r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6965
Expires: Wed, 01 Feb 2023 23:37:43 GMT
Date: Wed, 01 Feb 2023 21:41:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2568
Expires: Wed, 01 Feb 2023 22:24:26 GMT
Date: Wed, 01 Feb 2023 21:41:38 GMT
Connection: keep-alive
natashaamon.com/
142.252.232.5301 Moved Permanently 232 B IP 142.252.232.5:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7d1b4ee4b23b3be79f3e02f39610028c
b15ca8c699ee2e741d47699f867945b397d1fb92
9b27b9a91b6e61696b68f80f38567f5a12b2570c6e2666d58679aa396c26ee49
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 01 Feb 2023 21:41:38 GMT
Server: Apache/2
Location: https://natashaamon.com/
Content-Length: 232
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 21:36:02 GMT
content-type: application/json
age: 336
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4856
Expires: Wed, 01 Feb 2023 23:02:34 GMT
Date: Wed, 01 Feb 2023 21:41:38 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: rq0+eaPJt9p/qQc3bML6L58nfOOr794kDNvHyXTiTwObzEDEvGStrA+tdHemYqGHbhS/kHtUzmw=
x-amz-request-id: B4DQ7CEKY4WY03A3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 20:51:42 GMT
age: 2996
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 21:41:38 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 20:49:05 GMT
age: 3153
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a8b1e272573a95a37833350f9c9a321
a8c726d5c542f70fe7710154e55e001256c64924
40d444ab49e39f1105903465f13a8ac03536b203fd6f0dcce95285cda289a564
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40D444AB49E39F1105903465F13A8AC03536B203FD6F0DCCE95285CDA289A564"
Last-Modified: Tue, 31 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 02 Feb 2023 03:41:38 GMT
Date: Wed, 01 Feb 2023 21:41:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17414
Expires: Thu, 02 Feb 2023 02:31:53 GMT
Date: Wed, 01 Feb 2023 21:41:39 GMT
Connection: keep-alive
push.services.mozilla.com/
52.88.138.244101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.138.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: z7tf6GuCAFL404UGEZUA6A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: AvA+Xqhd7g9l611XzN4Al3Pev6g=
natashaamon.com/
142.252.232.5301 Moved Permanently 0 B IP 142.252.232.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
x-powered-by: PHP/5.6.40
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=pjjsivpe2so0me0eaia8jrr1e1; path=/
location: https://www.natashaamon.com/
vary: User-Agent
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 01 Feb 2023 21:41:39 GMT
server: Apache/2
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7305
Expires: Wed, 01 Feb 2023 23:43:25 GMT
Date: Wed, 01 Feb 2023 21:41:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7305
Expires: Wed, 01 Feb 2023 23:43:25 GMT
Date: Wed, 01 Feb 2023 21:41:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 22:03:43 GMT
age: 85077
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71bb87d4-a329-46af-946e-9b5edda7dddb.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71bb87d4-a329-46af-946e-9b5edda7dddb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2419bbbf287e620325438f5620183e32
257963245f14742bf9cd90e71ca748066d5495c3
47c7495be97a81189da17fc3abf430d1f4ecae95fdda30006cc462a4cea4c643
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71bb87d4-a329-46af-946e-9b5edda7dddb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7628
x-amzn-requestid: 29c70d62-ed3a-4c90-8f32-2dc0c1caf5e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcDSnG4RIAMF5eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4b276-0267c928110be13d26906bed;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 05:28:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nW57-OyTmJaehRAaQAG-qljKRd2_tDViGnSn8Pj_z8xndH_oVnE8pQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 04:57:03 GMT
age: 60277
etag: "257963245f14742bf9cd90e71ca748066d5495c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: pU_436f27nMZKPxZZWqZekERHFTvcG5NT5p_CYEXHRPtIWjDtSA-uA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:15:18 GMT
age: 51982
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2998f7f50ac0eec931c348e8a0fb0c60
f5e411cda74cb7fb4a662f4787e9543b9749c8b5
0c81413a819e379212bf757b1c9469415aec2ac8fdf47f94ff23c420a1da20e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5736
x-amzn-requestid: 895ee89b-8d2e-42f9-a392-466557f8a0d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffEtEGk_oAMFYPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e7ed-026a1b0d79dc7eb572317bd2;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:28:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 64EbarGrn6AIpXOE8TIfiBeGFQinx-P9lUIvmiQ1ivZgFrxl7_W4EQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:57:42 GMT
age: 85438
etag: "f5e411cda74cb7fb4a662f4787e9543b9749c8b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec7e808a5e82552c46c3417a5b32b836
f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd
f16d982224dfeb0753eaf9d4eb87d80fd1111f682fd8fa36f3177aad5bf926a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6819
x-amzn-requestid: a0368695-4182-40bd-9a28-c50ae783a7a5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRHGnoAMF0Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-624285eb16110b8c2360dec5;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4MpUHqMYJoNA7QuRuQwbJIodNkhizq6EL5SPbIoSKFQjtoAKQgLuEg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:51:25 GMT
age: 85815
etag: "f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 27e95b7912edc909d6b031e36fe83534
eb27fae0bb17dbe0929a620002195233ef50c1d0
b32e7e1a2eee367c5bf9e99bcb38f4c74c4e9e7bdfe7fb0f8f2a657060c0624c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8597
x-amzn-requestid: e7bf4ac9-d86d-4ee9-9e10-8a42e5dfe2c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcRaNEW4IAMFatA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4c90d-7731312f630b00ba028836ca;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:04:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z3ZJ7bq6LuJd-9I9D22VIs0avctNGVDKnYmt-fxevCheQibivmUomQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:53:10 GMT
age: 49710
etag: "eb27fae0bb17dbe0929a620002195233ef50c1d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.natashaamon.com/
142.252.232.5200 OK 18 kB IP 142.252.232.5:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2401)
Hash b91041ea6dff97dec5858afbdf301e42
940636df8c64af3a3f1381ade8ad143548383c96
b096edadb146ff159d4b523cf44964f6ff41efbda8261d0d9fb79843f2bc52ad
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/5.6.40
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
link: <https://www.natashaamon.com/wp-json/>; rel="https://api.w.org/", <https://www.natashaamon.com/>; rel=shortlink
set-cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4; path=/
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 17799
content-type: text/html; charset=UTF-8
date: Wed, 01 Feb 2023 21:41:40 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 21:41:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.natashaamon.com/wp-content/plugins/fma-product-custom-options/front/css/fmepco_front_style.css?ver=4.7.22
142.252.232.5200 OK 431 B URL HTTP/2 www.natashaamon.com/wp-content/plugins/fma-product-custom-options/front/css/fmepco_front_style.css?ver=4.7.22
IP 142.252.232.5:0
Hash c2ea397c76a39b9111e1a8ea3c737b85
5fe3b685dab9734b0039701db8343e9b8cd33cc8
bf683f9172636a10c6ea2f9aed526f8a152ea317b133acc0cb2d2459d038361d
GET /wp-content/plugins/fma-product-custom-options/front/css/fmepco_front_style.css?ver=4.7.22 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:53 GMT
etag: "4bf-5e5b99c0ff3ce-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 431
content-type: text/css
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.6.1
142.252.232.5200 OK 623 B URL HTTP/2 www.natashaamon.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.6.1
IP 142.252.232.5:0
Hash 9e3f8f252465b6106c5aec804d2d3d36
c5b74d79a69e2989e98bd231a2d43c6ab9229f97
7bbba87c71a99954bd443bc63cc4b9f71b3fb17c462c43cbd1b767fa0d5fd357
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.6.1 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:53 GMT
etag: "630-5e5b99c0fd876-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 623
content-type: text/css
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=3.4.5
142.252.232.5200 OK 2.2 kB URL HTTP/2 www.natashaamon.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=3.4.5
IP 142.252.232.5:0
File type ASCII text, with very long lines (16542), with no line terminators
Hash 7e972f6c1b2623731f8a00bac6c27b89
c74dbad6d727697f8a479e8928da654273abdc4b
56a3d5d9f218531f5135906f5c15990ae8a70bd8d09abe40588bab417504ee8e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=3.4.5 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "409e-5e5b99c1a01f7-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2157
content-type: text/css
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.3.1
142.252.232.5200 OK 7.7 kB URL HTTP/2 www.natashaamon.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.3.1
IP 142.252.232.5:0
File type ASCII text, with very long lines (36280)
Hash 8e803265d12924cdf2e9b5e393eb384c
59b83e984e437abe07e57dd26bdf5b1206a7ccd7
6cc653068cb6eaee82faca8d49699215ac97db1b69cafa27599d2709987aac4d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.3.1 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "8f21-5e5b99c191799-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7697
content-type: text/css
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 21:41:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.natashaamon.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.4.5
142.252.232.5200 OK 8.7 kB URL HTTP/2 www.natashaamon.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.4.5
IP 142.252.232.5:0
File type Unicode text, UTF-8 text, with very long lines (61714), with no line terminators
Hash 749b1a20d0728311d2a4d77164ed127c
84f788f17f12c0db4419ea76bef8185a9fa1f703
d87f53c8edf5f2aab26e835e1ba3f81b7278e2314e5cf2cad0de136c0db5c9bd
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.4.5 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "f120-5e5b99c1a05df-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 8732
content-type: text/css
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/yith-woocommerce-ajax-search/assets/css/yith_wcas_ajax_search.css?ver=4.7.22
142.252.232.5200 OK 332 B URL HTTP/2 www.natashaamon.com/wp-content/plugins/yith-woocommerce-ajax-search/assets/css/yith_wcas_ajax_search.css?ver=4.7.22
IP 142.252.232.5:0
Hash 41225bdf9822ee5e476182c76b9a7273
e5cfb6011d658e6208283e8f9563c83f810ddeff
66d7c6e50c9e412f50d7aa0644945160d9dd0c2a6cc93a18157323ec878f5667
GET /wp-content/plugins/yith-woocommerce-ajax-search/assets/css/yith_wcas_ajax_search.css?ver=4.7.22 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "28e-5e5b99c1d6cf2-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 332
content-type: text/css
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=3.4.5
142.252.232.5200 OK 1.9 kB URL HTTP/2 www.natashaamon.com/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=3.4.5
IP 142.252.232.5:0
File type ASCII text, with very long lines (9152), with no line terminators
Hash 23f9556c7654e2e5a83b2b436b102642
a1fe7b8fee22a0aabc9c015dabad637ec22ad1c6
873a70b9f1f9c101e7e399e8eddf1f92b67ccce457a94b9fac356c6a84b76bc5
GET /wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=3.4.5 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "23c0-5e5b99c19fa27-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1921
content-type: text/css
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-includes/css/dashicons.min.css?ver=4.7.22
142.252.232.5200 OK 29 kB URL HTTP/2 www.natashaamon.com/wp-includes/css/dashicons.min.css?ver=4.7.22
IP 142.252.232.5:0
File type ASCII text, with very long lines (46364), with no line terminators
Hash c3deda3e7fece967f2ccbd284ea13582
97463a1c50f1c8975116d5498806f24791b23fef
a7e9b2f080d9b676910cd9186c7f2ffd4066d61d0380a344c935fa349982aa10
GET /wp-includes/css/dashicons.min.css?ver=4.7.22 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "b51c-5e5b99c24b818-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 28612
content-type: text/css
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0
142.252.232.5200 OK 1.0 kB URL HTTP/2 www.natashaamon.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0
IP 142.252.232.5:0
Hash 7f046eb8ca1a67b89dd74a47d03ffccf
66e28ae939b80ec7fd96c4b74b0c6777f14dc3a0
05a64429ad07959bd15ae2c23c63c32d318fdf3ebcbb0704a81f4c4364a18860
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "df4-5e5b99c1e66f1-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1027
content-type: text/css
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=2.0.16
142.252.232.5200 OK 2.7 kB URL HTTP/2 www.natashaamon.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=2.0.16
IP 142.252.232.5:0
Hash 56aa6d96935119b315c01dcdc85a8745
ddb20f6938ca8ec7791ee0e975919247b540106d
7f30ea135834d9e1375581600b9bfe82dda7d1e3028709ab7e5e0feec2d31317
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=2.0.16 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "3747-5e5b99c1e66f1-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2743
content-type: text/css
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/fma-product-custom-options/front/js/accounting.min.js?ver=4.7.22
142.252.232.5200 OK 1.3 kB URL HTTP/2 www.natashaamon.com/wp-content/plugins/fma-product-custom-options/front/js/accounting.min.js?ver=4.7.22
IP 142.252.232.5:0
File type ASCII text, with very long lines (3019)
Hash dfa1dc2c69e232f53c517dd2601508e3
7d8b55891db0121063d1566edfff0677fa657280
f89e903256da13d6baa2a8d581954094490b1bbf163edf3633d10fb5fc96184c
GET /wp-content/plugins/fma-product-custom-options/front/js/accounting.min.js?ver=4.7.22 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:53 GMT
etag: "c4f-5e5b99c0ff3ce-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1304
content-type: application/javascript
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
142.252.232.5200 OK 981 B URL HTTP/2 www.natashaamon.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
IP 142.252.232.5:0
File type ASCII text, with very long lines (1680)
Hash 2238631cf6be3be50e2ab84374f6381d
f1525686e4d6b7d39727aaf30db49ac9b2bc3fa8
8e46659318c5590dc20944c2d2464b93a06a89e0a4f7353112da4cf06bc213e6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "736-5e5b99c1a5bcf-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 981
content-type: application/javascript
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
142.252.232.5200 OK 4.0 kB URL HTTP/2 www.natashaamon.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 142.252.232.5:0
File type ASCII text, with very long lines (9959)
Hash a6c81e2f02bd04160d2de88c4e8f3559
e3f3c91427d785820ca97dabe738f01faf041f36
b734d83af5da0eb627e04d3e62ce652b9eb7de19667a1b91da6b93f0ea5d7ffe
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "2748-5e5b99c250637-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4014
content-type: application/javascript
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
142.252.232.5200 OK 3.5 kB URL HTTP/2 www.natashaamon.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
IP 142.252.232.5:0
File type ASCII text, with very long lines (9172)
Hash c5ed233484e496839d8a5c379017e476
2c281f9e4e88b9f64f97c20ddcb1003064705bca
7e7f8ed6d44a1fc906799b6c41f26575b45176b5abb8ff093bb8fe0babd7c078
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "255e-5e5b99c1a5017-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3533
content-type: application/javascript
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/uploads/2022/08/5.png
142.252.232.5200 OK 6.7 kB URL HTTP/2 www.natashaamon.com/wp-content/uploads/2022/08/5.png
IP 142.252.232.5:0
File type PNG image data, 167 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 73988060b382ed95c94dadb66af8aafd
42c0dd59eb0155ee2749003292cac86d385b8959
b3380c28830ed5cd44a47828330eae5301102055ffaf4a4615f5481b12c5b4c9
GET /wp-content/uploads/2022/08/5.png HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 01:23:27 GMT
etag: "1a2a-5e5d8e55b972c"
accept-ranges: bytes
content-length: 6698
content-type: image/png
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.4.5
142.252.232.5200 OK 924 B URL HTTP/2 www.natashaamon.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.4.5
IP 142.252.232.5:0
File type ASCII text, with very long lines (2568), with no line terminators
Hash 555b56286f56c3905c9a14f1b85ab351
b0c6bd020ac99a78c0d6021a2e545a0b6c54e158
eb46cf16fdee6b9e1e479e949803dccd534d6c28268d4658195558267f7884ea
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.4.5 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "a08-5e5b99c1a4847-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 924
content-type: application/javascript
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.4.5
142.252.232.5200 OK 954 B URL HTTP/2 www.natashaamon.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.4.5
IP 142.252.232.5:0
File type HTML document, ASCII text, with very long lines (2650), with no line terminators
Hash d33c92fb39e6857fb94d0600dddbf835
8bf1177733f682c378b8966e1d85ce774da10bb4
5202e044fcab9fbfc1c01085ac5fb6efead3bcbd1a48fc229f5749f5d8d4a6f2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.4.5 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "a5a-5e5b99c1a445f-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 954
content-type: application/javascript
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.init.min.js?ver=3.4.5
142.252.232.5200 OK 175 B URL HTTP/2 www.natashaamon.com/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.init.min.js?ver=3.4.5
IP 142.252.232.5:0
File type ASCII text, with very long lines (317), with no line terminators
Hash a3d6c7ba164b024ee8d61f98116533de
efe3126fbbb3f182b5ad6d810780fcebf747cce2
ba4881e389c1aaf8720bab24ae5e4fe6660a29b5c81063733b7cf57211e302ba
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.init.min.js?ver=3.4.5 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "13d-5e5b99c1a639f-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 175
content-type: application/javascript
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/themes/pool-services-lite/assets/js/custom.js?ver=4.7.22
142.252.232.5200 OK 709 B URL HTTP/2 www.natashaamon.com/wp-content/themes/pool-services-lite/assets/js/custom.js?ver=4.7.22
IP 142.252.232.5:0
Hash 2b08f9d5b87392427e9398743f35e8bc
2f13421234503158d1056bd367c3ba1789fcb38d
919d5552da23c55dbc5e0e89307ffe9452db76b8b14b3d90b7c9b9e8328b3110
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/pool-services-lite/assets/js/custom.js?ver=4.7.22 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "742-5e5b99c204766-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 709
content-type: application/javascript
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/woo-exchange-rate/assets/js/woo-exchange-rate.js?ver=4.7.22
142.252.232.5200 OK 382 B URL HTTP/2 www.natashaamon.com/wp-content/plugins/woo-exchange-rate/assets/js/woo-exchange-rate.js?ver=4.7.22
IP 142.252.232.5:0
File type ASCII text, with CRLF line terminators
Hash e5611b003aacbbc3ca958f31e2e48cbf
1449fb63049e03a2527968602874b0303a11f243
e9c21923a0fea4bcadc0372529d1cff69d1e7f91ad0bd1f08bceb41e11b97866
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woo-exchange-rate/assets/js/woo-exchange-rate.js?ver=4.7.22 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "353-5e5b99c196d88-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 382
content-type: application/javascript
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/js-composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.0.1
142.252.232.5200 OK 351 B URL HTTP/2 www.natashaamon.com/wp-content/plugins/js-composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.0.1
IP 142.252.232.5:0
Hash caa6ca5d23d1adf35e63b219631fff8e
786acb0cf5a9033939c4c4b8f5c4109e2e15401f
50973c0a98e9463c4417b2ccd9424a5f89a9924b80878548f19422b25d23d901
GET /wp-content/plugins/js-composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.0.1 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:53 GMT
etag: "37f-5e5b99c10caa5-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 351
content-type: application/javascript
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.4.5
142.252.232.5200 OK 591 B URL HTTP/2 www.natashaamon.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.4.5
IP 142.252.232.5:0
File type ASCII text, with very long lines (1402), with no line terminators
Hash 4380e7ab9aa888e12cb1a391b71638ae
718403244f48059dff634871c056679d6e2fc3e4
a2ceba8511849f4dbaaa2e9b84e6e163e77bc8916c817441fd90d62fba616e5c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.4.5 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "57a-5e5b99c1a4c2f-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 591
content-type: application/javascript
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/newsletter/subscription/validate.js?ver=4.8.0
142.252.232.5200 OK 374 B URL HTTP/2 www.natashaamon.com/wp-content/plugins/newsletter/subscription/validate.js?ver=4.8.0
IP 142.252.232.5:0
Hash 6cb6dfce35465e6c0296aec28003bc49
9910c85cd65eee965ac4f673309bf01689d92d5e
a35824fd55cab76bf80dd58daa699665e0719bd2913012af360d75bb4055d081
GET /wp-content/plugins/newsletter/subscription/validate.js?ver=4.8.0 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:53 GMT
etag: "441-5e5b99c148b8f-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 374
content-type: application/javascript
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/newsletter/subscription/style.css?ver=4.8.0
142.252.232.5200 OK 955 B URL HTTP/2 www.natashaamon.com/wp-content/plugins/newsletter/subscription/style.css?ver=4.8.0
IP 142.252.232.5:0
Hash d4a59d85a543d7344746f9bbd79b18d3
64236cf986e649ea6c1f8387e1c0ea392602557e
e1a43ab9fcec9c445d945df580b82c7093968ecc11395b581bf0158b7e72d4c1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/newsletter/subscription/style.css?ver=4.8.0 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:53 GMT
etag: "13be-5e5b99c1487a7-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 955
content-type: text/css
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-includes/js/wp-embed.min.js?ver=4.7.22
142.252.232.5200 OK 735 B URL HTTP/2 www.natashaamon.com/wp-includes/js/wp-embed.min.js?ver=4.7.22
IP 142.252.232.5:0
File type ASCII text, with very long lines (1386), with no line terminators
Hash d2b60c1231015fbb2cfb0680a4fdfc87
2964b5bc32aad38d53ba3063503711c5cb6006ed
a83053c9a437c08c7d62ae9b07cf680d43a3ad129de64633eee91a860fab7844
GET /wp-includes/js/wp-embed.min.js?ver=4.7.22 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "56a-5e5b99c259aa6-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 735
content-type: application/javascript
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-includes/js/hoverIntent.min.js?ver=1.8.1
142.252.232.5200 OK 464 B URL HTTP/2 www.natashaamon.com/wp-includes/js/hoverIntent.min.js?ver=1.8.1
IP 142.252.232.5:0
File type ASCII text, with very long lines (1087), with no line terminators
Hash 8f4371b1904703da700396e57cc2851a
f54f9c7e30117a26c096246800ad37684c3bb0f1
a90b06b6d4dc6446fd5e62dda1ae66d75edac1358c6abf8fadd1729d6e35f3ae
GET /wp-includes/js/hoverIntent.min.js?ver=1.8.1 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "43f-5e5b99c24fe67-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 464
content-type: application/javascript
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/themes/pool-services-lite/assets/js/lucid.js?ver=4.7.22
142.252.232.5200 OK 3.2 kB URL HTTP/2 www.natashaamon.com/wp-content/themes/pool-services-lite/assets/js/lucid.js?ver=4.7.22
IP 142.252.232.5:0
File type ASCII text, with very long lines (678)
Hash 3c5553e4e2ffd157e02dce5a7b15d7d6
9b6298a46ff71589fe563eceb46cfed41e8b49a1
19e423dd4ee9f45c547aad4f21bc857d9e190753159d1a3b28700391e9e25132
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/pool-services-lite/assets/js/lucid.js?ver=4.7.22 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "1f1c-5e5b99c204b4e-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3201
content-type: application/javascript
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver=4.3.0
142.252.232.5200 OK 5.4 kB URL HTTP/2 www.natashaamon.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver=4.3.0
IP 142.252.232.5:0
File type ASCII text, with very long lines (23613)
Hash 65482333d5b9c3650d0a2775c54cadeb
b185aa155e7ac50d762a9e404d843f1147ca0155
58ebba4ae1c3d38056796eb0ebce7410f324ca06d10e2a4ec3f6995c2d0de35b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver=4.3.0 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "5cdf-5e5b99c1e66f1-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5443
content-type: text/css
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/themes/pool-services-lite/style.css?ver=4.7.22
142.252.232.5200 OK 7.3 kB URL HTTP/2 www.natashaamon.com/wp-content/themes/pool-services-lite/style.css?ver=4.7.22
IP 142.252.232.5:0
File type ASCII text, with very long lines (1306)
Hash 9f2e625823abb1433eb1407773c8a172
bb46d594004c2efdc624658a945a2e8cfe152734
47cfb68c573307ef88282233d8b787e6b7e98962b91d333f1a48fd70aad5d2ad
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/pool-services-lite/style.css?ver=4.7.22 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "7634-5e5b99c20b8ae-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7265
content-type: text/css
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/js-composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.0.1
142.252.232.5200 OK 6.7 kB URL HTTP/2 www.natashaamon.com/wp-content/plugins/js-composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.0.1
IP 142.252.232.5:0
File type ASCII text, with very long lines (28824)
Hash 493398c5b021c6f1679b5faa7c9d33ae
1bd77a073f3d85adcf06856da80009a1cc4a11d3
31f324dd068c29c50c9af1334d7f461686d51c12435895e5e87e83d387917fb9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js-composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.0.1 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:53 GMT
etag: "713a-5e5b99c11247c-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6684
content-type: text/css
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.6.1
142.252.232.5200 OK 3.3 kB URL HTTP/2 www.natashaamon.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.6.1
IP 142.252.232.5:0
Hash 14abd46ed7edaad64f931e3f2178bc25
5e72dc8defc7b0a44375916e0509971c3696dd74
279728277b50fa6e3197334d2ce694971edf9b0ffce4c328e9b23b8c523068fa
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.6.1 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:53 GMT
etag: "2f4a-5e5b99c0fe046-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3263
content-type: application/javascript
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=2.0.16
142.252.232.5200 OK 2.6 kB URL HTTP/2 www.natashaamon.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=2.0.16
IP 142.252.232.5:0
File type ASCII text, with very long lines (546)
Hash 6b79d5dc854b49702255505e1ccc4b70
a736130a711b5d0b69caff1b07cd49b1235fa95c
bfc3d51a75af0ad3cde2c8f6d87c1ad49c90473d7ba4f9b1e76e805b35b6215a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=2.0.16 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "2748-5e5b99c1eb511-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2640
content-type: application/javascript
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/yith-woocommerce-ajax-search/assets/js/yith-autocomplete.min.js?ver=1.2.7
142.252.232.5200 OK 3.6 kB URL HTTP/2 www.natashaamon.com/wp-content/plugins/yith-woocommerce-ajax-search/assets/js/yith-autocomplete.min.js?ver=1.2.7
IP 142.252.232.5:0
File type ASCII text, with very long lines (542)
Hash d171f0b57f67e731714e976d7e3effc9
d5db7ce71689da030335986004af8c8e7f7e346e
bbed2067b39d1d8e094f4431aff18ad239d04a186f28b33f7c8575342c3ce26f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-ajax-search/assets/js/yith-autocomplete.min.js?ver=1.2.7 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "2b0d-5e5b99c1d807a-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3589
content-type: application/javascript
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.3.5
142.252.232.5200 OK 2.9 kB URL HTTP/2 www.natashaamon.com/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.3.5
IP 142.252.232.5:0
Hash fb6a591695ce9b9fcbc9cafc54b88a01
dd828f4578cddb02d22c5eb32b3844543a7df97d
ac6dca8acc10ba7065c9521c3e55e4691fcbc8ee8ab0699bbc38f4b8fa5aa479
GET /wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.3.5 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:53 GMT
etag: "3afa-5e5b99c12e99a-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2888
content-type: application/javascript
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
142.252.232.5200 OK 4.0 kB URL HTTP/2 www.natashaamon.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
IP 142.252.232.5:0
File type ASCII text, with very long lines (15658)
Hash 6ea9b5bb25153f388b207e7ace2fd8f3
996696f49fa1da27c5bdaa9ad137dbb07ee48463
41d7aef81db85a75a0a668f3f8235ce54665afc804dfe36c7f2fddc6e43fd224
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "3d78-5e5b99c1eb511-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4006
content-type: application/javascript
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20
142.252.232.5200 OK 5.9 kB URL HTTP/2 www.natashaamon.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20
IP 142.252.232.5:0
File type ASCII text, with very long lines (14900)
Hash ebcf9ad4a94d5c31649dd4515ad0c7c0
e219102aa3fe113876fd76b578f9ea142d67d967
5af8e42123fc03e9a53e6fe91d95c64591e63d3c1f27703a24966154d7784747
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:53 GMT
etag: "3b90-5e5b99c0fe046-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5860
content-type: application/javascript
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6
142.252.232.5200 OK 5.9 kB URL HTTP/2 www.natashaamon.com/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6
IP 142.252.232.5:0
File type ASCII text, with very long lines (21592), with no line terminators
Hash e7ea1633b959bbaaae6977cc8576e0fd
9647a1164a2ea96dc87c396decea74be81276530
2b552dac8d5fb1334c0ab4061deb1d7e4b841dad3a7eec49fe832dfbf84629e5
GET /wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "5458-5e5b99c1a639f-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5851
content-type: application/javascript
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/js-composer/assets/js/dist/js_composer_front.min.js?ver=5.0.1
142.252.232.5200 OK 5.6 kB URL HTTP/2 www.natashaamon.com/wp-content/plugins/js-composer/assets/js/dist/js_composer_front.min.js?ver=5.0.1
IP 142.252.232.5:0
File type ASCII text, with very long lines (19302), with no line terminators
Hash 0efafbecce64312aea66b69f8ddcbbec
c34c4d59473aad7412257096b121fd752d7f13b6
19ecff382e9045abee99b4532cfb142f73a5cafe586cb7caf53f105a8ac91ce6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js-composer/assets/js/dist/js_composer_front.min.js?ver=5.0.1 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:53 GMT
etag: "4b66-5e5b99c10beed-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5606
content-type: application/javascript
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/themes/pool-services-lite/assets/js/bootstrap.js?ver=4.7.22
142.252.232.5200 OK 20 kB URL HTTP/2 www.natashaamon.com/wp-content/themes/pool-services-lite/assets/js/bootstrap.js?ver=4.7.22
IP 142.252.232.5:0
File type ASCII text, with very long lines (315)
Hash 39436a273d7cbb65f100cd6ffefd88d3
d9661843dd83dfc185d3c1fd0d85744d25bb131c
d0713284e922a7646a3a7f1197a0a9a3d888ca66366b4c0c3f914dcdf466edeb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/pool-services-lite/assets/js/bootstrap.js?ver=4.7.22 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "1c168-5e5b99c204766-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 20139
content-type: application/javascript
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.3.1
142.252.232.5200 OK 17 kB URL HTTP/2 www.natashaamon.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.3.1
IP 142.252.232.5:0
File type ASCII text, with very long lines (32020)
Hash b4f339e585bebafaae991720d64258d2
3bf8770cd493a8a6a3b4dc8a29a59b5d1265ef2b
e24cd90428b398498930396ba83c13bad996508f3f1dc9e65a7948ef1ddbac6c
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.3.1 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "f3b0-5e5b99c195230-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 17235
content-type: application/javascript
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/themes/pool-services-lite/assets/css/bootstrap.css?ver=4.7.22
142.252.232.5200 OK 22 kB URL HTTP/2 www.natashaamon.com/wp-content/themes/pool-services-lite/assets/css/bootstrap.css?ver=4.7.22
IP 142.252.232.5:0
Hash 95c61a3837f8c5d6d9497465bd8d5c0d
3b58fb418d57da17731a2fd09c6228de4a524c27
025e4fb1edb915cbc90adeeba80f71ce35e8cfbd27d51ec20140a787d454f64f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/pool-services-lite/assets/css/bootstrap.css?ver=4.7.22 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "2b7be-5e5b99c203bae-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 22365
content-type: text/css
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.3.1
142.252.232.5200 OK 37 kB URL HTTP/2 www.natashaamon.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.3.1
IP 142.252.232.5:0
File type ASCII text, with very long lines (27184)
Hash e83d81b6547dd15c59902a0b9c2776d0
6ba51781f5fcef943248cf43e3c23b0581df3361
02f700a3cdebd355831d895b3227940e8b8d6b868f3b4a3332d6a76dea0df5c3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.3.1 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "1a376-5e5b99c195618-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 37333
content-type: application/javascript
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/js-composer/assets/css/js_composer.min.css?ver=5.0.1
142.252.232.5200 OK 44 kB URL HTTP/2 www.natashaamon.com/wp-content/plugins/js-composer/assets/css/js_composer.min.css?ver=5.0.1
IP 142.252.232.5:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 093022cbb463574a78112bc1315e62d9
f6cab15675e35bca525d43a70ac20eed35d4cc74
69e831c5926dbf97dd3b6a38d722420eb2ab480320ec478194e6919392271a09
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js-composer/assets/css/js_composer.min.css?ver=5.0.1 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:53 GMT
etag: "700bd-5e5b99c1049be-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 44397
content-type: text/css
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/uploads/2022/08/bague-femme-tamia-ring-rainbow-vivienne-westwood-600x694.jpg
142.252.232.5200 OK 14 kB URL HTTP/2 www.natashaamon.com/wp-content/uploads/2022/08/bague-femme-tamia-ring-rainbow-vivienne-westwood-600x694.jpg
IP 142.252.232.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 600x694, components 3\012- data
Hash ae3b47a212872cf02cd723dfbccd9e6c
e628a5aeca51e1b4fad05140b73a347b595b97b8
a3fd2f5228a2394028db4168c39779608483b346c400e3800691dc6a172d053c
GET /wp-content/uploads/2022/08/bague-femme-tamia-ring-rainbow-vivienne-westwood-600x694.jpg HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 14:16:35 GMT
etag: "384e-5e5bb769d9959"
accept-ranges: bytes
content-length: 14414
content-type: image/jpeg
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/uploads/2022/09/clous-doreilles-femme-valentina-orb-earrings-gold-vivienne-westwood-600x694.jpg
142.252.232.5200 OK 15 kB URL HTTP/2 www.natashaamon.com/wp-content/uploads/2022/09/clous-doreilles-femme-valentina-orb-earrings-gold-vivienne-westwood-600x694.jpg
IP 142.252.232.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 600x694, components 3\012- data
Hash e572558f0c0c51fd612c227fc21da938
38d9a4e4779dfb628bc340e81a7d14b20a959132
97d72c34454383d2b7864e2d3bb63e436b7c1f994a704d2dedc43aac21f0c79b
GET /wp-content/uploads/2022/09/clous-doreilles-femme-valentina-orb-earrings-gold-vivienne-westwood-600x694.jpg HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 14:51:16 GMT
etag: "3b6d-5e5bbf2b2bcd2"
accept-ranges: bytes
content-length: 15213
content-type: image/jpeg
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/uploads/2022/08/bracelets-femme-polina-bracelet-gold-vivienne-westwood-600x694.jpg
142.252.232.5200 OK 16 kB URL HTTP/2 www.natashaamon.com/wp-content/uploads/2022/08/bracelets-femme-polina-bracelet-gold-vivienne-westwood-600x694.jpg
IP 142.252.232.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 600x694, components 3\012- data
Hash ced4fcc79144d350cede2c8a16808d7a
c990f11b7640c10a9c36d0a16832c93e785a03a2
911a0bfa001aff077a58a5bf3d803ae7c81a0ada7564d757b0540ded1103b95a
GET /wp-content/uploads/2022/08/bracelets-femme-polina-bracelet-gold-vivienne-westwood-600x694.jpg HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 14:13:08 GMT
etag: "3f84-5e5bb6a43cd39"
accept-ranges: bytes
content-length: 16260
content-type: image/jpeg
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/uploads/2022/08/bague-femme-calliope-ring-argent-vivienne-westwood-600x694.jpg
142.252.232.5200 OK 16 kB URL HTTP/2 www.natashaamon.com/wp-content/uploads/2022/08/bague-femme-calliope-ring-argent-vivienne-westwood-600x694.jpg
IP 142.252.232.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 600x694, components 3\012- data
Hash e9ab966ab51fa56342e8e4d22de866bb
6a20379d2924734a1deba5ce9856036f86544761
6074a3f5da2048f98014a6d7fc35879b06d8ef1314f01976075676da08328a48
GET /wp-content/uploads/2022/08/bague-femme-calliope-ring-argent-vivienne-westwood-600x694.jpg HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 14:16:40 GMT
etag: "3eb7-5e5bb76f03d25"
accept-ranges: bytes
content-length: 16055
content-type: image/jpeg
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/uploads/2022/08/baskets-femme-femme-baskets-basses-noires-c3a0-semelle-semi-compensc3a9e-avec-renfort-dorc3a9-au-talon-noir-rieker-600x600.jpg
142.252.232.5200 OK 17 kB URL HTTP/2 www.natashaamon.com/wp-content/uploads/2022/08/baskets-femme-femme-baskets-basses-noires-c3a0-semelle-semi-compensc3a9e-avec-renfort-dorc3a9-au-talon-noir-rieker-600x600.jpg
IP 142.252.232.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 600x600, components 3\012- data
Hash 794c36651ae48eefa65bb02be76697ff
7bd9572c861100615489098400712fd9cb7ebc05
715f4ec6f38fcf256d0b71d2184d417b0822b153d2248ae8bdb40794fbcd4edc
GET /wp-content/uploads/2022/08/baskets-femme-femme-baskets-basses-noires-c3a0-semelle-semi-compensc3a9e-avec-renfort-dorc3a9-au-talon-noir-rieker-600x600.jpg HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 13:52:53 GMT
etag: "4242-5e5bb21da91b2"
accept-ranges: bytes
content-length: 16962
content-type: image/jpeg
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/uploads/2022/08/sacs-c3a0-dos-femme-jordan-medium-handbag-green-vivienne-westwood-600x694.jpg
142.252.232.5200 OK 24 kB URL HTTP/2 www.natashaamon.com/wp-content/uploads/2022/08/sacs-c3a0-dos-femme-jordan-medium-handbag-green-vivienne-westwood-600x694.jpg
IP 142.252.232.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 600x694, components 3\012- data
Hash 8454b925b06acdbac185322cb76aadc8
ea2fe1fe848c3242ac3a057bc970a36abdcabf35
491be337d0a6105e8852ef79953f7614f52cf45039daca664ed6b714e788616b
GET /wp-content/uploads/2022/08/sacs-c3a0-dos-femme-jordan-medium-handbag-green-vivienne-westwood-600x694.jpg HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 14:39:21 GMT
etag: "5cc6-5e5bbc805fc2e"
accept-ranges: bytes
content-length: 23750
content-type: image/jpeg
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/uploads/2022/08/pantalons-femmehomme-stripped-classic-sweatpants-winetasting-vivienne-westwood-600x694.jpg
142.252.232.5200 OK 29 kB URL HTTP/2 www.natashaamon.com/wp-content/uploads/2022/08/pantalons-femmehomme-stripped-classic-sweatpants-winetasting-vivienne-westwood-600x694.jpg
IP 142.252.232.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 600x694, components 3\012- data
Hash 11f4f4d8fbe9b31da430598a803e2a7f
19e0edc3281ea9e89010236e4bc4a6db74277a07
f1c10a87c610e9b15aad45e1e547bc740eb241bd8559593436c1bdc8c5d5178b
GET /wp-content/uploads/2022/08/pantalons-femmehomme-stripped-classic-sweatpants-winetasting-vivienne-westwood-600x694.jpg HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 14:32:25 GMT
etag: "727a-5e5bbaf3c442b"
accept-ranges: bytes
content-length: 29306
content-type: image/jpeg
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/uploads/2022/08/pulls-femmehomme-chimera-jumper-faded-pink-vivienne-westwood-600x694.jpg
142.252.232.5200 OK 40 kB URL HTTP/2 www.natashaamon.com/wp-content/uploads/2022/08/pulls-femmehomme-chimera-jumper-faded-pink-vivienne-westwood-600x694.jpg
IP 142.252.232.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 600x694, components 3\012- data
Hash 9fe449c91be82f63d0608afc4e8bf783
1cd5f1df42ffee3bf0227aeb7465d73c69623214
d857de5bd9e6989283c9bfc02ccf9f0b6896401b25fd7b5e8d5564c2ad596fcf
GET /wp-content/uploads/2022/08/pulls-femmehomme-chimera-jumper-faded-pink-vivienne-westwood-600x694.jpg HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 14:19:27 GMT
etag: "9e30-5e5bb80e944f6"
accept-ranges: bytes
content-length: 40496
content-type: image/jpeg
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/uploads/2022/08/c3a9charpes-et-poncho-femmehomme-fisherman-classic-square-oxblood-vivienne-westwood-600x694.jpg
142.252.232.5200 OK 62 kB URL HTTP/2 www.natashaamon.com/wp-content/uploads/2022/08/c3a9charpes-et-poncho-femmehomme-fisherman-classic-square-oxblood-vivienne-westwood-600x694.jpg
IP 142.252.232.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 600x694, components 3\012- data
Hash b68888bba7ff767855a346651357b6d9
5db9cf77d87805ed032b10054a2442e8d53833b5
8feee4f7849e0daf17a426d57a2ceb02ad14dc63a260373d625284453632887f
GET /wp-content/uploads/2022/08/c3a9charpes-et-poncho-femmehomme-fisherman-classic-square-oxblood-vivienne-westwood-600x694.jpg HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 14:19:11 GMT
etag: "f0c7-5e5bb7fe96676"
accept-ranges: bytes
content-length: 61639
content-type: image/jpeg
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/uploads/2022/08/6.jpg
142.252.232.5200 OK 73 kB URL HTTP/2 www.natashaamon.com/wp-content/uploads/2022/08/6.jpg
IP 142.252.232.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 750x938, components 3\012- data
Hash b3126dbf89d2825b88efb515e4b1aa89
047044a65b04fc18d3de052e5d2547b35fa3a91c
910f496f59d00b39447ceb8ea5daa61ba10c080a80168e52dd0a0de7bcbab49a
GET /wp-content/uploads/2022/08/6.jpg HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 01:26:02 GMT
etag: "11e3f-5e5d8ee96dd6d"
accept-ranges: bytes
content-length: 73279
content-type: image/jpeg
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 21:41:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.natashaamon.com/wp-content/uploads/2022/08/4.jpg
142.252.232.5200 OK 81 kB URL HTTP/2 www.natashaamon.com/wp-content/uploads/2022/08/4.jpg
IP 142.252.232.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 750x938, components 3\012- data
Hash 9003d3e11f99acce535f07c93f7d9913
f7c88e0b7db5bc37e464398e581a39b4297a0761
8c8cf19909473b19c2f32b613c06ae2e03caf0caa04991c2ad96d05f62b142a4
GET /wp-content/uploads/2022/08/4.jpg HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 01:20:48 GMT
etag: "13ac3-5e5d8dbe49c1a"
accept-ranges: bytes
content-length: 80579
content-type: image/jpeg
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
216.58.207.227200 OK 35 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 34852, version 1.0\012- data
Hash 0e8eefb4549a2edf26c560cb9845952e
8d0b1718aacad934fd0043c87cbc54aa091396bf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.natashaamon.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 00:48:39 GMT
expires: Tue, 30 Jan 2024 00:48:39 GMT
cache-control: public, max-age=31536000
age: 247984
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/uploads/2022/08/sweat-shirts-et-t-shirts-femmehomme-drunken-sweatshirt-berber-vivienne-westwood-600x694.jpg
142.252.232.5200 OK 102 kB URL HTTP/2 www.natashaamon.com/wp-content/uploads/2022/08/sweat-shirts-et-t-shirts-femmehomme-drunken-sweatshirt-berber-vivienne-westwood-600x694.jpg
IP 142.252.232.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 600x694, components 3\012- data
Size 102 kB (102277 bytes)
Hash 7255c77462de664b623b7b803132988c
95dd6857eebe5485dde2c6b241caaabc5c1e9a12
eac4aa4575d827a921b4cde810647fc632f9ef7eb10dad6ca093f86ed303acf2
GET /wp-content/uploads/2022/08/sweat-shirts-et-t-shirts-femmehomme-drunken-sweatshirt-berber-vivienne-westwood-600x694.jpg HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 14:10:18 GMT
etag: "18f85-5e5bb6025f7bc"
accept-ranges: bytes
content-length: 102277
content-type: image/jpeg
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 21:41:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.natashaamon.com/wp-content/uploads/2022/08/8.jpg
142.252.232.5200 OK 159 kB URL HTTP/2 www.natashaamon.com/wp-content/uploads/2022/08/8.jpg
IP 142.252.232.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 750x938, components 3\012- data
Size 159 kB (158736 bytes)
Hash 75f13fb1c23d39bab1fffe05e1383114
b377691d5396c4a3b18fab77de78b26f46153488
6b3d11edb2fe0e46023cdc881b55033ce0ac563ff73d1be68ee22af98ebc7d4b
GET /wp-content/uploads/2022/08/8.jpg HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 01:26:58 GMT
etag: "26c10-5e5d8f1eecd8d"
accept-ranges: bytes
content-length: 158736
content-type: image/jpeg
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/uploads/2022/08/9.jpg
142.252.232.5200 OK 178 kB URL HTTP/2 www.natashaamon.com/wp-content/uploads/2022/08/9.jpg
IP 142.252.232.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 1900x500, components 3\012- data
Size 178 kB (177961 bytes)
Hash 0388edc0bf3316b58fd4b1c345a32b9c
50e83e081f51a6f0ccd712c1271e11dde8579359
7795c210d7ae274bc89af089f5801a092ad95ea0cd43432a511ec2ddd88dee7f
GET /wp-content/uploads/2022/08/9.jpg HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 01:27:52 GMT
etag: "2b729-5e5d8f52f653f"
accept-ranges: bytes
content-length: 177961
content-type: image/jpeg
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/uploads/2022/08/1.jpg
142.252.232.5200 OK 203 kB URL HTTP/2 www.natashaamon.com/wp-content/uploads/2022/08/1.jpg
IP 142.252.232.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 750x938, components 3\012- data
Size 203 kB (202771 bytes)
Hash 66bd4767de68d1c8f757ecd15a15f971
d07f9b820b59d0edc3843d679735f82a97419cad
f1c5ab64ba370a27841cb17c60243e17f9db15ca9014c23e03fbdbd242f4ad3f
GET /wp-content/uploads/2022/08/1.jpg HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 01:19:54 GMT
etag: "31813-5e5d8d8b0f0ed"
accept-ranges: bytes
content-length: 202771
content-type: image/jpeg
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/uploads/2022/08/7.jpg
142.252.232.5200 OK 244 kB URL HTTP/2 www.natashaamon.com/wp-content/uploads/2022/08/7.jpg
IP 142.252.232.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 750x938, components 3\012- data
Size 244 kB (244260 bytes)
Hash 3e3421110b4224ebaca06f6a3801683b
81afca62ad9f4fcf178a410625ab4f01ee937e7a
7a648dc151de3c5feb2a75ddc0b3da2d424528c39a93e08a7a4d22855f5896ed
GET /wp-content/uploads/2022/08/7.jpg HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 01:26:29 GMT
etag: "3ba24-5e5d8f03dff3c"
accept-ranges: bytes
content-length: 244260
content-type: image/jpeg
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/uploads/2022/08/3.jpg
142.252.232.5200 OK 338 kB URL HTTP/2 www.natashaamon.com/wp-content/uploads/2022/08/3.jpg
IP 142.252.232.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 750x938, components 3\012- data
Size 338 kB (337956 bytes)
Hash 0088b2f2c38652b36f029523aca01e06
9c4095719fed4416b921523c93ed7915572ff060
637c061ea9ed5576ca153a9ffc004836d8af35179aa2eae8368f9ae559893b4e
GET /wp-content/uploads/2022/08/3.jpg HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 01:20:23 GMT
etag: "52824-5e5d8da691233"
accept-ranges: bytes
content-length: 337956
content-type: image/jpeg
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=3.4.5
142.252.232.5200 OK 1.1 kB URL HTTP/2 www.natashaamon.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=3.4.5
IP 142.252.232.5:0
File type ASCII text, with very long lines (6758), with no line terminators
Hash bac3c679da4930209be92b338cb74b7f
1a18633b3aecdcb7146475a1f6a90c58058f9e9b
b5b63cee0120e4cf9a183bab0905af9d4fa8712d4afef4d0b7d7c0f914ae26b3
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=3.4.5 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "1a66-5e5b99c1a05df-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1055
content-type: text/css
date: Wed, 01 Feb 2023 21:41:43 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/js-composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
142.252.232.5200 OK 72 kB URL HTTP/2 www.natashaamon.com/wp-content/plugins/js-composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
IP 142.252.232.5:0
File type Web Open Font Format (Version 2), TrueType, length 71896, version 4.393\012- data
Hash e6cf7c6ec7c2d6f670ae9d762604cb0b
97e438cc545714309882fbceadbf344fcaddcec5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js-composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.natashaamon.com/wp-content/plugins/js-composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.0.1
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:53 GMT
etag: "118d8-5e5b99c113fd4"
accept-ranges: bytes
content-length: 71896
vary: Accept-Encoding,User-Agent
date: Wed, 01 Feb 2023 21:41:43 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.3.1.4
142.252.232.5200 OK 6.8 kB URL HTTP/2 www.natashaamon.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.3.1.4
IP 142.252.232.5:0
File type ASCII text, with very long lines (28168)
Hash cbf375b006fa957b9548bbed7b0b77f9
6801a6d76bc4d7ea226a20d91632e05b44793f73
78913391b731519ebb60674a668fb9b2445fe162b1870e362b43a166eebd857c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.3.1.4 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "6efc-5e5b99c194a60-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6761
content-type: application/javascript
date: Wed, 01 Feb 2023 21:41:43 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.actions.min.js?version=5.3.1.4
142.252.232.5200 OK 2.4 kB URL HTTP/2 www.natashaamon.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.actions.min.js?version=5.3.1.4
IP 142.252.232.5:0
File type ASCII text, with very long lines (7911)
Hash 5647910d01e4212347571dcea76c6508
1d213499026114be1d3ff7dd730630afbda0ac37
de9a5a150369c26213b2070ffa0d74aa06b3910721a03ff4b246c23acc90faa1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.actions.min.js?version=5.3.1.4 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "1fcd-5e5b99c194291-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2435
content-type: application/javascript
date: Wed, 01 Feb 2023 21:41:43 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.3.1.4
142.252.232.5200 OK 13 kB URL HTTP/2 www.natashaamon.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.3.1.4
IP 142.252.232.5:0
File type ASCII text, with very long lines (32069)
Hash afa29a906ecce15c4fcaeb3b9fd7b2db
ea5e8c49111b2d2ab7b2ead29b1895029484e0db
e19f318f94c8273e1320c6445c1323ade3e5bcb2b66b8f1a590739df8ba91615
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.3.1.4 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "c231-5e5b99c194679-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 12783
content-type: application/javascript
date: Wed, 01 Feb 2023 21:41:43 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/plugins/revslider/public/assets/assets/coloredbg.png
142.252.232.5200 OK 184 B URL HTTP/2 www.natashaamon.com/wp-content/plugins/revslider/public/assets/assets/coloredbg.png
IP 142.252.232.5:0
File type PNG image data, 5 x 5, 8-bit/color RGBA, non-interlaced\012- data
Hash 397e5bd80bc0fe4e18c1837deead5e72
02ba7ca593b1aecc13bc821b1043cbbb3e9421a0
ef2284224ce3426c26d4caa902989107ba3200dbd24d4ace60ccb2bad033f000
GET /wp-content/plugins/revslider/public/assets/assets/coloredbg.png HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.3.1
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "b8-5e5b99c17ac53"
accept-ranges: bytes
content-length: 184
content-type: image/png
date: Wed, 01 Feb 2023 21:41:44 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/uploads/2022/08/13.png
142.252.232.5200 OK 15 kB URL HTTP/2 www.natashaamon.com/wp-content/uploads/2022/08/13.png
IP 142.252.232.5:0
File type PNG image data, 100 x 98, 8-bit/color RGBA, non-interlaced\012- data
Hash f2e1dc4004da2ebf7bab83e0533595b3
2561def141f1c1fb717a0bf4699db092c5fe086d
f70f432cc43c3589e86d5d61c2b1f604697919c6f4453c39ddb622b18b19ea74
GET /wp-content/uploads/2022/08/13.png HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 01:23:49 GMT
etag: "3994-5e5d8e6b0b55a"
accept-ranges: bytes
content-length: 14740
content-type: image/png
date: Wed, 01 Feb 2023 21:41:44 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/wp-content/uploads/2022/08/13-100x98.png
142.252.232.5200 OK 16 kB URL HTTP/2 www.natashaamon.com/wp-content/uploads/2022/08/13-100x98.png
IP 142.252.232.5:0
File type PNG image data, 100 x 98, 8-bit/color RGBA, non-interlaced\012- data
Hash b5d049eec58517219451671b9647edcd
4fda006344e875e7fa27ad8946c9c988f4ebb12d
d2746b6d8d0f95dce567cfbf14de4783e640920b30e8dafaa3bc0f11f4bcfcd6
GET /wp-content/uploads/2022/08/13-100x98.png HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 01:23:49 GMT
etag: "406c-5e5d8e6b141fa"
accept-ranges: bytes
content-length: 16492
content-type: image/png
date: Wed, 01 Feb 2023 21:41:44 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.natashaamon.com/?wc-ajax=get_refreshed_fragments
142.252.232.5200 OK 159 B URL HTTP/2 www.natashaamon.com/?wc-ajax=get_refreshed_fragments
IP 142.252.232.5:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d0deda69decc5d701325288f4cab5ffe
e082c3c485f7797cb8b545149ddc12f2fd17b217
3a3a0431148a7a03152a605ef17a86251410403c352a2ae16f3d05769705c620
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://www.natashaamon.com
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/5.6.40
pragma: no-cache
access-control-allow-origin: https://www.natashaamon.com
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 159
content-type: application/json; charset=UTF-8
date: Wed, 01 Feb 2023 21:41:43 GMT
server: Apache/2
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=ZCOOL+XiaoWei%7CDM+Serif+Display%3A400%2C400i%7CAssistant%3A200%2C300%2C400%2C600%2C700%2C800%7CDM%2BSerif%2BDisplay%3A400%2C400i%7CStylish%7CNunito+Sans%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CHeebo%3A100%2C300%2C400%2C500%2C700%2C800%2C900%7CSaira%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CKrub%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%7CPT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7CFira+Sans%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COverpass%7CStaatliches%7CMontserrat%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%7CMerriweather%7CDroid+Sans%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%3A300%2C400%2C700%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%3A400%2C400i%2C600%2C600i%2C700%2C700i%2C900%2C900i%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CUnica+One&ver=4.7.22
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=ZCOOL+XiaoWei%7CDM+Serif+Display%3A400%2C400i%7CAssistant%3A200%2C300%2C400%2C600%2C700%2C800%7CDM%2BSerif%2BDisplay%3A400%2C400i%7CStylish%7CNunito+Sans%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CHeebo%3A100%2C300%2C400%2C500%2C700%2C800%2C900%7CSaira%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CKrub%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%7CPT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7CFira+Sans%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COverpass%7CStaatliches%7CMontserrat%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%7CMerriweather%7CDroid+Sans%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%3A300%2C400%2C700%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%3A400%2C400i%2C600%2C600i%2C700%2C700i%2C900%2C900i%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CUnica+One&ver=4.7.22
IP 142.250.74.106:0
GET /css?family=ZCOOL+XiaoWei%7CDM+Serif+Display%3A400%2C400i%7CAssistant%3A200%2C300%2C400%2C600%2C700%2C800%7CDM%2BSerif%2BDisplay%3A400%2C400i%7CStylish%7CNunito+Sans%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CHeebo%3A100%2C300%2C400%2C500%2C700%2C800%2C900%7CSaira%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CKrub%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%7CPT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7CFira+Sans%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COverpass%7CStaatliches%7CMontserrat%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%7CMerriweather%7CDroid+Sans%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%3A300%2C400%2C700%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%3A400%2C400i%2C600%2C600i%2C700%2C700i%2C900%2C900i%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CUnica+One&ver=4.7.22 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 01 Feb 2023 21:41:42 GMT
date: Wed, 01 Feb 2023 21:41:42 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.natashaamon.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
142.252.232.5200 OK 0 B URL HTTP/2 www.natashaamon.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 142.252.232.5:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: www.natashaamon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.natashaamon.com/
Cookie: PHPSESSID=enr4srb6iepbas7tnr6jmtc1v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 12:03:54 GMT
etag: "17a6a-5e5b99c250a1f-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 33776
content-type: application/javascript
date: Wed, 01 Feb 2023 21:41:42 GMT
server: Apache/2
X-Firefox-Spdy: h2