r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2629
Expires: Thu, 06 Oct 2022 22:27:54 GMT
Date: Thu, 06 Oct 2022 21:44:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
54.230.111.118200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.118:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: B6TBZ7HswM9skNzJli0iIT4gzaMutsYJB2gIN-0PyEXSVq2RTlH6YA==
Age: 107807
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4ab7d8709d334de0e46dcb86aabfbff1
f221138a8ad9d0bfa3c054370dcdb363a67dc310
b91d37f606eaf448b9c7dfc05566a11de004ce44503409e1a776288ee2622805
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B91D37F606EAF448B9C7DFC05566A11DE004CE44503409E1A776288EE2622805"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9969
Expires: Fri, 07 Oct 2022 00:30:14 GMT
Date: Thu, 06 Oct 2022 21:44:05 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: dLbeNqcFst21ydFyeAJyB2eHS/8bs7+v4FO0HNm5IA6fvGSNGahA5MXjeFUiWw8kKRBWHIX/xOI=
x-amz-request-id: YJPF35N9VHF41VQV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 06 Oct 2022 20:58:53 GMT
age: 2712
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
jovesac.com/121-2/
108.167.165.249301 Moved Permanently 0 B IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /121-2/ HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 21:44:05 GMT
Server: Apache
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://jovesac.com/121-2/
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:44:05 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.118200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.118:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 06 Oct 2022 21:01:58 GMT
Expires: Thu, 06 Oct 2022 21:07:51 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: OJc-gwqliDodvZvfmnSRu3-Aev67_mgTo8uMR0_pse52gxeB3QcD6w==
Age: 2527
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 56d630b6407157564f99dd2b60379f88
9fd76aae82c7244e72815ae5de2efcd9cb9a32e8
c3eea0ec96e2128776379d3d2270d64db0e7fcd341ecb480846e2d163685f322
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C3EEA0EC96E2128776379D3D2270D64DB0E7FCD341ECB480846E2D163685F322"
Last-Modified: Tue, 04 Oct 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 07 Oct 2022 03:44:05 GMT
Date: Thu, 06 Oct 2022 21:44:05 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8be5570b9a5ca76c580da007a824b029
38840f2ac6476bdd5608121c5653e338c7ad9715
0b94e05080ef85432b1815eb3c6c7594c9613cfde1b51eeabee46d0d9fde64b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5559
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:44:06 GMT
Last-Modified: Thu, 06 Oct 2022 20:11:27 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.216.192.228101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.192.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qaXlo7CQFQvBpojhQuv2lA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lj/PQ2mdegEl0tN/i6Qk6uQ/V/Y=
jovesac.com/121-2/
108.167.165.249200 OK 15 kB IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8159), with CRLF, LF line terminators
Hash bcfdf568b123e1cba53aa32fbaba718b
26e342b844e94e5722b10c85510f2a5f63fd0342
abe5c2c1f4e799fc4526737fcd8739a00ea40eddf56de3ad4dad5baab466aeec
Analyzer Verdict Alert fortinet Malware
GET /121-2/ HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
link: <https://jovesac.com/wp-json/>; rel="https://api.w.org/", <https://jovesac.com/wp-json/wp/v2/pages/121>; rel="alternate"; type="application/json", <https://jovesac.com/?p=121>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
content-length: 14808
content-type: text/html; charset=UTF-8
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:44:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jovesac.com/wp-content/themes/dt-the7/lib/custom-scrollbar/custom-scrollbar.min.css?ver=9.10.0
108.167.165.249200 OK 1.9 kB URL HTTP/2 jovesac.com/wp-content/themes/dt-the7/lib/custom-scrollbar/custom-scrollbar.min.css?ver=9.10.0
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9923), with no line terminators
Hash b8bf5e3b5cd3bc9a2cf21371dee03212
c299981b4423a610eec2ed419dc61dd53599af07
1ab5eacb0a1cd631a8724b5b9345980c55511104ce30caf999bc574cdceac65f
GET /wp-content/themes/dt-the7/lib/custom-scrollbar/custom-scrollbar.min.css?ver=9.10.0 HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 May 2021 20:56:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1890
content-type: text/css
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
X-Firefox-Spdy: h2
jovesac.com/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=6.0.2
108.167.165.249200 OK 4.6 kB URL HTTP/2 jovesac.com/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=6.0.2
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (27639), with no line terminators
Hash a74d8a9e6361e6170342143743d34e52
033d08f24f8768a1d7cd92ba1d049a011bb585eb
c55a939cb1bad24f59b12c0533db6a87fecaede91efe8d6e285ae44dbb7990d5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=6.0.2 HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Jun 2021 20:58:29 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4644
content-type: text/css
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Signika+Negative:400,600,700,700normal%7CSignika:400,400normal,500,600,700%7CRoboto:400,500,600,700%7COpen+Sans:400,600,700
142.250.74.10200 OK 1.6 kB URL HTTP/2 fonts.googleapis.com/css?family=Signika+Negative:400,600,700,700normal%7CSignika:400,400normal,500,600,700%7CRoboto:400,500,600,700%7COpen+Sans:400,600,700
IP 142.250.74.10:0
Hash 0c98a16c6ead31561e167789759c8d95
d6e50f1cf26ceda67b9dedc3f3d5a5a3a009cce2
504d50324a39f9c7e69c8453f4a82cc4368963313fc3a3b7f3bf1fecae2439a6
GET /css?family=Signika+Negative:400,600,700,700normal%7CSignika:400,400normal,500,600,700%7CRoboto:400,500,600,700%7COpen+Sans:400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 06 Oct 2022 21:44:06 GMT
date: Thu, 06 Oct 2022 21:44:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jovesac.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
108.167.165.249200 OK 17 kB URL HTTP/2 jovesac.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (43771)
Hash 2a67a4888baa44de739f3fe56203ce07
da175eae57f26b655747d79f055477e3fee1abb9
3a4d7627476a0099ca4bcc101685f27de04cb49dd66ef842d72c6cda270599dd
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Jul 2022 21:14:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 16594
content-type: text/css
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
X-Firefox-Spdy: h2
jovesac.com/wp-content/plugins/dt-the7-core/assets/css/post-type.min.css?ver=2.5.5.2
108.167.165.249200 OK 10 kB URL HTTP/2 jovesac.com/wp-content/plugins/dt-the7-core/assets/css/post-type.min.css?ver=2.5.5.2
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (43211)
Hash 4a3cd7782fce5f4dcfced61bfc8aeb8e
ef1c63842bf06d171ed954499459873ccbe41e2a
e7066bb18695bec461c60ad617c742a89f363588787cf1493f1a1636bd66b49f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/dt-the7-core/assets/css/post-type.min.css?ver=2.5.5.2 HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Mar 2021 10:18:18 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9994
content-type: text/css
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
X-Firefox-Spdy: h2
jovesac.com/wp-content/themes/dt-the7/fonts/icomoon-the7-font/icomoon-the7-font.min.css?ver=9.10.0
108.167.165.249200 OK 3.0 kB URL HTTP/2 jovesac.com/wp-content/themes/dt-the7/fonts/icomoon-the7-font/icomoon-the7-font.min.css?ver=9.10.0
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (20017), with no line terminators
Hash 2fc741cbb4171230b41324be7990f017
9a6acd39eac287ac8db0f9aa5ff190b41bb7ea5c
6a981dd7d242280e6597cca1182e462a1170c3757ba5d1186120ff2f074da453
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dt-the7/fonts/icomoon-the7-font/icomoon-the7-font.min.css?ver=9.10.0 HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 May 2021 20:56:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2989
content-type: text/css
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
X-Firefox-Spdy: h2
jovesac.com/wp-content/themes/dt-the7/css/wpbakery.min.css?ver=9.10.0
108.167.165.249200 OK 5.2 kB URL HTTP/2 jovesac.com/wp-content/themes/dt-the7/css/wpbakery.min.css?ver=9.10.0
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (25435)
Hash 7d37e2a31be9679236148e948973c285
f5978817e74fabf30ef017b77c30d81e019c1c1d
316f35c1bad2dc61c7f909325faa40ac76eaa90e84b3461a59bccb014a7aad8b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dt-the7/css/wpbakery.min.css?ver=9.10.0 HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 May 2021 20:56:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5235
content-type: text/css
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
X-Firefox-Spdy: h2
jovesac.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.5
108.167.165.249200 OK 17 kB URL HTTP/2 jovesac.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.5
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash 5b0ccebb7e4b4e95064494b9f01d0dfd
fab4ac0f9ab41d9eafae0ca5b04a03db8c03d7e1
2a0f020bf9756c4bec3fc9d0527902ba81c2d1bf43673787425592dfcbdbc287
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.5 HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 18 Mar 2021 12:52:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 17424
content-type: text/css
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
X-Firefox-Spdy: h2
jovesac.com/wp-content/uploads/2021/08/logo.jpg
108.167.165.249200 OK 21 kB URL HTTP/2 jovesac.com/wp-content/uploads/2021/08/logo.jpg
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2021:08:26 16:42:19], progressive, precision 8, 150x133, components 3\012- data
Hash eb8a9bf0be91b7cb43514271af5c83c0
8709930d7f0c7a66eca240a55c684015fd0356e9
02f9ebc2fe8780fde2d7fde10b3079f56e70664b8377857b8a6f104e82183e19
GET /wp-content/uploads/2021/08/logo.jpg HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 26 Aug 2021 21:42:52 GMT
accept-ranges: bytes
content-length: 20882
content-type: image/jpeg
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
X-Firefox-Spdy: h2
jovesac.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
108.167.165.249200 OK 4.6 kB URL HTTP/2 jovesac.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4618
content-type: application/javascript
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
X-Firefox-Spdy: h2
jovesac.com/wp-content/themes/dt-the7/lib/jquery-mousewheel/jquery-mousewheel.min.js?ver=9.10.0
108.167.165.249200 OK 1.2 kB URL HTTP/2 jovesac.com/wp-content/themes/dt-the7/lib/jquery-mousewheel/jquery-mousewheel.min.js?ver=9.10.0
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2615), with no line terminators
Hash 0f0349169b9a4eed9710ad6d028d237a
ad30ec47a271acb90870b55476d864ee72b3c00c
f60d6fcc305a9c5afffcf0acf7ec0a68e7147097497640931c2450dee1936322
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dt-the7/lib/jquery-mousewheel/jquery-mousewheel.min.js?ver=9.10.0 HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 May 2021 20:56:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1185
content-type: application/javascript
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
X-Firefox-Spdy: h2
jovesac.com/wp-content/uploads/the7-css/post-type-dynamic.css?ver=a9e7f2d401ee
108.167.165.249200 OK 1.9 kB URL HTTP/2 jovesac.com/wp-content/uploads/the7-css/post-type-dynamic.css?ver=a9e7f2d401ee
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 477da9fabff343ee58c7db0eec714a59
8db3750d259a8c2b8283596a2072b259abadcdd6
08a2ec100cd8b118af6f970274beefaf88c4bdf2ceece0d6b9bbf620e932c6a3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/the7-css/post-type-dynamic.css?ver=a9e7f2d401ee HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 21:47:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1862
content-type: text/css
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
X-Firefox-Spdy: h2
jovesac.com/wp-content/themes/dt-the7/js/above-the-fold.min.js?ver=9.10.0
108.167.165.249200 OK 3.8 kB URL HTTP/2 jovesac.com/wp-content/themes/dt-the7/js/above-the-fold.min.js?ver=9.10.0
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (8549), with no line terminators
Hash 7a922280148328443175f46aa4e2a654
7a45643b32f6d0430f997a968cf1ad18049a347b
8b39b3c2168eb8e39107e5e049b14dc04ed6fe2020dadef3dc277d842174c496
GET /wp-content/themes/dt-the7/js/above-the-fold.min.js?ver=9.10.0 HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 May 2021 20:56:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3814
content-type: application/javascript
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
X-Firefox-Spdy: h2
jovesac.com/wp-content/themes/dt-the7/style.css?ver=9.10.0
108.167.165.249200 OK 829 B URL HTTP/2 jovesac.com/wp-content/themes/dt-the7/style.css?ver=9.10.0
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (521)
Hash 77ac2525cabf13bb2151e4c6e33c575d
7c54d2ae319ffa1e3bd1b695f05343c7cdae16da
8486ba366d1beb6798d4491e5df4896647548d6dc8f5bd7ea8510cc5fb7d5008
GET /wp-content/themes/dt-the7/style.css?ver=9.10.0 HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 May 2021 20:56:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 829
content-type: text/css
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
X-Firefox-Spdy: h2
jovesac.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
108.167.165.249409 Conflict 83 B URL HTTP/2 jovesac.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
jovesac.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
108.167.165.249409 Conflict 83 B URL HTTP/2 jovesac.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
jovesac.com/wp-content/uploads/the7-css/the7-elements-albums-portfolio.css?ver=a9e7f2d401ee
108.167.165.249200 OK 4.3 kB URL HTTP/2 jovesac.com/wp-content/uploads/the7-css/the7-elements-albums-portfolio.css?ver=a9e7f2d401ee
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 54be0f7ba04808ad640a9083311bb4c9
910c821e20179be1ddf2a3a892fa9fef88428d99
4fd339d8296edc0b2c97a45bdc4b6c7abc237df77fadca9e20b913001e5c4cad
GET /wp-content/uploads/the7-css/the7-elements-albums-portfolio.css?ver=a9e7f2d401ee HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 21:47:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4348
content-type: text/css
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
X-Firefox-Spdy: h2
jovesac.com/wp-content/uploads/the7-css/css-vars.css?ver=a9e7f2d401ee
108.167.165.249200 OK 6.1 kB URL HTTP/2 jovesac.com/wp-content/uploads/the7-css/css-vars.css?ver=a9e7f2d401ee
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 4c43cb04c609c50dc47d0c04b21623f5
155ce59d884a540c686584e54efde8c1e08e6d94
8622dce126fb53998860c393fbb32d89924c86db0aa53297f537a97287fb839b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/the7-css/css-vars.css?ver=a9e7f2d401ee HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 21:47:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6113
content-type: text/css
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
X-Firefox-Spdy: h2
jovesac.com/wp-content/uploads/the7-css/mega-menu.css?ver=a9e7f2d401ee
108.167.165.249200 OK 4.1 kB URL HTTP/2 jovesac.com/wp-content/uploads/the7-css/mega-menu.css?ver=a9e7f2d401ee
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 3b55132f91b836891c38f39f359ebdb1
52d89a389bd7a584c86481c472c4246de934d174
141ca848803cbbd4cf98141ddefea9248a27d12d4ea23bbfb595b3b72844f05c
GET /wp-content/uploads/the7-css/mega-menu.css?ver=a9e7f2d401ee HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 21:47:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4138
content-type: text/css
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
X-Firefox-Spdy: h2
jovesac.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
108.167.165.249200 OK 5.3 kB URL HTTP/2 jovesac.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 24 May 2022 20:59:29 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5321
content-type: application/javascript
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
X-Firefox-Spdy: h2
jovesac.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.6.0
108.167.165.249200 OK 7.3 kB URL HTTP/2 jovesac.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.6.0
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (20418)
Hash f35f578eae44dc7b17224b4e3fc332cd
41b437fabd3305046f56fab0bffab5187d917470
962ac6b8f4f5e43168918bada558291a4b7ad95a92983557dbdda4119a470673
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.6.0 HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 19 Feb 2021 18:38:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7285
content-type: application/javascript
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
X-Firefox-Spdy: h2
jovesac.com/wp-content/plugins/dt-the7-core/assets/js/post-type.min.js?ver=2.5.5.2
108.167.165.249200 OK 9.2 kB URL HTTP/2 jovesac.com/wp-content/plugins/dt-the7-core/assets/js/post-type.min.js?ver=2.5.5.2
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (25739), with no line terminators
Hash df7cb2e5c2cee0f8634411826ddda12d
662c4dda06acd31c05d80c47ef111882faf4fd0f
4f0db0298b366c4e24b541c6280359eb87e40d13d1f1a2e8f6854a8f3b202872
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/dt-the7-core/assets/js/post-type.min.js?ver=2.5.5.2 HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Mar 2021 10:18:18 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9177
content-type: application/javascript
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b80b23ab65e5e6baf29325226bf37292
3ecada5c5b43f629ab3af25d9a2432c05d200588
fdb1f8f0fb91faf0d9019ab81df3a8d1067e7ead9230e0b7d0ccc0bf231bc19d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FDB1F8F0FB91FAF0D9019AB81DF3A8D1067E7EAD9230E0B7D0CCC0BF231BC19D"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21508
Expires: Fri, 07 Oct 2022 03:42:35 GMT
Date: Thu, 06 Oct 2022 21:44:07 GMT
Connection: keep-alive
jovesac.com/wp-content/uploads/the7-css/media.css?ver=a9e7f2d401ee
108.167.165.249200 OK 16 kB URL HTTP/2 jovesac.com/wp-content/uploads/the7-css/media.css?ver=a9e7f2d401ee
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash ada4b86df47d0fc520c7c7cb15975506
2ee257bdf4e46da223274af86ceb9a9e2f009a8d
955ad7d4a06c979194899a869278cc371e6043a2ef26e5c4836ff3cde24e7374
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/the7-css/media.css?ver=a9e7f2d401ee HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 21:47:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 16229
content-type: text/css
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
X-Firefox-Spdy: h2
jovesac.com/wp-content/themes/dt-the7/lib/custom-scrollbar/custom-scrollbar.min.js?ver=9.10.0
108.167.165.249200 OK 16 kB URL HTTP/2 jovesac.com/wp-content/themes/dt-the7/lib/custom-scrollbar/custom-scrollbar.min.js?ver=9.10.0
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (31991)
Hash c9359ec9831c4aecc231ea69f0d4724f
156760a3637528482b6dddc6287e180c30b485db
c37d2ce4c6af3e0c8b68af8a65f4614ddec8d3fa5945f73dce0a832e105d8901
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dt-the7/lib/custom-scrollbar/custom-scrollbar.min.js?ver=9.10.0 HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 May 2021 20:56:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 15645
content-type: application/javascript
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
X-Firefox-Spdy: h2
jovesac.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
108.167.165.249409 Conflict 83 B URL HTTP/2 jovesac.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
piemse.com/assets/ico/piemse.png
108.167.156.122200 OK 3.1 kB URL HTTP/2 piemse.com/assets/ico/piemse.png
IP 108.167.156.122:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash a266890f54dace0c2be28e55403256e9
5d5332e13f92285e7426357d69aad8a34557da5b
e146560a7f5e8ea1b3fa8eb3efa580419f2e43d2b05a243952d514990204445e
GET /assets/ico/piemse.png HTTP/1.1
Host: piemse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Sat, 29 Aug 2020 17:44:04 GMT
accept-ranges: bytes
content-length: 3126
content-type: image/png
date: Thu, 06 Oct 2022 21:44:07 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:44:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:44:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:44:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/signika/v20/vEFR2_JTCgwQ5ejvG1EmBg.woff2
216.58.207.195200 OK 40 kB URL HTTP/2 fonts.gstatic.com/s/signika/v20/vEFR2_JTCgwQ5ejvG1EmBg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 39776, version 1.0\012- data
Hash 4f71bc01b8741decea03ed8f778e82ba
32d83a7d5d23603f7e2e95480ce01bd45fe8602f
e36ecb4b8f63375fe634496441f39c6165c5504f3d4dbe8ae47caae8d7730e38
GET /s/signika/v20/vEFR2_JTCgwQ5ejvG1EmBg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jovesac.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 39776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 00:14:13 GMT
expires: Thu, 05 Oct 2023 00:14:13 GMT
cache-control: public, max-age=31536000
age: 163794
last-modified: Tue, 23 Aug 2022 18:45:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/signikanegative/v20/E218_cfngu7HiRpPX3ZpNE4kY5zKYvWhrw.woff2
216.58.207.195200 OK 39 kB URL HTTP/2 fonts.gstatic.com/s/signikanegative/v20/E218_cfngu7HiRpPX3ZpNE4kY5zKYvWhrw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 38776, version 1.0\012- data
Hash 3d3dedfe137cee6899eec1a688c461c8
3d12c391be6160409ca828c56aee18971359d3f2
9f0319ab67fbd776500a395e9a4ffe65213a6e018187a2df3be8daa1c7598c32
GET /s/signikanegative/v20/E218_cfngu7HiRpPX3ZpNE4kY5zKYvWhrw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jovesac.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 38776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 00:11:17 GMT
expires: Thu, 05 Oct 2023 00:11:17 GMT
cache-control: public, max-age=31536000
age: 163970
last-modified: Tue, 23 Aug 2022 18:16:17 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jovesac.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
108.167.165.249409 Conflict 83 B URL HTTP/2 jovesac.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Thu, 06 Oct 2022 21:44:07 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:44:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jovesac.com/wp-content/themes/dt-the7/fonts/icomoon-the7-font/icomoon-the7-font.ttf?wi57p5
108.167.165.249200 OK 48 kB URL HTTP/2 jovesac.com/wp-content/themes/dt-the7/fonts/icomoon-the7-font/icomoon-the7-font.ttf?wi57p5
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, the7-default-font\012- data
Hash 71f9dfd69c5a3adbbb31a994bffb7b36
97fbd02448d6db534ddfe4bcdc3df7ec5d92af9a
e0394e418d7858c3f9fabb6897f4e9364cf86a23a809127690f467ad111f190d
GET /wp-content/themes/dt-the7/fonts/icomoon-the7-font/icomoon-the7-font.ttf?wi57p5 HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/wp-content/themes/dt-the7/fonts/icomoon-the7-font/icomoon-the7-font.min.css?ver=9.10.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 May 2021 20:56:54 GMT
accept-ranges: bytes
content-length: 48020
content-type: font/ttf
date: Thu, 06 Oct 2022 21:44:07 GMT
server: Apache
X-Firefox-Spdy: h2
jovesac.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
108.167.165.249409 Conflict 83 B URL HTTP/2 jovesac.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Thu, 06 Oct 2022 21:44:07 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6487
Expires: Thu, 06 Oct 2022 23:32:14 GMT
Date: Thu, 06 Oct 2022 21:44:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6487
Expires: Thu, 06 Oct 2022 23:32:14 GMT
Date: Thu, 06 Oct 2022 21:44:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6487
Expires: Thu, 06 Oct 2022 23:32:14 GMT
Date: Thu, 06 Oct 2022 21:44:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6487
Expires: Thu, 06 Oct 2022 23:32:14 GMT
Date: Thu, 06 Oct 2022 21:44:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6487
Expires: Thu, 06 Oct 2022 23:32:14 GMT
Date: Thu, 06 Oct 2022 21:44:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 488ec5b4267ccb1cdc4e6e08556f7f3b
42dd7ec0c606dbd3ccc0074f61d3b4b12f2e3c88
d9b05fe92962a58b9a8e8dbd4757969aa361be12018107ae649ffcdb8a0f8d84
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3430
x-amzn-requestid: 9b3b52d6-08b4-4893-962b-3dfe67e2f11d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjTijF0vIAMFq3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dffa9-0a128734418b6c4d6375e2ac;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 22:05:29 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: G0mKHnEonkmY4EDpNGAbg_DF37oxElJt58Lv6IJ4ro-hiG61wEAqVQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 09:57:45 GMT
age: 42382
etag: "42dd7ec0c606dbd3ccc0074f61d3b4b12f2e3c88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e238ccaa3b9fa88476a8514855e8232f
447cbf348ef10d0136a1811e843c46937defbba1
43dce3c1eb388dfaddca4176acb6eb32f76fc4c03fca18e7a315c9ddb43d2b02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7270
x-amzn-requestid: e5d0bb7a-b9d5-49b1-b51c-8db019da641f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQOGEQloAMFjgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfa5a-519d91fb0b83920960da479d;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:42:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: l1HGT5ycH36vVojsOPFptRSU1YJFvLbBsgiWJqzRlRIGgm2o5vf6jg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:58:56 GMT
etag: "447cbf348ef10d0136a1811e843c46937defbba1"
content-type: image/jpeg
age: 85511
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70ea26af79226e9ff06d6198e2c019dc
ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57
f9393e7b8cbaedc8e1ef87fd89c617cf102f58813d84d866ff68e3124f94d44c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9044
x-amzn-requestid: 127bce04-9f75-4bb1-bbe7-33bf1694d96c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZdZPmHG5oAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ba263-3896085b3b73ff5403237206;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 03:02:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: E4yZTPRLFdK717YfwjOIFOJDi0wYpyA736dQELeM5iPLvGDXBosEWg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 05:04:17 GMT
age: 59990
etag: "ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2277f8f2d93b4bc3b05d348343177892
531d9e4ec9078cd2d7376a19fcb287084af36c82
62907648de4a2ed390232a71ab7dce49f1e9c3363cde6a2f30ecae10ab67f93a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11080
x-amzn-requestid: 8fa4d19d-87a5-46c5-96c5-4aec793daad9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO7xE5eoAMFQLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df84b-5c422c7a168c014f57559037;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:34:03 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: LySueW1si-yWLwecUILV1s57IEV2FdcQ9_pH1Aoe4AYISi7QXXfd3A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:39:29 GMT
age: 278
etag: "531d9e4ec9078cd2d7376a19fcb287084af36c82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e520f87cae411cfc2ed1c8a14184385
69ad212cb7ae309d4f02019552887135bfae67da
723b10bfbcde201b5811e3bd0560f02f90775e4d18b28d19e6c814899f2da71a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7511
x-amzn-requestid: 995b51dd-5484-4b4c-ad40-550f7fd85930
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uG70IAMFjBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-70f17f6f24dce0003d03902a;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 3lKuGlFCBN2wEsp9-Oa3ysQg62py090H30jy6_bR02Ufs0KGPrVC4w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:37:08 GMT
age: 419
etag: "69ad212cb7ae309d4f02019552887135bfae67da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dbba56f647bf5989ca51863632bbebfc
26694f34166345ee5693653e0101db6b910e68ba
ec5cc38f2a77e8e655aeeb7a376cf882ccb7163e4ef9d1ce4633ab4754e48765
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4140
x-amzn-requestid: f3cb33c4-26b6-4fd8-9293-dfb42be34600
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjOZiEZ4IAMFvLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df770-424459547db8b3d721d75e54;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:30:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: q70sezhl0h-lASzUDh5_WQ6KraRa3fWYl_tO0iuE0CpbJ5GeiihgMw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:36:30 GMT
age: 457
etag: "26694f34166345ee5693653e0101db6b910e68ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
jovesac.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.4
108.167.165.249200 OK 0 B URL HTTP/2 jovesac.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.4
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.4 HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 19 Jan 2021 16:05:34 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
X-Firefox-Spdy: h2
jovesac.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.6.0
108.167.165.249200 OK 0 B URL HTTP/2 jovesac.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.6.0
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.6.0 HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 19 Feb 2021 18:38:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
X-Firefox-Spdy: h2
jovesac.com/wp-content/uploads/the7-css/custom.css?ver=a9e7f2d401ee
108.167.165.249200 OK 0 B URL HTTP/2 jovesac.com/wp-content/uploads/the7-css/custom.css?ver=a9e7f2d401ee
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/uploads/the7-css/custom.css?ver=a9e7f2d401ee HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 21:47:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
X-Firefox-Spdy: h2
jovesac.com/wp-content/themes/dt-the7/js/main.min.js?ver=9.10.0
108.167.165.249200 OK 0 B URL HTTP/2 jovesac.com/wp-content/themes/dt-the7/js/main.min.js?ver=9.10.0
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dt-the7/js/main.min.js?ver=9.10.0 HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 May 2021 20:56:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
X-Firefox-Spdy: h2
jovesac.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
108.167.165.249200 OK 0 B URL HTTP/2 jovesac.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Jul 2021 21:01:45 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
X-Firefox-Spdy: h2
jovesac.com/wp-content/themes/dt-the7/css/main.min.css?ver=9.10.0
108.167.165.249200 OK 0 B URL HTTP/2 jovesac.com/wp-content/themes/dt-the7/css/main.min.css?ver=9.10.0
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dt-the7/css/main.min.css?ver=9.10.0 HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 May 2021 20:56:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
X-Firefox-Spdy: h2
jovesac.com/wp-content/uploads/2022/08/WhatsApp-Image-2022-08-03-at-9.28.39-AM-1024x574.jpeg
108.167.165.249200 OK 0 B URL HTTP/2 jovesac.com/wp-content/uploads/2022/08/WhatsApp-Image-2022-08-03-at-9.28.39-AM-1024x574.jpeg
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/08/WhatsApp-Image-2022-08-03-at-9.28.39-AM-1024x574.jpeg HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 03 Aug 2022 14:32:53 GMT
accept-ranges: bytes
content-length: 84451
content-type: image/jpeg
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
X-Firefox-Spdy: h2
jovesac.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.5
108.167.165.249200 OK 0 B URL HTTP/2 jovesac.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.5
IP 108.167.165.249:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.5 HTTP/1.1
Host: jovesac.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jovesac.com/121-2/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 18 Mar 2021 22:54:00 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 06 Oct 2022 21:44:06 GMT
server: Apache
X-Firefox-Spdy: h2