firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 20 Sep 2022 19:13:14 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9F4fUVm0A1wQG7JbElqvh8tmHTb5O3kfpjRg5NmNKiMMRZzgq9f7aQ==
Age: 3156
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2568
Expires: Tue, 20 Sep 2022 20:48:38 GMT
Date: Tue, 20 Sep 2022 20:05:50 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wytoLziVrvXjvhW0hIRdnnksKden3bhIYmwIm0KZnXO6xH3lY_2DpQ==
age: 55837
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:05:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 20 Sep 2022 20:03:22 GMT
Expires: Tue, 20 Sep 2022 20:31:23 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pvbdDsEUDVeWpLEs96GQ08UFEd-5JonkeT8xvxDaaALsVO2luVTeqQ==
Age: 149
nextgearmedia.nl/
85.17.8.228301 Moved Permanently 233 B IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a557a98f8c207640333bdedf9df2c45f
60844b87e8ffee1159aa86ed65601a051b80153c
823a8c2ce3006ca807d99b6fe1e86cf1a70cb452cc1506e9268a5ea12595a058
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 20 Sep 2022 20:05:51 GMT
Server: Apache/2
Location: https://nextgearmedia.nl/
Content-Length: 233
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash edf07cd621f733b0eb50c632387ebf4f
61a082d26501c2c8d481b1676d0de2e585269613
e5c4324e4c55824b86f48bf0b9a1d317a82e7d3c19bdea7a91d78ce98d68a980
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2961
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:05:51 GMT
Last-Modified: Tue, 20 Sep 2022 19:16:30 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e964e9c57fe8a934e120c1bad3fdd04a
20fe28b54a186b4919ccea14fb59996d020354dc
c85a7302ee55952a33b9e6a6a3e5a4d1d30a00f56d360d460c404999f3c36658
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C85A7302EE55952A33B9E6A6A3E5A4D1D30A00F56D360D460C404999F3C36658"
Last-Modified: Tue, 20 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21499
Expires: Wed, 21 Sep 2022 02:04:10 GMT
Date: Tue, 20 Sep 2022 20:05:51 GMT
Connection: keep-alive
push.services.mozilla.com/
52.42.74.230101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.74.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: plTXuf0ym3SCKVC2EDVcmw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: c30yrc5K8ixu1YwexFyXdhvTZHA=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5432
Expires: Tue, 20 Sep 2022 21:36:25 GMT
Date: Tue, 20 Sep 2022 20:05:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5432
Expires: Tue, 20 Sep 2022 21:36:25 GMT
Date: Tue, 20 Sep 2022 20:05:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5432
Expires: Tue, 20 Sep 2022 21:36:25 GMT
Date: Tue, 20 Sep 2022 20:05:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5432
Expires: Tue, 20 Sep 2022 21:36:25 GMT
Date: Tue, 20 Sep 2022 20:05:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c283017ec789693602177a2785177e21
ff8286c4d2cf87a1865d56d082bc5235dba60ad7
520db2567ad5529d35d2ac63b94d4186848382e9c86d0c4355ab979b34f0e0ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11145
x-amzn-requestid: dcb726a6-2f43-4170-a53c-4f0d2883309e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yuh7yHfHIAMFu4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e37e-11bf06e96123e01c11854cbb;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:47:42 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oJyChyEdTbGx6oQCRy6IVMS8qU22LupFYn6FOii3p4BUVFyKnssQ7Q==
via: 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:05:54 GMT
age: 79199
etag: "ff8286c4d2cf87a1865d56d082bc5235dba60ad7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a7d863845e96c5927e812f325c08c16
b8484fb5443344b03e52dd56b1d6c5682eb6221a
fcb382029332a44deaf212298b618074a752d674d0c735a1b8b861ab4bb6ff0f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9865
x-amzn-requestid: 7eeeff5b-cb13-4060-96a6-bf5a4be57331
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugokGQVoAMFXmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e169-4211dbbe1a22d0255a45aff0;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2kU9PLuzusMR04mNUdwbU6-120ESVhYJtNaIixERO68Vo9jEfP3JWg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:04:47 GMT
age: 79266
etag: "b8484fb5443344b03e52dd56b1d6c5682eb6221a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3e70b2859ca89b353682d03f6b46b93
ebd83f29edd95217dfa4f4c7a94eddf34dd58b14
43ad8f8b0a664bbec39e0410c1201498a2d2e36e5bd7d5ece8d65b15230ec50b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10894
x-amzn-requestid: f7aad96e-af80-4db7-8bc1-d1e09a9b37e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeJQGHhOIAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322559a-538534e91448af217c59ab3d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:28:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7aZQzmAvqn2rcHJUQjHo0Dcg8dsrqseey5mNOabfq1b857M4SUMDQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 10:06:02 GMT
age: 35991
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ca0c1a7f205ad07f1cce80b26448873
0e14f5062e40ce94346494ff947bfcf74b5e88c1
ebc960279032671136749823c126ec807334d9eaf2b019abcc63b41bcdbf4a7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9873
x-amzn-requestid: 7171299f-e6e3-40ef-a292-33779346e1ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI-FDIIAMF-xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-31f9413434a6b00e77e7709b;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: evL3aL1ULo6B2a8Rp6iILKCX7F14O9HMSbEqkEY3XHFhmMptE8FaVw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:09:44 GMT
age: 78969
etag: "0e14f5062e40ce94346494ff947bfcf74b5e88c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ed7323b395e757f7766ea0045efdaca
8b91bc3069a3217bc719c27959d578b353b5d9dc
8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gLh2EBTPdXvFtZuYKH1NVZebvnz4Rhs-f_rZPtfJpIWNemEk0upeOQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:09:43 GMT
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
content-type: image/jpeg
age: 78970
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30fbdfee7ec4513a5ff3dfcb7282f816
a852edb64a7220532aa619ab2a440c3a7e11b97a
4adee59f97bea412c6a0a786d0a27e431a497198b9047a75841b0a530803bdfe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9543
x-amzn-requestid: 17be04c9-54f0-4988-82dd-f13911a2a629
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugINHN1IAMF8iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09a-35496b4c21c23dec75257964;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -VBFetQNkmIiWeJtW5IOheaPLdDHM9iKhiGPzVcA3_KQk7Qha5VrXg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:14:25 GMT
age: 78688
etag: "a852edb64a7220532aa619ab2a440c3a7e11b97a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
nextgearmedia.nl/
85.17.8.228200 OK 21 kB IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash a3ab40f18c0d4404b28cb680b83e3972
e9a85b303b1bf0ef09936e6afb17e98e2a68f043
f37e8ec02d309e66b78c3d102e22c97c15801e65a60f22212bf915b44a024cdd
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.4.26
link: <https://nextgearmedia.nl/wp-json/>; rel="https://api.w.org/", <https://nextgearmedia.nl/wp-json/wp/v2/pages/12>; rel="alternate"; type="application/json", <https://nextgearmedia.nl/>; rel=shortlink
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 20819
content-type: text/html; charset=UTF-8
date: Tue, 20 Sep 2022 20:05:51 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/reusable-content-blocks/includes/css/reusablec-block.css?ver=6.0.2
85.17.8.228200 OK 239 B URL HTTP/2 nextgearmedia.nl/wp-content/plugins/reusable-content-blocks/includes/css/reusablec-block.css?ver=6.0.2
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with CRLF line terminators
Hash 40c0a6fa19a00c68e7719c54d6aa3e96
b8726a3237e6c70afc02ebde5b1367a029634b9b
12dd313d0569799aa1399f4246935cf9905ebb4945dd6f3753bc127906047769
GET /wp-content/plugins/reusable-content-blocks/includes/css/reusablec-block.css?ver=6.0.2 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 10 May 2021 11:41:39 GMT
etag: "16e-5c1f842b8a2c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 239
content-type: text/css
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/woocommerce-ajax-filters/berocket/assets/css/font-awesome.min.css?ver=6.0.2
85.17.8.228200 OK 7.0 kB URL HTTP/2 nextgearmedia.nl/wp-content/plugins/woocommerce-ajax-filters/berocket/assets/css/font-awesome.min.css?ver=6.0.2
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (30621), with CRLF line terminators
Hash 59523bade4e5f787229c19470e5c6412
e1ae5d048ab7f21670fb9637a25d378930ef8b55
c6883f4445529ed39078708515057755845b8cee81b5088628591fc82d507ebc
GET /wp-content/plugins/woocommerce-ajax-filters/berocket/assets/css/font-awesome.min.css?ver=6.0.2 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 06 Sep 2022 12:11:09 GMT
etag: "7844-5e8011773ac6c-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7009
content-type: text/css
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.3.2
85.17.8.228200 OK 2.0 kB URL HTTP/2 nextgearmedia.nl/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.3.2
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (10435), with no line terminators
Hash 38b1f483d4bf6b1548990385c8673746
1668edb02c5170be308368292a4c12033d0a42f4
98138d83d7cb12e99802ba034b400a67e0d7b6e378d8bcd1b4d9f4fe44ce1111
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.3.2 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Sep 2022 11:49:46 GMT
etag: "28c3-5e91a6cc77bd9-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1962
content-type: text/css
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
85.17.8.228200 OK 12 kB URL HTTP/2 nextgearmedia.nl/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (43771)
Hash e5548800176e913a9084f47a3e1e04f6
eff4604acc5c26ae82a19188de2f98bf5b79d80c
a2569c768eaca09f2483b971fcebb97badd57c9a16b5ae3e16b8cdcd8c688b07
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 06 Sep 2022 11:56:25 GMT
etag: "15b64-5e800e2c087e3-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 11681
content-type: text/css
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/woocommerce-ajax-filters/assets/frontend/css/fullmain.min.css?ver=1.6.3.1
85.17.8.228200 OK 19 kB URL HTTP/2 nextgearmedia.nl/wp-content/plugins/woocommerce-ajax-filters/assets/frontend/css/fullmain.min.css?ver=1.6.3.1
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (44578), with CRLF line terminators
Hash 55f9df76f9f20d28bf759ce31f3ac686
8aad8044806b0079a9896d99e76cc23d776ef47a
83c065aac36f44f2e736a34385b8246eaeb3fd472b32476b13e8e00aeede1f30
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce-ajax-filters/assets/frontend/css/fullmain.min.css?ver=1.6.3.1 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 06 Sep 2022 12:11:09 GMT
etag: "254ed-5e801176fb4d1-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 18736
content-type: text/css
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/ajax-search-for-woocommerce/build/blocks/search-nav/index.css?ver=6.0.2
85.17.8.228200 OK 205 B URL HTTP/2 nextgearmedia.nl/wp-content/plugins/ajax-search-for-woocommerce/build/blocks/search-nav/index.css?ver=6.0.2
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (1003)
Hash a5823846178a35218c8f1c6479a81c85
ec3b14b92d5a57e132ad228fe4dd597caa848e01
b461beee2082ac3e0114ffaf8ee8c4e3af4c070461f2d6f2e9acda8c5dcdd480
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ajax-search-for-woocommerce/build/blocks/search-nav/index.css?ver=6.0.2 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Sep 2022 11:48:58 GMT
etag: "3ec-5e91a69e8e1a0-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 205
content-type: text/css
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.9.2
85.17.8.228200 OK 2.6 kB URL HTTP/2 nextgearmedia.nl/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.9.2
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (17809), with no line terminators
Hash d45c9e0b4109fd68bc2eaae40d01f61a
f0fd80fcb3e8b7a9d95782d0f0c79ddc19b2fa96
072aa95bd2ad493914030593b84c611b2dfcc39444f726ddab52751f4b4bf926
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.9.2 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Sep 2022 11:49:39 GMT
etag: "4591-5e91a6c500a6b-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2554
content-type: text/css
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/ajax-search-for-woocommerce/build/blocks/search/index.css?ver=6.0.2
85.17.8.228200 OK 157 B URL HTTP/2 nextgearmedia.nl/wp-content/plugins/ajax-search-for-woocommerce/build/blocks/search/index.css?ver=6.0.2
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (812)
Hash 14c195ea5c435f0c4a95ce936c1ecfc5
9bb138f52a41739badda47787c429e9088a12b54
adc4865547ab30f3fafec5c2756988c5886f237b5ff8b33756bc765fd252c485
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ajax-search-for-woocommerce/build/blocks/search/index.css?ver=6.0.2 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Sep 2022 11:48:58 GMT
etag: "32d-5e91a69e900e0-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 157
content-type: text/css
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 61e5226dc3bddf0c0823c3134ebde224
4b35c53e8f91a840a4125b1ff92e99589c007a37
223615fe4754c0953ed65ec85d36d5219904395c8d7d7963670ab6f4c44e22da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5181
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:05:54 GMT
Last-Modified: Tue, 20 Sep 2022 18:39:33 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
nextgearmedia.nl/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.3.2
85.17.8.228200 OK 22 kB URL HTTP/2 nextgearmedia.nl/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.3.2
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash 9706fd6c4fd98d190897f3c107a53d72
906e95cc7656a85f2e3f4f5ac898b8d942017b59
288ec9bae1e7067e86acda75a521a85b46d8976f511e7894c962a58663ff00e3
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.3.2 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Sep 2022 11:49:46 GMT
etag: "33805-5e91a6cc410de-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 22539
content-type: text/css
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.9.2
85.17.8.228200 OK 8.9 kB URL HTTP/2 nextgearmedia.nl/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.9.2
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type Unicode text, UTF-8 text, with very long lines (62753), with no line terminators
Hash 6c8772ecf168559902155fb7bbbb6ff5
437a2c6b53493b57f4dd490368c53070c903be85
afcaf780edbf3bc69ee80db3e8b9420cc1c7a458b270bf7df979f53a21136288
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.9.2 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Sep 2022 11:49:39 GMT
etag: "f523-5e91a6c50d58a-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 8895
content-type: text/css
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/woo-fly-cart/assets/css/fonts.css?ver=6.0.2
85.17.8.228200 OK 682 B URL HTTP/2 nextgearmedia.nl/wp-content/plugins/woo-fly-cart/assets/css/fonts.css?ver=6.0.2
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash faa6ade16b5bc0899c033aa28829ea43
82adcb9df83f9f871f7d36b079b3e583353667cb
f6e569a12e90f5c82a15c3042354c3d483e8f009d0b78c76859c0927ca3180c7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woo-fly-cart/assets/css/fonts.css?ver=6.0.2 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Jun 2021 08:40:40 GMT
etag: "c7e-5c556bea69200-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 682
content-type: text/css
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/woo-phone-input-plugin/css/styles.css?ver=2.0.3
85.17.8.228200 OK 240 B URL HTTP/2 nextgearmedia.nl/wp-content/plugins/woo-phone-input-plugin/css/styles.css?ver=2.0.3
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a1a3d81c0835aa4700bb44fbb7bf5b51
4192261302029071e2e40a128a955ba4b6c23f25
06e24734a26bba382ee7658c4f77946d99417b4bd33644070621357ad8159585
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woo-phone-input-plugin/css/styles.css?ver=2.0.3 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Feb 2022 13:05:36 GMT
etag: "24a-5d8c33cede800-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 240
content-type: text/css
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/woo-fly-cart/assets/hint/hint.min.css?ver=6.0.2
85.17.8.228200 OK 1.5 kB URL HTTP/2 nextgearmedia.nl/wp-content/plugins/woo-fly-cart/assets/hint/hint.min.css?ver=6.0.2
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (9518)
Hash 03cd2f11c1a2786778149df67b63a723
0ba00ef403ad42216585989cfdb5609b4e4ec9f0
5863c2a339ddd6dbe07ce7e02b34087f42b4fe2bd29047c72b73cd9b708180ef
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woo-fly-cart/assets/hint/hint.min.css?ver=6.0.2 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Jun 2021 08:40:40 GMT
etag: "259b-5c556bea69200-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1525
content-type: text/css
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/woo-phone-input-plugin/css/intlTelInput.min.css?ver=2.0.3
85.17.8.228200 OK 3.1 kB URL HTTP/2 nextgearmedia.nl/wp-content/plugins/woo-phone-input-plugin/css/intlTelInput.min.css?ver=2.0.3
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (20756), with no line terminators
Hash bb1343b6addefa6265d19e677ea59a8a
6f24834788c96c8c9c3bbd8bc7f604885c5f3930
43238a6b9c7006be9962f6377b85759b476abf4bfc28f2c60e52ca0bcf074c1b
GET /wp-content/plugins/woo-phone-input-plugin/css/intlTelInput.min.css?ver=2.0.3 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Feb 2022 13:05:35 GMT
etag: "5114-5d8c33cdea5c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3134
content-type: text/css
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/woo-fly-cart/assets/perfect-scrollbar/css/perfect-scrollbar.min.css?ver=6.0.2
85.17.8.228200 OK 607 B URL HTTP/2 nextgearmedia.nl/wp-content/plugins/woo-fly-cart/assets/perfect-scrollbar/css/perfect-scrollbar.min.css?ver=6.0.2
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (4596)
Hash 6f4c1e677962c90a2504984fb9bd1e88
816978638fc745ec6f25e9f16a9691743e7540cb
8fd289dbfbdf9d827bbbfd125c6450f248baa88fd61fc6a7ebd7078363d3e6df
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woo-fly-cart/assets/perfect-scrollbar/css/perfect-scrollbar.min.css?ver=6.0.2 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Jun 2021 08:40:40 GMT
etag: "1215-5c556bea69200-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 607
content-type: text/css
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/ajax-search-for-woocommerce/assets/css/style.min.css?ver=1.20.0
85.17.8.228200 OK 5.8 kB URL HTTP/2 nextgearmedia.nl/wp-content/plugins/ajax-search-for-woocommerce/assets/css/style.min.css?ver=1.20.0
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (33185)
Hash 61d25807c2a7d63196b9a29db1c6e4e1
a49cc3c7bb34fb5a80740c8e3c921bcf545134a1
d0d34fd37f52c1c54bb48f9c1236648e553812c0167330c4b1a8714676c0e89e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ajax-search-for-woocommerce/assets/css/style.min.css?ver=1.20.0 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Sep 2022 11:48:58 GMT
etag: "81a2-5e91a69e44dc7-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5808
content-type: text/css
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 61e5226dc3bddf0c0823c3134ebde224
4b35c53e8f91a840a4125b1ff92e99589c007a37
223615fe4754c0953ed65ec85d36d5219904395c8d7d7963670ab6f4c44e22da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5181
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:05:54 GMT
Last-Modified: Tue, 20 Sep 2022 18:39:33 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
nextgearmedia.nl/wp-content/plugins/woo-fly-cart/assets/perfect-scrollbar/css/custom-theme.css?ver=6.0.2
85.17.8.228200 OK 621 B URL HTTP/2 nextgearmedia.nl/wp-content/plugins/woo-fly-cart/assets/perfect-scrollbar/css/custom-theme.css?ver=6.0.2
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash 6165595afea9574ba0fb26de1be9b7cd
9054ccfee7e8a36ebfc5311e79096b129355148c
b4dbfe92773768ba5ffde4a1acea9bd98df503087176bcb5976818cf09df3db3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woo-fly-cart/assets/perfect-scrollbar/css/custom-theme.css?ver=6.0.2 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Jun 2021 08:40:40 GMT
etag: "fa0-5c556bea69200-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 621
content-type: text/css
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/woo-fly-cart/assets/css/frontend.css?ver=6.0.2
85.17.8.228200 OK 6.8 kB URL HTTP/2 nextgearmedia.nl/wp-content/plugins/woo-fly-cart/assets/css/frontend.css?ver=6.0.2
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (424)
Hash b3e0f54d386c9a7841a92d9aa8f29117
cdd29565b30ee2756627e8d460c372628c2d1351
404065dabd5a69ad77bfb1b89b8e6f9f6e9587511b23a2a2a10ed68151ddc57a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woo-fly-cart/assets/css/frontend.css?ver=6.0.2 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Jun 2021 08:40:40 GMT
etag: "16ebe-5c556bea69200-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6800
content-type: text/css
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.3.3
85.17.8.228200 OK 713 B URL HTTP/2 nextgearmedia.nl/wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.3.3
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (2723), with no line terminators
Hash 7e67979bdd7b91ff88c5113cd3db186e
1ef16fddac63946359c3d47b46d1985c3961ea26
10f99207a897bca4be545b3a4a330907e90e0dc49326c774946393ed4adcd83c
GET /wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.3.3 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Sep 2022 11:48:26 GMT
etag: "aa3-5e91a67fa8203-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 713
content-type: text/css
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.9.2
85.17.8.228200 OK 3.5 kB URL HTTP/2 nextgearmedia.nl/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.9.2
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (9115)
Hash 4eb090d1d9263b041ec90bac1a6e6e8f
0b0a01684ed1e07a41a9f6eb02423738a68f8b12
f621d8d1bdc2c1508699ef2510c1b35122fef1ee7da3ed10fe66a881a6d882b2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.9.2 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Sep 2022 11:49:39 GMT
etag: "2525-5e91a6c5bb2ba-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3499
content-type: application/javascript
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
85.17.8.228200 OK 4.2 kB URL HTTP/2 nextgearmedia.nl/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 06 Sep 2022 11:56:12 GMT
etag: "2bd8-5e800e1fe424f-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4169
content-type: application/javascript
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.9.2
85.17.8.228200 OK 1.1 kB URL HTTP/2 nextgearmedia.nl/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.9.2
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 0d03578b274ddfa19d4be46ff5d4f242
5d5322d264d2219c50b60abcf9625533088afbf2
342455e97f9438a6f336423fa4f6fc6dc59da5d84c23f4d39ebc5425aa9ada27
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.9.2 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Sep 2022 11:49:39 GMT
etag: "bdd-5e91a6c59ce5c-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1086
content-type: application/javascript
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.5.0
85.17.8.228200 OK 374 B URL HTTP/2 nextgearmedia.nl/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.5.0
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash 99f478aea66ce928c3dda9ab3a0dbbb3
29bb3e5ccb81defba6cf1749768f4c57533e261a
44b0fdb4d849dfa85411e2e814e8352a89f04fad8e65924f477368dad133955e
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.5.0 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 20 Jan 2021 10:35:46 GMT
etag: "3e0-5b952848f6480-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 374
content-type: application/javascript
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/woo-phone-input-plugin/js/main.js?ver=2.0.3
85.17.8.228200 OK 462 B URL HTTP/2 nextgearmedia.nl/wp-content/plugins/woo-phone-input-plugin/js/main.js?ver=2.0.3
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash 58c40804d3c9ff21ba276d751a94c585
4b13e6c06708798e65b3fcf44a4d100a117e7d0e
05abb90a51745a50bafee16fd560a2e668d03300358465220470ab09be7aafe1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woo-phone-input-plugin/js/main.js?ver=2.0.3 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Feb 2022 13:05:41 GMT
etag: "403-5d8c33d3a3340-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 462
content-type: application/javascript
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 61e5226dc3bddf0c0823c3134ebde224
4b35c53e8f91a840a4125b1ff92e99589c007a37
223615fe4754c0953ed65ec85d36d5219904395c8d7d7963670ab6f4c44e22da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5181
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:05:54 GMT
Last-Modified: Tue, 20 Sep 2022 18:39:33 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
nextgearmedia.nl/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
85.17.8.228200 OK 31 kB URL HTTP/2 nextgearmedia.nl/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (65447)
Hash 9640915738503451aa21181699feab5b
c053eaf36ef0da96619706b3abda326305063bd6
f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 06 Sep 2022 11:56:13 GMT
etag: "15db1-5e800e2063187-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 30908
content-type: application/javascript
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/woo-phone-input-plugin/js/phone-validate.js?ver=2.0.3
85.17.8.228200 OK 609 B URL HTTP/2 nextgearmedia.nl/wp-content/plugins/woo-phone-input-plugin/js/phone-validate.js?ver=2.0.3
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash 3a563060faa7f5b99d8c21c8856d93b5
371126d2b4bd0735baf9deb0ee93c40d5fb2af0d
7397ecb11be6871cc446419adcd70d936986b7a7daafd682972e662196b2ece7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woo-phone-input-plugin/js/phone-validate.js?ver=2.0.3 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Feb 2022 13:05:41 GMT
etag: "66e-5d8c33d3a3340-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 609
content-type: application/javascript
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/uploads/sterren.svg
85.17.8.228200 OK 286 B URL HTTP/2 nextgearmedia.nl/wp-content/uploads/sterren.svg
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (373), with no line terminators
Hash 80742ec9dc6dcf40b1ffe9c36f815a10
eed63e553b3502de15139364d98d43135e761dbd
5e229dc11ecb5a5586c0d46ed61ffed78b0a4a582ce8215ff8d3c96dbf10b5cf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/sterren.svg HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Feb 2022 09:47:54 GMT
etag: "175-5d8c079e62680-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 286
content-type: image/svg+xml
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/uploads/gratis-sample.svg
85.17.8.228200 OK 395 B URL HTTP/2 nextgearmedia.nl/wp-content/uploads/gratis-sample.svg
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (622), with no line terminators
Hash 1e23e136ef22de2e0b5fd0d37e9934bb
6501b8af55f16ba61945e67234ad2ce86a47230f
0866509189c7797fef8ea3fea7b23b438b88ae09805fa127a5eed3f819dc9ef3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/gratis-sample.svg HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Feb 2022 09:47:15 GMT
etag: "26e-5d8c077930ec0-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 395
content-type: image/svg+xml
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/uploads/cart-icon.svg
85.17.8.228200 OK 454 B URL HTTP/2 nextgearmedia.nl/wp-content/uploads/cart-icon.svg
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (1023), with no line terminators
Hash dd96948d680d1116e3336688c27c75f2
050745f9e188647a34d6fe28de06917517fc5d51
200ad5c92561de0b6966ef0433f680e87da493c7388b348e3ff57971051f09d5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/cart-icon.svg HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 14:48:10 GMT
etag: "3ff-5e078182f3e80-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 454
content-type: image/svg+xml
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:05:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:05:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nextgearmedia.nl/wp-content/uploads/search-icon-mobile.svg
85.17.8.228200 OK 365 B URL HTTP/2 nextgearmedia.nl/wp-content/uploads/search-icon-mobile.svg
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (574), with no line terminators
Hash 12c83cdfc99509920117fe0179b93523
7815105caa05a16a16010d0d145f85f7a42b0cee
929aca76368cd673af12b64111803dd137f1f322eb660c6f1647c5eb7285de7a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/search-icon-mobile.svg HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 03 Jun 2022 14:17:10 GMT
etag: "23e-5e08bc7294580-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 365
content-type: image/svg+xml
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/uploads/gratis-verzending.svg
85.17.8.228200 OK 217 B URL HTTP/2 nextgearmedia.nl/wp-content/uploads/gratis-verzending.svg
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with no line terminators
Hash e8a96b413ffe91f26ba11ffacc1bbf3c
9b71ade2c625c94f02ae788f4e9119f19caa9fab
e23ba33ed5a8b09c896de40ab5abb3a23665bb37e472c87991bbdecd0ab2daf9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/gratis-verzending.svg HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Feb 2022 09:47:29 GMT
etag: "103-5d8c07868ae40-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 217
content-type: image/svg+xml
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/uploads/Next-Gear-Media-logo-witte-woordmerk-en-groene-beeldmerk.svg
85.17.8.228200 OK 3.2 kB URL HTTP/2 nextgearmedia.nl/wp-content/uploads/Next-Gear-Media-logo-witte-woordmerk-en-groene-beeldmerk.svg
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (8236), with no line terminators
Hash 5d72d70f6090fdd6c65009b7fd2707b5
c785dada5bc3c9225db07864aad3c596bd8311cd
d7c1654ddfdb4813d64fc5b152880ee57529ba201b801c11ead845e1c342ccb9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/Next-Gear-Media-logo-witte-woordmerk-en-groene-beeldmerk.svg HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 11:42:05 GMT
etag: "202c-5e0757eb2dd40-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3184
content-type: image/svg+xml
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/uploads/fb_icon.svg
85.17.8.228200 OK 348 B URL HTTP/2 nextgearmedia.nl/wp-content/uploads/fb_icon.svg
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (588), with no line terminators
Hash 4739fa1e23906c68695a26cf395a5eba
ef2d226a49a64b198c101f8c0c8c72ef9f02a6f1
eee9bc0d17e8309b7f90437cf834d8168d86c4d9724f79fdfb5cd9664e8b492a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/fb_icon.svg HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Jun 2021 07:50:04 GMT
etag: "24c-5c55609b0e300-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 348
content-type: image/svg+xml
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/uploads/Audi-Logo-PNG-File.png
85.17.8.228200 OK 14 kB URL HTTP/2 nextgearmedia.nl/wp-content/uploads/Audi-Logo-PNG-File.png
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 302 x 302, 8-bit colormap, non-interlaced\012- data
Hash 889018cf27cf9781491d57bc62ff7330
a5af5774e0e117a9d4125b963ebe4e55177400a0
b86959b5486f7df3aef6366b8e591d642e19f696f92a733d69a51628e3d2a366
GET /wp-content/uploads/Audi-Logo-PNG-File.png HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 03 Jun 2022 11:38:38 GMT
etag: "372a-5e0899033ab80"
accept-ranges: bytes
content-length: 14122
content-type: image/png
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:05:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nextgearmedia.nl/wp-content/uploads/Logo-bmw-vector-transparent-PNG-400x400.png
85.17.8.228200 OK 15 kB URL HTTP/2 nextgearmedia.nl/wp-content/uploads/Logo-bmw-vector-transparent-PNG-400x400.png
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 400 x 400, 8-bit colormap, non-interlaced\012- data
Hash 7afa1e439129ce0ac9c9952f1a98fc55
03eb57aee2d3aa707742ddb08cfc2cb36ef02000
f1bda9cd71e7ebf7aa3fd83fa1d5d9d1ca44c35c10a95c6caf6be2d146496d65
GET /wp-content/uploads/Logo-bmw-vector-transparent-PNG-400x400.png HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 03 Jun 2022 08:05:37 GMT
etag: "3b81-5e08696651640"
accept-ranges: bytes
content-length: 15233
content-type: image/png
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/uploads/mini-8-Transparent-Images.png
85.17.8.228200 OK 24 kB URL HTTP/2 nextgearmedia.nl/wp-content/uploads/mini-8-Transparent-Images.png
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 400 x 400, 8-bit colormap, non-interlaced\012- data
Hash a611934539649a724944e6e0b632be06
6ccd79666a4b2341797ffc2dbdd093d3ed9253b4
1f398265eb14c34437da5694ed343fee384a9a1908fed978bfabcd5b0c6fc25c
GET /wp-content/uploads/mini-8-Transparent-Images.png HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 09 May 2022 12:01:27 GMT
etag: "5bfe-5de92f7c493c0"
accept-ranges: bytes
content-length: 23550
content-type: image/png
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 67b756e82caefc7860b9f2d4a4f40341
adeae15d52089bcca4ca247fc4aebceef8406e34
72ff9f52080a633dc841554f7d4cc70083edd2572b535d84093ae63f0c50b832
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:05:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nextgearmedia.nl/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.9.2
85.17.8.228200 OK 982 B URL HTTP/2 nextgearmedia.nl/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.9.2
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (1668)
Hash e66463f2023b738680c9bdefece69a37
315dc8e6ebdfb18c662851244ee33e2758ad3c83
fd83e7fc6d81aa6f6680ea640e9c086aa1950a17757a582aa74ea9797a70f346
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.9.2 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Sep 2022 11:49:39 GMT
etag: "72a-5e91a6c5be199-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 982
content-type: application/javascript
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/themes/sellaton/style.css?ver=1663704353
85.17.8.228200 OK 54 kB URL HTTP/2 nextgearmedia.nl/wp-content/themes/sellaton/style.css?ver=1663704353
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (430)
Hash bebab9899766ba507296b486f6b38ba1
70eb29a81beceafaa12cd7029b86fdb420944c01
d8bee97d3459490e096da7e22eb3fc5ca1846d03d43e26295ea79d5d1d8add95
GET /wp-content/themes/sellaton/style.css?ver=1663704353 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 12 Sep 2022 11:30:57 GMT
etag: "5f787-5e8793abdd2d4-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 54000
content-type: text/css
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/uploads/ig_icon.svg
85.17.8.228200 OK 387 B URL HTTP/2 nextgearmedia.nl/wp-content/uploads/ig_icon.svg
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (735), with no line terminators
Hash 9af172b0090ca8590fc5b649f62f8af8
08739f6550fea3cf833c53a7c0292c4cc4315eed
567b70865b0715ed7aad8b4483cff7e1e6272bd9e583462d79e53e58292859fa
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/ig_icon.svg HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Jun 2021 07:50:08 GMT
etag: "2df-5c55609edec00-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 387
content-type: image/svg+xml
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/uploads/js_composer/js_composer_front_custom.css?ver=6.5.0
85.17.8.228200 OK 49 kB URL HTTP/2 nextgearmedia.nl/wp-content/uploads/js_composer/js_composer_front_custom.css?ver=6.5.0
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (684), with CRLF line terminators
Hash d86b524601463ee4dd7b75221cf621d0
6597cce89c72c1af10fc0f484822a5a3be38b1d1
46ae77fbab4eeac46da7d5f33fd7da5cc0a52b5e979fd44da7cbb9bb0fb96ab7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/js_composer/js_composer_front_custom.css?ver=6.5.0 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 May 2022 15:04:43 GMT
etag: "8a283-5df4a93c098c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 49383
content-type: text/css
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 61e5226dc3bddf0c0823c3134ebde224
4b35c53e8f91a840a4125b1ff92e99589c007a37
223615fe4754c0953ed65ec85d36d5219904395c8d7d7963670ab6f4c44e22da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5181
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:05:54 GMT
Last-Modified: Tue, 20 Sep 2022 18:39:33 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
nextgearmedia.nl/wp-content/uploads/cropped-Next-Gear-Media-favicon.png
85.17.8.228200 OK 49 kB URL HTTP/2 nextgearmedia.nl/wp-content/uploads/cropped-Next-Gear-Media-favicon.png
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 993b7b55e59a7a4771ba056238876d4b
147b9612783a662d9a1568cfe4677dc91a9842b5
d5648699e2c8ea8c70eae1fd3a21c309c51827f342020dcdd47b4290ee4606ee
GET /wp-content/uploads/cropped-Next-Gear-Media-favicon.png HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 09:55:00 GMT
etag: "be1e-5e073ffbd2500"
accept-ranges: bytes
content-length: 48670
content-type: image/png
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.9.2
85.17.8.228200 OK 1.0 kB URL HTTP/2 nextgearmedia.nl/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.9.2
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (2938), with no line terminators
Hash 45db3d2887c26700a51bf469e3bb3aa1
d070b5fb53d2fbb66964bbfd482270b855d0ee96
1abc0cff49f82d9a063c04cd086b991af6ad00467efc4cb8d8d4e3c9a0f95777
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.9.2 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Sep 2022 11:49:39 GMT
etag: "b7a-5e91a6c59ddfc-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1039
content-type: application/javascript
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-F4DNFRNW09
142.250.74.72200 OK 75 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-F4DNFRNW09
IP 142.250.74.72:0
File type ASCII text, with very long lines (20189)
Hash e006f5fbd03106242e2c90a012f97891
a0364de70b721a7777c8bdab8c446483c607cbce
e64d16006b21337f0f6a402036d4743b1e4cfc66b90af1eb3bffd36ebb06345b
GET /gtag/js?id=G-F4DNFRNW09 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 20 Sep 2022 20:05:54 GMT
expires: Tue, 20 Sep 2022 20:05:54 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75309
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.9.2
85.17.8.228200 OK 794 B URL HTTP/2 nextgearmedia.nl/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.9.2
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (2139), with no line terminators
Hash 29307e8dec33cf3411ca4e1f2c84e9d0
484402289464d7ffb1475827f3438329d520bfc6
a2db59efaa416ef0c9d5d58f142cd5e44c475348cff20a664586fd3cda1b5f5b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.9.2 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Sep 2022 11:49:39 GMT
etag: "85b-5e91a6c599f7d-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 794
content-type: application/javascript
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
142.250.74.74200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (65451)
Hash 81182f4b684635f6bdcbdd907ee66f25
a1f2f151df72ede41397c8131bd47a3ce85575b3
be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 15:53:22 GMT
expires: Wed, 20 Sep 2023 15:53:22 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 15152
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/woo-fly-cart/assets/js/frontend.js?ver=3.0.6
85.17.8.228200 OK 2.7 kB URL HTTP/2 nextgearmedia.nl/wp-content/plugins/woo-fly-cart/assets/js/frontend.js?ver=3.0.6
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with CRLF line terminators
Hash ca49945e75bfd95f904d3f4884a602c6
85c7ea616401433a60842e04b337e92d305b14de
6b3c0739833c86dd42b56703c726a12fc11915429f60c66726e367d9e10c9a43
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woo-fly-cart/assets/js/frontend.js?ver=3.0.6 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Jun 2021 08:40:40 GMT
etag: "31de-5c556bea69200-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2705
content-type: application/javascript
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/js_composer/assets/css/js_composer_tta.min.css?ver=6.5.0
85.17.8.228200 OK 14 kB URL HTTP/2 nextgearmedia.nl/wp-content/plugins/js_composer/assets/css/js_composer_tta.min.css?ver=6.5.0
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (65358)
Hash fd6c30d4223c48ff5435d98f9c21e667
4bff83bafcc5d4f51295a7fc0f452035074d3f27
dc164eb16390b524973875d2b375518b854941d7f91a34124b96f1372f100307
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/css/js_composer_tta.min.css?ver=6.5.0 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 20 Jan 2021 10:35:46 GMT
etag: "431b5-5b952848f6480-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 14467
content-type: text/css
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/woo-fly-cart/assets/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js?ver=3.0.6
85.17.8.228200 OK 6.5 kB URL HTTP/2 nextgearmedia.nl/wp-content/plugins/woo-fly-cart/assets/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js?ver=3.0.6
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (25300)
Hash f80db36391d43b98c8665526555420d2
e6a3fcbb863e8d4d0b0141d666281664d3863194
dd98e7533fc18d58eea5f5d8c63f5df258b2296ee97d18c5329ea0c12814f1fb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woo-fly-cart/assets/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js?ver=3.0.6 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Jun 2021 08:40:40 GMT
etag: "62f4-5c556bea69200-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6506
content-type: application/javascript
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/themes/sellaton/js/skip-link-focus-fix.js?ver=20151215
85.17.8.228200 OK 417 B URL HTTP/2 nextgearmedia.nl/wp-content/themes/sellaton/js/skip-link-focus-fix.js?ver=20151215
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash 73f7704398d8f6be9748d30791950984
3231f3786c364c7665cd7123d8fae0f42bbfd836
c1d9b23aff05fb52e5d6e68aff86d808097185c6dbaac6c3fc3ec6e5bea31ef4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/sellaton/js/skip-link-focus-fix.js?ver=20151215 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 18 Jun 2021 15:07:29 GMT
etag: "2ad-5c50baea64e40-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 417
content-type: application/javascript
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/themes/sellaton/js/navigation.js?ver=20151215
85.17.8.228200 OK 1.1 kB URL HTTP/2 nextgearmedia.nl/wp-content/themes/sellaton/js/navigation.js?ver=20151215
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash 7eec6995203e3994a2714c41a388df66
99c08555971c9962b5ade2806e05ed29d0f00258
040c47ba29f4c8eefa8d359cd715eadc0888aa080ce6187a23b8eb8852bc54b9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/sellaton/js/navigation.js?ver=20151215 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 18 Jun 2021 15:07:28 GMT
etag: "b97-5c50bae970c00-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1094
content-type: application/javascript
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6LfqRdkhAAAAAPPOtcXWpt8bR6LKpx4171zwfrXD&ver=3.0
142.250.74.164200 OK 587 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LfqRdkhAAAAAPPOtcXWpt8bR6LKpx4171zwfrXD&ver=3.0
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash f1c18af7c69bfac340274a68b0c98f83
36b536207d0e11ff8b269ba7348f291f403afdda
3f3ea31b63bfcbbd4a6c6c9f2b4bf6df55a933ac51b9edb2de6ee7e093d945a6
GET /recaptcha/api.js?render=6LfqRdkhAAAAAPPOtcXWpt8bR6LKpx4171zwfrXD&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 20 Sep 2022 20:05:54 GMT
date: Tue, 20 Sep 2022 20:05:54 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 587
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/themes/sellaton/js/main.js?ver=6.0.2
85.17.8.228200 OK 6.3 kB URL HTTP/2 nextgearmedia.nl/wp-content/themes/sellaton/js/main.js?ver=6.0.2
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with CRLF line terminators
Hash 068e37ea1271093acac62928808070e4
a8e6f4241ff24faa4b8cd3af1fee84284c5923ab
1ee0b7ebe7a48af3f1831a45ca7d6597c8ee5189b9c42a32ff1efeee10fcf9c4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/sellaton/js/main.js?ver=6.0.2 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 14:28:01 GMT
etag: "6786-5e79e6bae7e40-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6288
content-type: application/javascript
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
85.17.8.228200 OK 2.5 kB URL HTTP/2 nextgearmedia.nl/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (6475), with no line terminators
Hash 27cbbd0a9d7c5ad9402118c4afc36035
7659d08a005f5ecfa6c779e3cda45c30007fd059
ebc771d0af626966e38535357861fab0090e0bd7ff346cbe3c7ffdde1683809f
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 06 Sep 2022 11:56:31 GMT
etag: "194b-5e800e3172367-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2457
content-type: application/javascript
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
85.17.8.228200 OK 7.1 kB URL HTTP/2 nextgearmedia.nl/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 2f4fcc5a628b379672d76b7e91cbdf07
9d72f2c9cbc1e9b036360acfce8c8ccc8b832b8c
a360f715a418026d2e1acd81c02c83233d0c0b60fdf4ce0b4d33562925d6a0b5
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 06 Sep 2022 11:56:31 GMT
etag: "4ac6-5e800e321b27c-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7095
content-type: application/javascript
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.3
85.17.8.228200 OK 507 B URL HTTP/2 nextgearmedia.nl/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.3
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (999), with no line terminators
Hash 22f32f77e17fa7640cda0a401c2b0844
019765feeed7ea2a9e9e506ce000978ea3ecd171
269c0f075ceb9464731b25afc21ae41536b76ef76bf0cf856c42e3e6311ec6ce
GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.3 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 06 Sep 2022 12:11:28 GMT
etag: "3e7-5e80118914ff4-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 507
content-type: application/javascript
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/wp-seopress/assets/js/seopress-analytics.min.js?ver=5.9.0.3
85.17.8.228200 OK 221 B URL HTTP/2 nextgearmedia.nl/wp-content/plugins/wp-seopress/assets/js/seopress-analytics.min.js?ver=5.9.0.3
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (356), with no line terminators
Hash 4dca67c4e76a339621b15842d81ab16f
edda0ffda207ba1836f3e4ae55fd7fb708beb248
b3303f7400967974797d85db54a8f3208e3552e88a0d25f34465bfca62a2ef19
GET /wp-content/plugins/wp-seopress/assets/js/seopress-analytics.min.js?ver=5.9.0.3 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 06 Sep 2022 12:09:07 GMT
etag: "164-5e801102df48e-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 221
content-type: application/javascript
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js?ver=6.3.3
85.17.8.228200 OK 11 kB URL HTTP/2 nextgearmedia.nl/wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js?ver=6.3.3
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type C source textAlgol 68 source text\012- Pascal source, ASCII text, with very long lines (48047), with no line terminators
Hash 9d8f001a59dc380e83526cb4a5ccbd91
0a82be5bb9c3a2bb6d2f1498d18d160feb682c98
9be66b9338a4ff6157f8c5e6743cc51f8739ddd525c1975817ccd0b6afc1de71
GET /wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js?ver=6.3.3 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Sep 2022 11:48:26 GMT
etag: "bbaf-5e91a67f91aa5-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 11061
content-type: application/javascript
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.5.0
85.17.8.228200 OK 5.8 kB URL HTTP/2 nextgearmedia.nl/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.5.0
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (20421)
Hash 9a18ba220a1cfe950c090f7614d98167
f3a53f6251060940d84f9dea21cc7063a7a6ea3f
803ff0e4d506f0a13250a9877386eaa2572dedb0512b7bf824771be02d5ce453
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.5.0 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 20 Jan 2021 10:35:45 GMT
etag: "50a0-5b95284802240-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5816
content-type: application/javascript
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 26fcf8aea27805b4a6a29e3e2a4ba19b
f920fd6c5a79a4adb2f456edcee678757ff1602c
7aa63d03f514e4f51190e85f167f747563f980e0e6fdee6cce9393321dff1038
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:05:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nextgearmedia.nl/wp-content/plugins/js_composer/assets/lib/vc_accordion/vc-accordion.min.js?ver=6.5.0
85.17.8.228200 OK 2.7 kB URL HTTP/2 nextgearmedia.nl/wp-content/plugins/js_composer/assets/lib/vc_accordion/vc-accordion.min.js?ver=6.5.0
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (10922)
Hash 0dc2d0ccfce10647cefd23aa4f8cfcc2
7f8f550fe032b8314a05c15540734b6a1fe22b17
44f44185e44f9ee4b261b624c6e35e861088828aa74dad673c8e6fb19fa60c85
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/vc_accordion/vc-accordion.min.js?ver=6.5.0 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 20 Jan 2021 10:35:45 GMT
etag: "2b85-5b95284802240-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2687
content-type: application/javascript
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:05:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nextgearmedia.nl/wp-content/plugins/ajax-search-for-woocommerce/assets/js/search.min.js?ver=1.20.0
85.17.8.228200 OK 16 kB URL HTTP/2 nextgearmedia.nl/wp-content/plugins/ajax-search-for-woocommerce/assets/js/search.min.js?ver=1.20.0
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (58925)
Hash e430210a64166e0d2a11a76d51d953f2
a5b48f02b98a33c519c307179a9a3a26ccd3ca12
9c97d47bfb947ff6bbecca66780da6aa71dbd885382917987e629cb850fbd3c8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ajax-search-for-woocommerce/assets/js/search.min.js?ver=1.20.0 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Sep 2022 11:48:58 GMT
etag: "e62e-5e91a69e47ca7-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 15552
content-type: application/javascript
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/js_composer/assets/lib/vc-tta-autoplay/vc-tta-autoplay.min.js?ver=6.5.0
85.17.8.228200 OK 953 B URL HTTP/2 nextgearmedia.nl/wp-content/plugins/js_composer/assets/lib/vc-tta-autoplay/vc-tta-autoplay.min.js?ver=6.5.0
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (2326)
Hash 01276b22eb03069788fe5592222d8a7f
e4e70540d658d13e080d2a9fa564c1145e60699b
63a8f3b9b07e051a0d081e4c496026af282910b4d4deeab61832571c2005b5c8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/vc-tta-autoplay/vc-tta-autoplay.min.js?ver=6.5.0 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 20 Jan 2021 10:35:45 GMT
etag: "9f1-5b95284802240-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 953
content-type: application/javascript
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/js_composer/assets/lib/vc_tabs/vc-tabs.min.js?ver=6.5.0
85.17.8.228200 OK 1.3 kB URL HTTP/2 nextgearmedia.nl/wp-content/plugins/js_composer/assets/lib/vc_tabs/vc-tabs.min.js?ver=6.5.0
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (3975)
Hash 886d7b9d2e24bf5425ca1131f22a57bc
0a3f9440fac0aca3386a695b162ffa7a3c03368a
b06d7ea5b0c8369e09fac747a91dd1dbcc7a1d1a145bbf748e118dd0d1624b78
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/vc_tabs/vc-tabs.min.js?ver=6.5.0 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 20 Jan 2021 10:35:45 GMT
etag: "1062-5b95284802240-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1288
content-type: application/javascript
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e34f594c2e3b9b6a81e4ae9fef80f363
b7f65f5fb0df328d3c863af6c9351923205645f2
bcedda132b602d90a62a5fbe07e7c37f69cce319fb4b84e1bed40b1200e9898b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:05:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 81fa7001b4b94f54d2ab4f3237ecaabb
e21bb07f34d9bed91f5caac3f9a83e9600a5652c
0ecbe6e0c5198d792a0eeb4197c88ec1d3a9f8b215efae7a6bb87776f7673b6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:05:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nextgearmedia.nl/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
85.17.8.228200 OK 5.0 kB URL HTTP/2 nextgearmedia.nl/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (15660)
Hash e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 06 Sep 2022 11:55:18 GMT
etag: "48b9-5e800dec6c91f-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5009
content-type: application/javascript
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
use.typekit.net/ueb1pcv.css
23.36.76.122200 OK 690 B URL HTTP/2 use.typekit.net/ueb1pcv.css
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (516)
Hash 793577e0b3998c7bf733d6ca91b21d67
3bb4f930d436fce3d65f05198618ae5c251587b2
01733e9727f630529cadea6b11762c18f964fae71c91ad190144b12dddcf67c5
GET /ueb1pcv.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 690
date: Tue, 20 Sep 2022 20:05:54 GMT
X-Firefox-Spdy: h2
p.typekit.net/p.css?s=1&k=ueb1pcv&ht=tk&f=30331.30334.30335&a=12142167&app=typekit&e=css
23.36.76.122200 OK 5 B URL HTTP/2 p.typekit.net/p.css?s=1&k=ueb1pcv&ht=tk&f=30331.30334.30335&a=12142167&app=typekit&e=css
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
Hash 83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
GET /p.css?s=1&k=ueb1pcv&ht=tk&f=30331.30334.30335&a=12142167&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css
cross-origin-resource-policy: cross-origin
etag: "613bee4d-5"
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
content-length: 5
unused62: 8096267
date: Tue, 20 Sep 2022 20:05:54 GMT
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.9.2
85.17.8.228200 OK 1.2 kB URL HTTP/2 nextgearmedia.nl/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.9.2
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (7043), with no line terminators
Hash 7a01d757cd8aced5af866e83a6d0ce76
f352b0e25c2a3ca7af84f93c9bc1fd700db3586f
da5327f259e09fafac875160fbcd3fe934f48359e751e42b802f5577310b014c
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.9.2 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Sep 2022 11:49:39 GMT
etag: "1b83-5e91a6c50b64a-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1177
content-type: text/css
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/uploads/Next-Gear-Media-favicon.svg
85.17.8.228200 OK 824 B URL HTTP/2 nextgearmedia.nl/wp-content/uploads/Next-Gear-Media-favicon.svg
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (1796), with no line terminators
Hash 65e373f10d0a9fb9dbd7c0b03fadda05
062ec0e85504a231f8ca18a47c9a0631d60245ed
a3f82f7ffbfaf92b5541dabe4901702680b41f4b1b10eec83946c4b27657219b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/Next-Gear-Media-favicon.svg HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/wp-content/themes/sellaton/style.css?ver=1663704353
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 03 Jun 2022 11:00:53 GMT
etag: "704-5e08909328340-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 824
content-type: image/svg+xml
date: Tue, 20 Sep 2022 20:05:55 GMT
server: Apache/2
X-Firefox-Spdy: h2
use.typekit.net/af/142ef3/00000000000000003b9ae4c6/27/l?subset_id=2&fvd=n7&v=3
23.36.76.122200 OK 23 kB URL HTTP/2 use.typekit.net/af/142ef3/00000000000000003b9ae4c6/27/l?subset_id=2&fvd=n7&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 22696, version 1.0\012- data
Hash e302ce525135af1ee1a52639092be9f4
098ccba3a764c77a95d12682316fc5636c7ef2a4
7a3502fd80899d0405f1a76bf629d615358f443746813261f3a3c0be821dd78d
GET /af/142ef3/00000000000000003b9ae4c6/27/l?subset_id=2&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nextgearmedia.nl
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 22696
etag: "988c4b754f2c963a9f71b6562bacd30954213e01"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 20 Sep 2022 20:05:55 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/cfdf43/00000000000000003b9ae4c2/27/l?subset_id=2&fvd=n5&v=3
23.36.76.122200 OK 24 kB URL HTTP/2 use.typekit.net/af/cfdf43/00000000000000003b9ae4c2/27/l?subset_id=2&fvd=n5&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 23852, version 1.0\012- data
Hash b5a9b81c237bd449976106764ceaa949
b9ba38922e15c1b22fe80eea15ac61b47e26d1de
58e53483ddda5eecb3045e3033d1bed8045f8bd76439bd94c93fe04c1bc217a0
GET /af/cfdf43/00000000000000003b9ae4c2/27/l?subset_id=2&fvd=n5&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nextgearmedia.nl
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 23852
etag: "5abb85e0f71a526db0db1d8d3f68e07a0406e8ba"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 20 Sep 2022 20:05:55 GMT
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/uploads/IMG_2256.jpg?id=22061860
85.17.8.228200 OK 510 kB URL HTTP/2 nextgearmedia.nl/wp-content/uploads/IMG_2256.jpg?id=22061860
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2049x1536, components 3\012- data
Size 510 kB (510497 bytes)
Hash 961b8d911d31e223f7d70615caaedaa3
fc89894bcf9a68be1d93ca2186c65255207f9102
b89c3b452b3a0821700600a7c5baf6540d3130c0adaf71d262535cc206205788
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/IMG_2256.jpg?id=22061860 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 24 Jun 2022 08:43:35 GMT
etag: "7ca21-5e22d90d77bc0"
accept-ranges: bytes
content-length: 510497
content-type: image/jpeg
date: Tue, 20 Sep 2022 20:05:55 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/woo-fly-cart/assets/fonts/woofc.ttf
85.17.8.228200 OK 7.3 kB URL HTTP/2 nextgearmedia.nl/wp-content/plugins/woo-fly-cart/assets/fonts/woofc.ttf
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, woosmc \012- data
Hash 08a23f2f9ec03417029b43eb67dcf68e
f4d964c45a8d09a9aa8dccd072b2a5d9a5402c7b
22ca97ffef4904f691083f7a10facd99e2406619c4c45b02202e1e6f2f762407
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woo-fly-cart/assets/fonts/woofc.ttf HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/wp-content/plugins/woo-fly-cart/assets/css/fonts.css?ver=6.0.2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Jun 2021 08:40:40 GMT
etag: "32dc-5c556bea69200-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7282
content-type: application/x-font-ttf
date: Tue, 20 Sep 2022 20:05:55 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:05:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:05:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nextgearmedia.nl/wp-content/uploads/hqdefault-400x360.jpg
85.17.8.228200 OK 19 kB URL HTTP/2 nextgearmedia.nl/wp-content/uploads/hqdefault-400x360.jpg
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 400x360, components 3\012- data
Hash 5b8d65d82bfe9eb5a40d9fa7370510c5
68301ec39c6ce95f6cd31776bd4a52c7feb91bba
4a1d248702c6579720ebba90ef283cfc2850b1665315514a4ff43242d040ab17
GET /wp-content/uploads/hqdefault-400x360.jpg HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 12 Sep 2022 14:14:06 GMT
etag: "4afa-5e87b822cea90"
accept-ranges: bytes
content-length: 19194
content-type: image/jpeg
date: Tue, 20 Sep 2022 20:05:55 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/uploads/pexels-ingo-joseph-13781-1536x1024.jpg
85.17.8.228200 OK 165 kB URL HTTP/2 nextgearmedia.nl/wp-content/uploads/pexels-ingo-joseph-13781-1536x1024.jpg
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1536x1024, components 3\012- data
Size 165 kB (165418 bytes)
Hash 72994ebade17ac14a5f18efcd7bb62d0
31cf5ecca37698baf9924028caa7f7394964101e
5188a98f57eeaccd7009d200b8114e7975c2c7043c56cbcd15096ab3dbeb9ad5
GET /wp-content/uploads/pexels-ingo-joseph-13781-1536x1024.jpg HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 16 May 2022 11:43:34 GMT
etag: "2862a-5df1f88b38580"
accept-ranges: bytes
content-length: 165418
content-type: image/jpeg
date: Tue, 20 Sep 2022 20:05:55 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/uploads/IMG_0105-400x400.jpg
85.17.8.228200 OK 22 kB URL HTTP/2 nextgearmedia.nl/wp-content/uploads/IMG_0105-400x400.jpg
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 400x400, components 3\012- data
Hash 96d05c48ef5ce7c281fb648b4ae6916c
f6ceeba390b34ae05f3f278061390de0d4382962
44f9bc3b1c482e5fd950160b6bd9d5d27f8044393f9ac5264d48971754e8411b
GET /wp-content/uploads/IMG_0105-400x400.jpg HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 12 Sep 2022 14:17:54 GMT
etag: "561b-5e87b8fc9f416"
accept-ranges: bytes
content-length: 22043
content-type: image/jpeg
date: Tue, 20 Sep 2022 20:05:55 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/uploads/IMG_2258-1536x1151.jpg
85.17.8.228200 OK 215 kB URL HTTP/2 nextgearmedia.nl/wp-content/uploads/IMG_2258-1536x1151.jpg
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1536x1151, components 3\012- data
Size 215 kB (215195 bytes)
Hash 3b9a836ece74bed1a06ed17e72059cad
23d25c4a97f2b591f979aaa7873a31a04563f84d
c3cec675e85855b6b3b8b9bf6a6d551efde7091250446b73f1f449c66727d092
GET /wp-content/uploads/IMG_2258-1536x1151.jpg HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 24 Jun 2022 08:43:44 GMT
etag: "3489b-5e22d9160d000"
accept-ranges: bytes
content-length: 215195
content-type: image/jpeg
date: Tue, 20 Sep 2022 20:05:55 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/uploads/62505af9-9b05-4232-9306-54ab0756063c-400x400.jpg
85.17.8.228200 OK 32 kB URL HTTP/2 nextgearmedia.nl/wp-content/uploads/62505af9-9b05-4232-9306-54ab0756063c-400x400.jpg
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 400x400, components 3\012- data
Hash 8988dcf729c601bc52f49693a93fc59b
06edc0c39fc7c80845e6a2a4c5623d3ac071e29b
68c962b8090319a4b6530b200f0b761f7a734dba89a694dbc216a62c28aea06e
GET /wp-content/uploads/62505af9-9b05-4232-9306-54ab0756063c-400x400.jpg HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 12 Sep 2022 13:50:59 GMT
etag: "7e4c-5e87b2f864cd9"
accept-ranges: bytes
content-length: 32332
content-type: image/jpeg
date: Tue, 20 Sep 2022 20:05:55 GMT
server: Apache/2
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nextgearmedia.nl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 08:31:01 GMT
expires: Wed, 20 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 41694
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
142.250.74.163200 OK 128 kB URL HTTP/2 fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data
Size 128 kB (128352 bytes)
Hash 53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
GET /s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nextgearmedia.nl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 20:36:08 GMT
expires: Fri, 15 Sep 2023 20:36:08 GMT
cache-control: public, max-age=31536000
age: 430187
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/uploads/complianz/css/banner-1-optin.css?v=15
85.17.8.228200 OK 2.9 kB URL HTTP/2 nextgearmedia.nl/wp-content/uploads/complianz/css/banner-1-optin.css?v=15
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (15895), with no line terminators
Hash cc615eceed2ae7441b7386e35da0cc58
a649cd1b579357a7bc89327eb14bcbb51149adf1
9c3fa1931286849777830302b70d53d2640ed67708fbc7865603ddec1abc63b2
GET /wp-content/uploads/complianz/css/banner-1-optin.css?v=15 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Sep 2022 11:48:38 GMT
etag: "3e17-5e91a68b583eb-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2869
content-type: text/css
date: Tue, 20 Sep 2022 20:05:55 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:05:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js
142.250.74.163200 OK 158 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (581)
Size 158 kB (157726 bytes)
Hash 6519c7c04cf32a57b1c5ee45a73c233e
4939bb921988e9eb13780cc2244f3099776e9bfb
8352dd4e3e0fe82562cdc280c020fc31d2c6d054f7ead441a3b18de8ef04401b
GET /recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nextgearmedia.nl
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 157726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 05:37:29 GMT
expires: Thu, 14 Sep 2023 05:37:29 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 14 Sep 2022 00:24:01 GMT
content-type: text/javascript
age: 570506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/uploads/cropped-Next-Gear-Media-favicon-192x192.png
85.17.8.228200 OK 7.6 kB URL HTTP/2 nextgearmedia.nl/wp-content/uploads/cropped-Next-Gear-Media-favicon-192x192.png
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Hash efc3c7375bcd7009104eb93b0323b9a6
d7ae2a2056a3185e4b2c9f76c8ebabb9dd23f9d8
5fcd172e230e0f10034c82648cfd0cfcc34df2204e27aeaefc9d91c136d6cff9
GET /wp-content/uploads/cropped-Next-Gear-Media-favicon-192x192.png HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 09:55:09 GMT
etag: "1dad-5e07400467940"
accept-ranges: bytes
content-length: 7597
content-type: image/png
date: Tue, 20 Sep 2022 20:05:55 GMT
server: Apache/2
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/uploads/cropped-Next-Gear-Media-favicon-32x32.png
85.17.8.228200 OK 1.4 kB URL HTTP/2 nextgearmedia.nl/wp-content/uploads/cropped-Next-Gear-Media-favicon-32x32.png
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash c2130dbf6ae21f0f365050f01b7bf5c5
5a88cde0a1905eb7cbb991f19fd6e76292e44d29
d6c4cdafe08651c9c129564593296050177e5dd877b8dab040a1241ceb4d814e
GET /wp-content/uploads/cropped-Next-Gear-Media-favicon-32x32.png HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 09:55:11 GMT
etag: "57c-5e0740064fdc0"
accept-ranges: bytes
content-length: 1404
content-type: image/png
date: Tue, 20 Sep 2022 20:05:55 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/styles__ltr.css
142.250.74.163200 OK 24 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/styles__ltr.css
IP 142.250.74.163:0
File type ASCII text, with very long lines (52762), with no line terminators
Hash f2d649025c814be9c33f166a5e04fe88
26bf59de631415927ba2c6c9e44fe9c763f95313
f95ec963b7657097e1ef827fc07d96eda5b63f7d3e17b5a1b5eeb7a8d0b67921
GET /recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24251
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 05:19:12 GMT
expires: Thu, 14 Sep 2023 05:19:12 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 14 Sep 2022 00:24:01 GMT
content-type: text/css
age: 571603
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js
142.250.74.163200 OK 158 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (581)
Size 158 kB (157726 bytes)
Hash 6519c7c04cf32a57b1c5ee45a73c233e
4939bb921988e9eb13780cc2244f3099776e9bfb
8352dd4e3e0fe82562cdc280c020fc31d2c6d054f7ead441a3b18de8ef04401b
GET /recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 157726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 05:37:29 GMT
expires: Thu, 14 Sep 2023 05:37:29 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 14 Sep 2022 00:24:01 GMT
content-type: text/javascript
age: 570506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-F4DNFRNW09>m=2oe9j0&_p=406743646&cid=833369141.1663704356&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663704355&sct=1&seg=0&dl=https%3A%2F%2Fnextgearmedia.nl%2F&dt=Next%20Gear%20Media&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.allow_display_features=false
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-F4DNFRNW09>m=2oe9j0&_p=406743646&cid=833369141.1663704356&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663704355&sct=1&seg=0&dl=https%3A%2F%2Fnextgearmedia.nl%2F&dt=Next%20Gear%20Media&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.allow_display_features=false
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-F4DNFRNW09>m=2oe9j0&_p=406743646&cid=833369141.1663704356&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663704355&sct=1&seg=0&dl=https%3A%2F%2Fnextgearmedia.nl%2F&dt=Next%20Gear%20Media&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.allow_display_features=false HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nextgearmedia.nl
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://nextgearmedia.nl
date: Tue, 20 Sep 2022 20:05:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
nextgearmedia.nl/?wc-ajax=get_refreshed_fragments
85.17.8.228200 OK 569 B URL HTTP/2 nextgearmedia.nl/?wc-ajax=get_refreshed_fragments
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1841), with no line terminators
Hash 4fe776bc47006e62ded97a1ff3e2eb16
1b985efc7664fef979074f0fb939cfd3ec0f7d01
a68886df40666236777c9ae099a05d070b8a3ec0ad812a2b152aca69f2e6bdbb
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://nextgearmedia.nl
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Cookie: _ga_F4DNFRNW09=GS1.1.1663704355.1.0.1663704355.0.0.0; _ga=GA1.1.833369141.1663704356
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.4.26
access-control-allow-origin: https://nextgearmedia.nl
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 569
content-type: application/json; charset=UTF-8
date: Tue, 20 Sep 2022 20:05:55 GMT
server: Apache/2
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
104.18.10.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
IP 104.18.10.207:0
GET /bootstrap/4.3.1/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nextgearmedia.nl
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:05:54 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"e1d98d47689e00f8ecbc5d9f61bdb42e"
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-cachedat: 04/09/2022 02:51:51
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 286c5e9f55b314c644347235a363cc32
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74dd2db7cc0ab511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400&display=swap
IP 142.250.74.10:0
GET /css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 20 Sep 2022 20:05:54 GMT
date: Tue, 20 Sep 2022 20:05:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.10.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.10.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nextgearmedia.nl
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:05:54 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 08/20/2022 02:30:56
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 41177a8ed5dfaac058c8ec7b69e355ff
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74dd2db71b1fb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/plugins/woo-phone-input-plugin/js/intlTelInput-jquery.min.js?ver=2.0.3
85.17.8.228200 OK 0 B URL HTTP/2 nextgearmedia.nl/wp-content/plugins/woo-phone-input-plugin/js/intlTelInput-jquery.min.js?ver=2.0.3
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woo-phone-input-plugin/js/intlTelInput-jquery.min.js?ver=2.0.3 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Feb 2022 13:05:40 GMT
etag: "6ca7-5d8c33d2af100-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 10440
content-type: application/javascript
date: Tue, 20 Sep 2022 20:05:54 GMT
server: Apache/2
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
104.18.10.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
IP 104.18.10.207:0
GET /bootstrap/4.3.1/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nextgearmedia.nl
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:05:54 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"a15c2ac3234aa8f6064ef9c1f7383c37"
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-cachedat: 08/15/2022 13:52:49
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 48684623479d7610915cade81fcdc19a
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74dd2db70b11b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nextgearmedia.nl/wp-content/uploads/IMG_3208.jpg?id=22061902
85.17.8.228200 OK 0 B URL HTTP/2 nextgearmedia.nl/wp-content/uploads/IMG_3208.jpg?id=22061902
IP 85.17.8.228:0
ASN #60781 LeaseWeb Netherlands B.V.
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/IMG_3208.jpg?id=22061902 HTTP/1.1
Host: nextgearmedia.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 15 Jul 2022 12:39:44 GMT
etag: "ad45e-5e3d7500c2400"
accept-ranges: bytes
content-length: 709726
content-type: image/jpeg
date: Tue, 20 Sep 2022 20:05:55 GMT
server: Apache/2
X-Firefox-Spdy: h2
fonts.googleapis.com/icon?family=Material+Icons|Material+Icons+Outlined
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/icon?family=Material+Icons|Material+Icons+Outlined
IP 142.250.74.10:0
GET /icon?family=Material+Icons|Material+Icons+Outlined HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nextgearmedia.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 20 Sep 2022 20:05:54 GMT
date: Tue, 20 Sep 2022 20:05:54 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2