xj_cSEppQaOXCuI5WDCxB9K2urtdHXT2OgZMnRHdjSiVdXk5TLPSaHFAo3rBhyXSWcxJg_4UI1gHGKR3oV8mhn8b7ZKO4PmneFinWEAWR-CGewtW9SJOgXX8WjjDJUnIhNwucQ88xKzJbUKLpFjkQ1tVgTL1TuABbCkq-5WQNHHUh81xDPaiqAFFnY-inZSwYXGH_2adt6bCWGflciQ HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 13 Sep 2022 03:53:48 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/identify.js
200 OK 0 B URL HTTP/2 analytics.tiktok.com/i18n/pixel/identify.js
IP
ASN #20940 Akamai International B.V.
GET /i18n/pixel/identify.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2022091303534597704FB73513D59490F9
x-tt-trace-host: 014c3d3a48b720cad047ee4725ef00c61e281f96f689f674bb5ab57408d3ddad95c9a1d5d4792f6620de50cb86f861262a280d7f79477faf7c9f9e5460f80d9155406fae693b8551c9196d462f7b127cbab7a446ee54d67aacbd68a5cd197926f5
content-encoding: gzip
x-origin-response-time: 7,23.217.116.149
x-akamai-request-id: 11a440c6.767c7add
expires: Tue, 13 Sep 2022 03:53:45 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 13 Sep 2022 03:53:45 GMT
x-cache: TCP_MISS from a104-84-152-188.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a23-217-116-149.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=7, inner; dur=3
x-parent-response-time: 105,104.84.152.188
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/config.js?sdkid=CA17NQBC77U2Q7VANHJ0&hostname=hareksaman999.com
200 OK 0 B URL HTTP/2 analytics.tiktok.com/i18n/pixel/config.js?sdkid=CA17NQBC77U2Q7VANHJ0&hostname=hareksaman999.com
IP
ASN #20940 Akamai International B.V.
GET /i18n/pixel/config.js?sdkid=CA17NQBC77U2Q7VANHJ0&hostname=hareksaman999.com HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20220913035345F44228BB6172269E623B
x-tt-trace-host: 014c3d3a48b720cad047ee4725ef00c61e281f96f689f674bb5ab57408d3ddad95cca75ae9e2ae9b2b3e13f59294bb25e3dd49634afc77a86395296bc086a5226c21590bde7e8f2ecdd35d6021dc6148eb999e1e45031e260cd0bfc1bf2403d6db
content-encoding: gzip
x-origin-response-time: 7,23.220.107.13
x-akamai-request-id: 17e36558.767c7ae1
expires: Tue, 13 Sep 2022 03:53:45 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 13 Sep 2022 03:53:45 GMT
x-cache: TCP_MISS from a104-84-152-188.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
vary: Accept-Encoding
set-cookie: _ttp=2EhI7xqb7HnF6CRRE5frPG2uI8N; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-220-107-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=98, origin; dur=7, inner; dur=5
x-parent-response-time: 105,104.84.152.188
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/plugins/woocommerce-products-filter/js/front.js?ver=1.2.9.2
200 OK 0 B URL HTTP/2 hareksaman999.com/wp-content/plugins/woocommerce-products-filter/js/front.js?ver=1.2.9.2
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce-products-filter/js/front.js?ver=1.2.9.2 HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: application/javascript
last-modified: Fri, 15 Jul 2022 02:57:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12412
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.1
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.1
IP
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Sep 2022 03:53:43 GMT
date: Tue, 13 Sep 2022 03:53:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hareksaman999.com/wp-content/uploads/2022/05/cropped-Shopping-Bag-Online-Market-Logo-200-%C3%97-40-px-1.png
200 OK 0 B URL HTTP/2 hareksaman999.com/wp-content/uploads/2022/05/cropped-Shopping-Bag-Online-Market-Logo-200-%C3%97-40-px-1.png
IP
GET /wp-content/uploads/2022/05/cropped-Shopping-Bag-Online-Market-Logo-200-%C3%97-40-px-1.png HTTP/1.1
Host: hareksaman999.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hareksaman999.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 03:53:43 GMT
content-type: image/png
last-modified: Fri, 13 May 2022 19:42:50 GMT
accept-ranges: bytes
content-length: 4358
date: Tue, 13 Sep 2022 03:53:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
66.29.132.23
104.84.152.192
104.21.63.54
93.184.220.29
23.33.119.27