r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6ed951622549ed76959631f8a1bf497b
682b2dd2a72190510e3fa7bdb0c0c6f25a322dfb
86f5e5ae2da408a899d16c83b7ca441033ac0c30062cd29f2db1b1b5be666746
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86F5E5AE2DA408A899D16C83B7CA441033AC0C30062CD29F2DB1B1B5BE666746"
Last-Modified: Sat, 19 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2558
Expires: Sat, 19 Nov 2022 17:32:19 GMT
Date: Sat, 19 Nov 2022 16:49:41 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f732c50f6a2482aeea20552e0370c2d0
6f33119d5c38e92a0a62f3a46766ff86014e4d68
a47e38c199c5fecd5594544a3889e1cfca5547d85f19056f06eaeeadf17f4fe9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2731
Cache-Control: max-age=152823
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 16:49:41 GMT
Etag: "6378b071-1d7"
Expires: Mon, 21 Nov 2022 11:16:44 GMT
Last-Modified: Sat, 19 Nov 2022 10:31:13 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e7724a1f27dc1b5b2fb63c7e486f74db
ef0ea648ce8bc189d31382baec4b181c724af93b
2a46916079563d95fa6a695104ebf41829ee95a156d6e4d45b9aef7231a8a80e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A46916079563D95FA6A695104EBF41829EE95A156D6E4D45B9AEF7231A8A80E"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5460
Expires: Sat, 19 Nov 2022 18:20:41 GMT
Date: Sat, 19 Nov 2022 16:49:41 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 19 Nov 2022 16:44:57 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 284
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: iKgYItcOhd+ouWV6OmqAiYAXy6QBDz1qcBDFA1dFQMXdqhwFXJ/3UEM7Ot4e8n4iZz4c9xsCW3s=
x-amz-request-id: QEK0N1VGEJJ8HHAA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 19 Nov 2022 15:53:25 GMT
age: 3376
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 16:49:41 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 19 Nov 2022 16:44:49 GMT
cache-control: public,max-age=3600
age: 292
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 060d538b33e370fcd033339830d33a42
4a37d427988358eb318e18e2678c3484ef4a5ebd
efa33f92547243814b5bd3bca4f94d26055d590a4431611b3ba251a8d774bfbb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3575
Cache-Control: max-age=148606
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 16:49:41 GMT
Etag: "63789cac-1d7"
Expires: Mon, 21 Nov 2022 10:06:27 GMT
Last-Modified: Sat, 19 Nov 2022 09:06:52 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.162.110.205101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.110.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RyLqwR2TPfa46N1yRZQ4rA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KgXOH60BghgJVWQkVdKsVt2H5ck=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6464
Expires: Sat, 19 Nov 2022 18:37:27 GMT
Date: Sat, 19 Nov 2022 16:49:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6464
Expires: Sat, 19 Nov 2022 18:37:27 GMT
Date: Sat, 19 Nov 2022 16:49:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6464
Expires: Sat, 19 Nov 2022 18:37:27 GMT
Date: Sat, 19 Nov 2022 16:49:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6464
Expires: Sat, 19 Nov 2022 18:37:27 GMT
Date: Sat, 19 Nov 2022 16:49:43 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d6b026c34985bbf2ebf89a62d0724c66
72369ebeccf447fa91ef77711d6297063c99777e
e5598ada634274ab9995dedda8c1fd18344abcfdd49b3a1aaede0a86fafc0f40
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3035
x-amzn-requestid: 3e3f3a7f-9a1d-4b37-b932-22c6e3e638f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QRcFOuoAMF_fQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6f-09dc20ea5620dd167e3f7265;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: pLsLyVnqWVp3c5Z5IavS9Xumx3cYUsungYuOLojzKNtOoRQx7-rEOQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:48:36 GMT
etag: "72369ebeccf447fa91ef77711d6297063c99777e"
content-type: image/jpeg
age: 68467
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57d03484-7ccd-4a2d-81a2-0205f032f99d.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57d03484-7ccd-4a2d-81a2-0205f032f99d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f5af431deee2fb28fcc08b25f5162944
6dac89954db5946b9ac1fdca3196d8b6bb3f54c3
b22d9111361ebce06d55d14d05f4a5206ca7097b059bbe6bc02b10391b61f458
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57d03484-7ccd-4a2d-81a2-0205f032f99d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6365
x-amzn-requestid: 60bd00c0-6808-4bc5-a0cb-e4390d353d65
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: befxSFJOIAMF6Lw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636f466e-514b3be121f077d559acdb86;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 07:08:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: IQiCXdikH067-EmFBDjg6HCQ-ZNTCBRBhWDaScbj-U2z8aNW3Ia7zQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 07:17:10 GMT
age: 34353
etag: "6dac89954db5946b9ac1fdca3196d8b6bb3f54c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f739db7-4732-4b66-9c50-59fa4416df43.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f739db7-4732-4b66-9c50-59fa4416df43.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dd028e5379061f8bf0d569506979a05a
7896c55cb0bf1997f1e9ab31028b04c332bd6f10
f8a32af3451f196bd2ded7065923a3ad5392c0dd3a82c53cf03a948d183cbf9f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f739db7-4732-4b66-9c50-59fa4416df43.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8059
x-amzn-requestid: 2dc81ded-54e7-4d96-bef4-a32f83a90624
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubXdH79oAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5c9-19bc25513834006570cb7384;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _0qHgKWkSjCBnZCge8TloYPlQKNVxQxShDZ1Mib5mT9rVpoFFOtOjg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 03:50:17 GMT
age: 46766
etag: "7896c55cb0bf1997f1e9ab31028b04c332bd6f10"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f3c55266-9b03-4b7f-b076-fdf56704318e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QQyECioAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6b-3e10cef6117a10a4115cfce7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: l3euSue3hLTcBU1OSLRCDuBDeXXM2mAIz0LhADeJV-30r-dW_TFV0w==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:48:36 GMT
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
age: 68467
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c537d4-e03f-4ec6-8922-6dce72c72ab9.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c537d4-e03f-4ec6-8922-6dce72c72ab9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 459df915ce91b32b2dcc4850516d68a0
d7a5473d367e7965a4af55acbf4675ed7088fab2
a03e26ebee79ad9b9dda1bf680e0d2467ae6d5e582589ada9fe6ddfa437c483c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c537d4-e03f-4ec6-8922-6dce72c72ab9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4851
x-amzn-requestid: 8c868655-d0eb-428d-9fc0-a7449f770bd4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brtDFF9HoAMFV9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748ee0-4f7daf8f7451dc5e0840f620;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:18:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xirMw5z5GPbmx9Sii_I4iNeh1GS5k9lGmaaJvUGAPWoVyP0Tldhf1w==
via: 1.1 e9ba0a9a729ff2960a04323bf1833df8.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 03:31:06 GMT
age: 47917
etag: "d7a5473d367e7965a4af55acbf4675ed7088fab2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce07c59e-2c1b-4d3b-8c02-f1ed4bca6607.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce07c59e-2c1b-4d3b-8c02-f1ed4bca6607.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 49115517a3f79b5092934e128d54c721
14582e35cacbfc2543587e546cb3b4faf2c898bf
0f9015683cacc252fb5e5053681da1b85b3dd0694e2cd04417e73e5e82ecac2f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce07c59e-2c1b-4d3b-8c02-f1ed4bca6607.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3962
x-amzn-requestid: 29b553ab-9ef2-44b8-aea9-b1582b207a6b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QRWGKmIAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6e-3fb68804386112d17eba689d;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6ISYqEe7AEtnPxzJUN6oEX_ohOSxVbfoW6b1_TNH6FInCc61ek4UnQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:48:36 GMT
etag: "14582e35cacbfc2543587e546cb3b4faf2c898bf"
content-type: image/jpeg
age: 68467
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.neshuafoods.com/wp-content/setup.exe
23.94.191.90301 Moved Permanently 0 B URL HTTP/1.1 www.neshuafoods.com/wp-content/setup.exe
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /wp-content/setup.exe HTTP/1.1
Host: www.neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 19 Nov 2022 16:49:40 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Vary: Accept-Encoding,Cookie
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Set-Cookie: mailchimp_landing_site=https%3A%2F%2Fneshuafoods.com%2Fwp-content%2Fsetup.exe; expires=Sat, 17-Dec-2022 16:49:42 GMT; Max-Age=2419200; path=/; secure; SameSite=Strict
Location: http://neshuafoods.com/wp-content/setup.exe
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
neshuafoods.com/wp-content/setup.exe
23.94.191.90404 Not Found 137 kB URL HTTP/1.1 neshuafoods.com/wp-content/setup.exe
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (21009), with CRLF, LF line terminators
Size 137 kB (136851 bytes)
Hash bf9e780211d99c2fda0ac27d8c1a89be
43d96cf20977d5ed09a942732aeba36cce595b7b
198aa38d9f6f2cb2cb1a7ab0f4cd4f0a0457f79b77c95a8791740104099f37ef
Analyzer Verdict Alert fortinet Malware
GET /wp-content/setup.exe HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Date: Sat, 19 Nov 2022 16:49:43 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Vary: Accept-Encoding,Cookie
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://neshuafoods.com/wp-json/>; rel="https://api.w.org/"
Set-Cookie: mailchimp_landing_site=https%3A%2F%2Fneshuafoods.com%2Fwp-content%2Fsetup.exe; expires=Sat, 17-Dec-2022 16:49:44 GMT; Max-Age=2419200; path=/; secure; SameSite=Strict
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
neshuafoods.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.4.3
23.94.191.90200 OK 4.9 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.4.3
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (4933), with no line terminators
Hash e372df47bd19e1563b557d7bdb817188
4efdf4050a78bdbd88aa255955b7423105895dd0
4b7693154069c53a16468d09d89c9eba5da6c0dfc69cf4d7eb675e32ba663361
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.4.3 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:47 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 15:44:35 GMT
Accept-Ranges: bytes
Content-Length: 4933
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
neshuafoods.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.0.5
23.94.191.90200 OK 24 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.0.5
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (24504)
Hash 7c073b910d79ad465dcfd1894caef986
526c28d076c1aaae387cdbbf04cb2e64b13b29ab
2428388ee7fb9c89fdfd1191a1fb4a45794d7fd64777ecfd9bc4c06052a17522
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.0.5 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:47 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 15:42:50 GMT
Accept-Ranges: bytes
Content-Length: 24505
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
neshuafoods.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
23.94.191.90200 OK 19 kB URL HTTP/1.1 neshuafoods.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:47 GMT
Server: Apache
Last-Modified: Tue, 12 Apr 2022 10:26:24 GMT
Accept-Ranges: bytes
Content-Length: 18617
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/plugins/ecwid-shopping-cart/css/frontend.css?ver=6.10.21
23.94.191.90200 OK 2.1 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/ecwid-shopping-cart/css/frontend.css?ver=6.10.21
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
Hash 0d675af4bf7772c4d89e12d0a51127c8
20dad9506ef7272d274027cfa1d398077d66513e
b386064729c5fe39d8c11f0848927837fc89017db6ed30c17735005dcbe7c814
GET /wp-content/plugins/ecwid-shopping-cart/css/frontend.css?ver=6.10.21 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:47 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 15:42:16 GMT
Accept-Ranges: bytes
Content-Length: 2077
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
neshuafoods.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
23.94.191.90200 OK 89 kB URL HTTP/1.1 neshuafoods.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (43771)
Hash b7915926fe42d76e9c802353ab01dae4
3a8192a4312f25f53de25b100d62829c0f14d67c
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:47 GMT
Server: Apache
Last-Modified: Tue, 12 Jul 2022 21:42:34 GMT
Accept-Ranges: bytes
Content-Length: 88932
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
neshuafoods.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1
23.94.191.90200 OK 2.7 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
Hash e6fae855021a88a0067fcc58121c594f
6299ac3987b5e81725781799dad361d19ac3b99d
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:47 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 15:42:02 GMT
Accept-Ranges: bytes
Content-Length: 2731
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 07caf241d63e15426cd26434ef88e9dd
ec289ab860ffccd49ce9a62d2c47c59dc181fbd5
d1f4bc6604b8a399049b5943d23dbfb842d9a100bf6f5c71e91a27cd3588cecb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 16:49:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
neshuafoods.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.5.1
23.94.191.90200 OK 18 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.5.1
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (17809), with no line terminators
Hash 1ddf23fcfd1b2941c456ce01da8180a6
156ef5cc77061010e3f4123a47fa415c6391e5ff
dd18a408a35aa5d393458657eb24fb56ab754ece3f88bd78a038e5793d3f6991
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.5.1 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:47 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 15:44:25 GMT
Accept-Ranges: bytes
Content-Length: 17809
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 07caf241d63e15426cd26434ef88e9dd
ec289ab860ffccd49ce9a62d2c47c59dc181fbd5
d1f4bc6604b8a399049b5943d23dbfb842d9a100bf6f5c71e91a27cd3588cecb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 16:49:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f17b03be491bcd758ad58f33ac7c094c
c02829213f2c3afc21026a24b413585804ba17de
e4085af005b24bc39492d37826b238a7e32d85037c9dcfc658171e73325ec0d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 16:49:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f17b03be491bcd758ad58f33ac7c094c
c02829213f2c3afc21026a24b413585804ba17de
e4085af005b24bc39492d37826b238a7e32d85037c9dcfc658171e73325ec0d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 16:49:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-10860541017
142.250.74.168200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-10860541017
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 08310a551bf843d097bc25c1052f3686
92effcdc7b8904257defbe49f820e62701af7fab
ef0dc9faa03612a8b70cca128bbf408bc42522e0a745349e13f86e1fcbaa4d6c
GET /gtag/js?id=AW-10860541017 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neshuafoods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 19 Nov 2022 16:49:47 GMT
expires: Sat, 19 Nov 2022 16:49:47 GMT
cache-control: private, max-age=900
last-modified: Sat, 19 Nov 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 53005
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-222265690-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-222265690-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 08f3738571d48052e3ece8b3dc542a94
892abdc966b8f96c57aa207bb9fd6564a0d41082
a8f6bc1a5af36310ceb57a8d8bf21668826eba5285c8f644aa14c4f3aa0796ca
GET /gtag/js?id=UA-222265690-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neshuafoods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 19 Nov 2022 16:49:47 GMT
expires: Sat, 19 Nov 2022 16:49:47 GMT
cache-control: private, max-age=900
last-modified: Sat, 19 Nov 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43595
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
neshuafoods.com/wp-content/plugins/smooth-back-to-top-button/assets/css/sbttb-fonts.css?ver=1.1.5
23.94.191.90200 OK 1.2 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/smooth-back-to-top-button/assets/css/sbttb-fonts.css?ver=1.1.5
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with CRLF line terminators
Hash de7b9a396fc924b5af9aaa6e753c1277
bee51800d0590d6e0eb1cecb311d1f05ca7a52d7
2c3a58f21d8c37864f7d53e5d5f3ed371eb3245eb8b216b1ab2eaf0ea4b076e6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/smooth-back-to-top-button/assets/css/sbttb-fonts.css?ver=1.1.5 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:47 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 15:42:52 GMT
Accept-Ranges: bytes
Content-Length: 1245
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
neshuafoods.com/wp-content/plugins/smooth-back-to-top-button/assets/css/smooth-back-to-top-button.css?ver=1.1.5
23.94.191.90200 OK 850 B URL HTTP/1.1 neshuafoods.com/wp-content/plugins/smooth-back-to-top-button/assets/css/smooth-back-to-top-button.css?ver=1.1.5
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with CRLF line terminators
Hash 818091b4a043e9e89c20e83c7e015c3b
5f77a4bbcaea2d1587a9752e454edfbc48bbba7f
ecfbea18361174af64cddffcc86d68287a9b2b51962718aa825ff4fee809489f
GET /wp-content/plugins/smooth-back-to-top-button/assets/css/smooth-back-to-top-button.css?ver=1.1.5 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:47 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 15:42:52 GMT
Accept-Ranges: bytes
Content-Length: 850
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
neshuafoods.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.4.3
23.94.191.90200 OK 209 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.4.3
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Size 209 kB (209250 bytes)
Hash aae59dc8fdd045adaecd8e98fe3861d0
398bb3b337d72cc8fb749b3b32ddcd8449607d79
f4e0d1e486e663ad600a8c68224f47051bbc27412e497a07e7a769fcde1a4269
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.4.3 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:47 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 15:44:37 GMT
Accept-Ranges: bytes
Content-Length: 209250
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
neshuafoods.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.5.1
23.94.191.90200 OK 63 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.5.1
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type Unicode text, UTF-8 text, with very long lines (62753), with no line terminators
Hash 979b8b56e801469d95453055366ef54c
cb8a0bb5f00fee130a289ea4dfafc00fa53e1c04
d3322ccb3912f7a9485eb1d75971fd5e1eb49c6575ff5ad985fb5496333e8c8b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.5.1 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:47 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 15:44:26 GMT
Accept-Ranges: bytes
Content-Length: 62755
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
neshuafoods.com/wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=1.4.21
23.94.191.90200 OK 3.8 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=1.4.21
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
Hash 9c6b63558e5de592c160563dbe08dd0d
e4969ab55cc566759623f6b4e1c7d6b3bcdc21cd
14a77bc82e039ce4be0d9ba9b0237495b0a9578d34eb92d444093d440f6190ba
GET /wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=1.4.21 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:47 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 15:45:23 GMT
Accept-Ranges: bytes
Content-Length: 3812
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
neshuafoods.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.3.5
23.94.191.90200 OK 60 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.3.5
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash 54527f5cadfffb297c67253a2b286047
32084414cf1985872c7fcf8ccd5530661792c460
b09d6fb64485b79048c03c7496189e25b0037395a4193faaf88d98b69243c522
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.3.5 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:47 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:51:30 GMT
Accept-Ranges: bytes
Content-Length: 60305
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
neshuafoods.com/wp-content/themes/lukani/style.css?ver=6.0.3
23.94.191.90200 OK 4.9 kB URL HTTP/1.1 neshuafoods.com/wp-content/themes/lukani/style.css?ver=6.0.3
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (490)
Hash 3fbe0147ea8676e6669d8e62e2848fd4
2b52bc4223e9082625a9baee7087afa019384237
8c6d9bf43d126cf45d1af78b0cc393ddd9fe106c0fa5dbc8e52e9c029d6ce93f
GET /wp-content/themes/lukani/style.css?ver=6.0.3 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:47 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:44:42 GMT
Accept-Ranges: bytes
Content-Length: 4900
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
neshuafoods.com/wp-content/plugins/skt-templates/css/templaters.css?ver=6.0.3
23.94.191.90200 OK 210 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/skt-templates/css/templaters.css?ver=6.0.3
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (542), with CRLF line terminators
Size 210 kB (209871 bytes)
Hash 800eacf75f85c63971687193082f2a93
fa43f401e871619fa3e0c2d1129d2b7863b31051
91d20166e873778d6787b58644c050e9d442b4f6c9751cee0b825d308e9fd3ef
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/skt-templates/css/templaters.css?ver=6.0.3 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:47 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 15:42:44 GMT
Accept-Ranges: bytes
Content-Length: 209871
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
neshuafoods.com/wp-content/plugins/video-popup/css/vp-close-icon/close-button-icon.css?ver=1668876585
23.94.191.90200 OK 832 B URL HTTP/1.1 neshuafoods.com/wp-content/plugins/video-popup/css/vp-close-icon/close-button-icon.css?ver=1668876585
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
Hash bfb1f39453dae23e2407790866baed27
34a4f6991bbf3591ab4ec7c552dac54a068abefb
d86dcd439074b8bd3e05a28c5efe791ac9256792377f711751c725edbe76b465
GET /wp-content/plugins/video-popup/css/vp-close-icon/close-button-icon.css?ver=1668876585 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:47 GMT
Server: Apache
Last-Modified: Tue, 08 Mar 2022 10:22:41 GMT
Accept-Ranges: bytes
Content-Length: 832
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
neshuafoods.com/wp-content/plugins/video-popup/css/YouTubePopUp.css?ver=1668876585
23.94.191.90200 OK 3.4 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/video-popup/css/YouTubePopUp.css?ver=1668876585
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with CRLF line terminators
Hash 405bacc6c64282e0b176e50c55a51fbb
37033881176ef069ca082ec31e2158985b047136
73114854337c7316d1aeecb691f23196873eb1fb45d547eed86526e686d3f5d4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/video-popup/css/YouTubePopUp.css?ver=1668876585 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:47 GMT
Server: Apache
Last-Modified: Tue, 08 Mar 2022 10:22:41 GMT
Accept-Ranges: bytes
Content-Length: 3402
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
neshuafoods.com/wp-content/themes/lukani/css/owl.carousel.css?ver=2.3.4
23.94.191.90200 OK 4.7 kB URL HTTP/1.1 neshuafoods.com/wp-content/themes/lukani/css/owl.carousel.css?ver=2.3.4
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
Hash c8322bd5bffc8e2856f2cbcd03c61d18
a2fa945f9ac01fa3191a950c3f2cce188f50c4ef
aaf08be6ae4ed211293a6d4280e2d052e1f332eb0066a0dc0192fd8a3a9f39d2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/lukani/css/owl.carousel.css?ver=2.3.4 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:47 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:44:43 GMT
Accept-Ranges: bytes
Content-Length: 4744
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
neshuafoods.com/wp-content/themes/lukani/css/bootstrap.min.css?ver=4.1.0
23.94.191.90200 OK 140 kB URL HTTP/1.1 neshuafoods.com/wp-content/themes/lukani/css/bootstrap.min.css?ver=4.1.0
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (65324)
Size 140 kB (140421 bytes)
Hash fee68c0f2f583161134a1fcb5950501d
8e52dd818562db0ba0764bba172cb91ce248d8b0
34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255
GET /wp-content/themes/lukani/css/bootstrap.min.css?ver=4.1.0 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:47 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:44:43 GMT
Accept-Ranges: bytes
Content-Length: 140421
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
neshuafoods.com/wp-content/themes/lukani/css/opt_css.css?ver=1.0.0
23.94.191.90200 OK 0 B URL HTTP/1.1 neshuafoods.com/wp-content/themes/lukani/css/opt_css.css?ver=1.0.0
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/themes/lukani/css/opt_css.css?ver=1.0.0 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:47 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:44:43 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 07caf241d63e15426cd26434ef88e9dd
ec289ab860ffccd49ce9a62d2c47c59dc181fbd5
d1f4bc6604b8a399049b5943d23dbfb842d9a100bf6f5c71e91a27cd3588cecb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 16:49:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f17b03be491bcd758ad58f33ac7c094c
c02829213f2c3afc21026a24b413585804ba17de
e4085af005b24bc39492d37826b238a7e32d85037c9dcfc658171e73325ec0d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 16:49:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
neshuafoods.com/wp-content/themes/lukani/css/font-awesome.css?ver=4.7.0
23.94.191.90200 OK 37 kB URL HTTP/1.1 neshuafoods.com/wp-content/themes/lukani/css/font-awesome.css?ver=4.7.0
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type troff or preprocessor input, ASCII text, with very long lines (372)
Hash c495654869785bc3df60216616814ad1
0140952c64e3f2b74ef64e050f2fe86eab6624c8
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/lukani/css/font-awesome.css?ver=4.7.0 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:47 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:44:43 GMT
Accept-Ranges: bytes
Content-Length: 37414
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
neshuafoods.com/wp-content/themes/lukani/js/fancybox/jquery.fancybox.css?ver=2.1.5
23.94.191.90200 OK 4.9 kB URL HTTP/1.1 neshuafoods.com/wp-content/themes/lukani/js/fancybox/jquery.fancybox.css?ver=2.1.5
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
Hash 6c55951ce1e3115711f63f99b7501f3a
5f163444617b6cf267342f06ac166a237bb62df9
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/lukani/js/fancybox/jquery.fancybox.css?ver=2.1.5 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:47 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:44:48 GMT
Accept-Ranges: bytes
Content-Length: 4895
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
neshuafoods.com/wp-content/themes/lukani/js/fancybox/helpers/jquery.fancybox-buttons.css?ver=1.0.5
23.94.191.90200 OK 2.4 kB URL HTTP/1.1 neshuafoods.com/wp-content/themes/lukani/js/fancybox/helpers/jquery.fancybox-buttons.css?ver=1.0.5
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
Hash cac75538c2e3ddfadef839feaca8e356
1a9d8e5c22b371fcc69d4dbbb823d9c39f04c0c8
ae270bcb50f2d50d85d66e5fa909ad765d6a899b387bb6508d3d3e94bad43ec1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/lukani/js/fancybox/helpers/jquery.fancybox-buttons.css?ver=1.0.5 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:47 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:44:48 GMT
Accept-Ranges: bytes
Content-Length: 2447
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
neshuafoods.com/wp-content/themes/lukani/js/fancybox/helpers/jquery.fancybox-thumbs.css?ver=1.0.7
23.94.191.90200 OK 735 B URL HTTP/1.1 neshuafoods.com/wp-content/themes/lukani/js/fancybox/helpers/jquery.fancybox-thumbs.css?ver=1.0.7
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
Hash 52ddd84a9f42c1d4cd86d518a7f7e8bc
4ac329c16a5277592fc12a37cca3d72ca4ec292f
d836d81acb5d5e712c55c4f7911d93513fe1d7d0336353085aa5bd0f36b6998c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/lukani/js/fancybox/helpers/jquery.fancybox-thumbs.css?ver=1.0.7 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:47 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:44:48 GMT
Accept-Ranges: bytes
Content-Length: 735
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
neshuafoods.com/wp-content/themes/lukani/css/plaza-font.css?ver=6.0.3
23.94.191.90200 OK 32 kB URL HTTP/1.1 neshuafoods.com/wp-content/themes/lukani/css/plaza-font.css?ver=6.0.3
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
Hash 0efd014cdcd650ab8f30d0b872e0b147
c56db45361a32a02091536b31e671d2be143a320
49489c766560938d855dda42a5d1aff9540c99c7719fb67d7555cfabbb940fc2
GET /wp-content/themes/lukani/css/plaza-font.css?ver=6.0.3 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:47 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:44:42 GMT
Accept-Ranges: bytes
Content-Length: 31724
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
neshuafoods.com/wp-content/themes/lukani/css/theme1.css?ver=1.0.0
23.94.191.90200 OK 298 kB URL HTTP/1.1 neshuafoods.com/wp-content/themes/lukani/css/theme1.css?ver=1.0.0
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
Size 298 kB (297836 bytes)
Hash d9ecc669cb05ca617a22b3c1572a3a41
c0472889b64d390f9a6be7cd2cb066ca5d895753
150e385e5b41a975d29a8f1b23b32e24783011c06233e8a6192b650b1faf3a17
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/lukani/css/theme1.css?ver=1.0.0 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:47 GMT
Server: Apache
Last-Modified: Sat, 19 Nov 2022 16:49:46 GMT
Accept-Ranges: bytes
Content-Length: 297836
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
neshuafoods.com/wp-content/themes/lukani/css/animate.css?ver=6.0.3
23.94.191.90200 OK 73 kB URL HTTP/1.1 neshuafoods.com/wp-content/themes/lukani/css/animate.css?ver=6.0.3
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
Hash a3fbee76c6e8f379d3bf21bd0536c1e1
f3290035ee9862f5fc70598690833d2b595f0697
c589b1dc1a0dfd51fa1289711a3eaea7a903b4b9c948a9447c5504cdf0f4ab38
GET /wp-content/themes/lukani/css/animate.css?ver=6.0.3 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:47 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:44:43 GMT
Accept-Ranges: bytes
Content-Length: 73088
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
neshuafoods.com/wp-content/plugins/mega_main_menu/src/css/cache.skin.css?ver=1610053115
23.94.191.90200 OK 194 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/mega_main_menu/src/css/cache.skin.css?ver=1610053115
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (483), with CR line terminators
Size 194 kB (193577 bytes)
Hash 1a65534c7e9f0c4f1dcf369ef7021a7a
968046d9462488bcb895958dd2a1c63614d31f9f
9b9f711833a3ea48329d48e79825afdfd291549de7d432fbce05bc78249d283b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/mega_main_menu/src/css/cache.skin.css?ver=1610053115 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:47 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 21:00:59 GMT
Accept-Ranges: bytes
Content-Length: 193577
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
neshuafoods.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
23.94.191.90200 OK 90 kB URL HTTP/1.1 neshuafoods.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (65447)
Hash 02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:47 GMT
Server: Apache
Last-Modified: Wed, 10 Mar 2021 19:37:24 GMT
Accept-Ranges: bytes
Content-Length: 89521
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/plugins/ecwid-shopping-cart/js/frontend.js?ver=6.10.21
23.94.191.90200 OK 2.0 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/ecwid-shopping-cart/js/frontend.js?ver=6.10.21
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
Hash b30f7929c244d9fdf95cb73e8f3045bc
a2cc5368fafcbe863022f68d1bda8463e6dc1fa7
02f39c09d34ea790c65558402640ab27e9ae3f0fa17708878d6eb15cc36f5395
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ecwid-shopping-cart/js/frontend.js?ver=6.10.21 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 15:42:17 GMT
Accept-Ranges: bytes
Content-Length: 1951
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.3.5
23.94.191.90200 OK 122 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.3.5
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (42889)
Size 122 kB (121722 bytes)
Hash 09d0554a0e9a8751df4fb6bd4a984dc7
1b1c5e859b07c34c5a3e643eb40eab76bfc7b0c8
41d764db49ec1705c84b60b85bc505a0997616846bf4a8b52849bfcaf8d21909
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.3.5 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:51:32 GMT
Accept-Ranges: bytes
Content-Length: 121722
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
23.94.191.90200 OK 11 kB URL HTTP/1.1 neshuafoods.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:47 GMT
Server: Apache
Last-Modified: Wed, 18 Nov 2020 13:36:06 GMT
Accept-Ranges: bytes
Content-Length: 11224
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.5.1
23.94.191.90200 OK 9.5 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.5.1
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (9139)
Hash 87c54edf7dad7dfdfde015f6eee45ff1
96ec1a06ea3093c47e1e2fc4444ada7f4456135d
ef22199864042b8ceeee3729f3254c140df7217364045737ca3aadf8434fb3da
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.5.1 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 15:44:28 GMT
Accept-Ranges: bytes
Content-Length: 9533
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/plugins/video-popup/js/YouTubePopUp.jquery.js?ver=1668876585
23.94.191.90200 OK 4.4 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/video-popup/js/YouTubePopUp.jquery.js?ver=1668876585
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with CRLF line terminators
Hash e83fdb9daa480f9cd5dd7eb41c4331d2
ef8c53731141db9d62c115fe38a2ce0c86504a93
bc8419ce3011a0dce3b67bec9272b0f07f7199ebbc3337da54dfb21475ae4c13
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/video-popup/js/YouTubePopUp.jquery.js?ver=1668876585 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Tue, 08 Mar 2022 10:22:41 GMT
Accept-Ranges: bytes
Content-Length: 4406
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/plugins/video-popup/js/YouTubePopUp.js?ver=1668876585
23.94.191.90200 OK 458 B URL HTTP/1.1 neshuafoods.com/wp-content/plugins/video-popup/js/YouTubePopUp.js?ver=1668876585
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with CRLF line terminators
Hash 22757d6ca89e69aa7f972805eae25214
74a963e6e3cee4f890cc5ec7015022089266b5b1
490c2ae7ad27b58ae02cb15b529bc7e10f5967d883d81be4afb42cba72759540
GET /wp-content/plugins/video-popup/js/YouTubePopUp.js?ver=1668876585 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Tue, 08 Mar 2022 10:22:41 GMT
Accept-Ranges: bytes
Content-Length: 458
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.5.0
23.94.191.90200 OK 992 B URL HTTP/1.1 neshuafoods.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.5.0
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
Hash 787fe4f547a6cb7f4ce4934641085910
c2dee88d5bdfef214ce9c56f71a1df51cda0f328
654aaebdea944313257827be97eb196a8218a2cdfc9ba399db23e2cd4c02bd79
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.5.0 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:52:06 GMT
Accept-Ranges: bytes
Content-Length: 992
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.3.5
23.94.191.90200 OK 336 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.3.5
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (64270)
Size 336 kB (335515 bytes)
Hash 7d67b2cc87657d5e6bc8a9504b8a5ef9
e03b900c873389be0ef5ae25b9faebb00059c95b
4560ce59216b664e09f3fd0668dfa90ed7309d3a1bca06435568d0fa5ac5055b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.3.5 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:51:32 GMT
Accept-Ranges: bytes
Content-Length: 335515
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js?ver=1654011725
23.94.191.90200 OK 4.2 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js?ver=1654011725
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (4184), with no line terminators
Hash 5d4894dfb5fa6ce16d2fdd4b48a59650
e6d76d2053d48e018c3da4a01905303582ca3218
92c811b4ac9b3f23ec0c8eadae3be374682a860d290aac9cde2a8a8911b7412c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js?ver=1654011725 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 15:42:05 GMT
Accept-Ranges: bytes
Content-Length: 4184
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
23.94.191.90200 OK 15 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type Unicode text, UTF-8 text, with very long lines (14924), with no line terminators
Hash 157f18464a93eab7fb62a7f3e618ac2c
f47727e80d529d6e4941fea32f2e8a8ee5008b8a
9ed8f2a0e573467348e64fb1945eeac1698f32af9e9c723153eb7142d6a43306
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 15:45:36 GMT
Accept-Ranges: bytes
Content-Length: 14927
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6
23.94.191.90200 OK 22 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type HTML document, ASCII text, with very long lines (21538), with no line terminators
Hash d017e13d65b4c79d9a22a4ab9e6bcdf6
f766dedd77e0f910742439a102a23dbeade89299
2ef1fc50a9d78f044028f3ba7378c5bbec0188de74a5217491040f9ba435fca4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 15:44:28 GMT
Accept-Ranges: bytes
Content-Length: 21538
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
23.94.191.90200 OK 6.5 kB URL HTTP/1.1 neshuafoods.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (6475), with no line terminators
Hash 61449413a42d2daaa79dbe7298b40e21
d86c474164c603084397bdc50fb0e469d28b5772
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 16:34:30 GMT
Accept-Ranges: bytes
Content-Length: 6475
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.5.0
23.94.191.90200 OK 52 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.5.0
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (51719)
Hash 8b6dae7f49f2b5fd72f43c405d4417b9
a10ac4645869698687a5e08cd77e3d98232ca3d0
1c3fbf3f4938451bc3b7781f832b7da84c23eec5b979ac7541ec754e67e3b6d2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.5.0 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:51:59 GMT
Accept-Ranges: bytes
Content-Length: 51880
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
neshuafoods.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.9.0
23.94.191.90200 OK 25 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.9.0
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type HTML document, ASCII text, with very long lines (24731), with no line terminators
Hash 502ca2250b797193ecc051d0c323cbdd
3ba0ac15dad090633ddd4ac81472360692ad8bee
93a3315f4ee582595965f888b1381ac13f8fecb6b53df998495fbb4e759a5b1e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.9.0 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 15:45:36 GMT
Accept-Ranges: bytes
Content-Length: 24731
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c58de690a701dea26333a42815dc3003
91d9e60c285f6578b5d814901a90f52cafbb8790
179d035993138ec5fdb0b2bf1987888f751903e959af09e335ada210be842ca6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 16:49:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c58de690a701dea26333a42815dc3003
91d9e60c285f6578b5d814901a90f52cafbb8790
179d035993138ec5fdb0b2bf1987888f751903e959af09e335ada210be842ca6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 16:49:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
neshuafoods.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
23.94.191.90200 OK 19 kB URL HTTP/1.1 neshuafoods.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 57459b58fd7665a5e20b2345463df9c9
71c3b177ad1412d5e0b56d99f18bc345148df88b
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 16:34:30 GMT
Accept-Ranges: bytes
Content-Length: 19142
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c58de690a701dea26333a42815dc3003
91d9e60c285f6578b5d814901a90f52cafbb8790
179d035993138ec5fdb0b2bf1987888f751903e959af09e335ada210be842ca6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 16:49:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c58de690a701dea26333a42815dc3003
91d9e60c285f6578b5d814901a90f52cafbb8790
179d035993138ec5fdb0b2bf1987888f751903e959af09e335ada210be842ca6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 16:49:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c58de690a701dea26333a42815dc3003
91d9e60c285f6578b5d814901a90f52cafbb8790
179d035993138ec5fdb0b2bf1987888f751903e959af09e335ada210be842ca6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 16:49:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
216.58.207.195200 OK 34 kB URL HTTP/2 fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 33580, version 1.0\012- data
Hash 848cd2ecd011428969dc6b90431bc482
6b1a7b562a56bd54510e0f6f95e26babca331a1b
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
GET /s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://neshuafoods.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 21:38:57 GMT
expires: Fri, 17 Nov 2023 21:38:57 GMT
cache-control: public, max-age=31536000
age: 155451
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2
216.58.207.195200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 35660, version 1.0\012- data
Hash 0d0d3e5824e5e67a9e993960df2b67a9
328d67bb1d5899a7809df9f4385181863fd035f1
38da98e06ba18c4204f547d30572cd81a2dd3fd5438d306856d2617480ee8639
GET /s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://neshuafoods.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 08:03:55 GMT
expires: Thu, 16 Nov 2023 08:03:55 GMT
cache-control: public, max-age=31536000
age: 290753
last-modified: Mon, 15 Aug 2022 18:07:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
neshuafoods.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1
23.94.191.90200 OK 9.7 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type HTML document, ASCII text, with very long lines (9720), with no line terminators
Hash cfb428c02811f0cbe515d5f3dca61de6
e95f8696fbe29a706e66ccf582b36d9bd650ab9f
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 15:42:02 GMT
Accept-Ranges: bytes
Content-Length: 9720
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.5.1
23.94.191.90200 OK 1.8 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.5.1
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (1668)
Hash d0a6d8547c66b0d7b0172466558d1208
ff93916519c7b9483251f609e4d29f38c30a66e3
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.5.1 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 15:44:28 GMT
Accept-Ranges: bytes
Content-Length: 1834
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c58de690a701dea26333a42815dc3003
91d9e60c285f6578b5d814901a90f52cafbb8790
179d035993138ec5fdb0b2bf1987888f751903e959af09e335ada210be842ca6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 16:49:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
chimpstatic.com/mcjs-connected/js/users/a48875f192c7d70f45c454943/7293d9cea013571e75b3b05d3.js
96.6.17.210200 OK 653 B URL HTTP/1.1 chimpstatic.com/mcjs-connected/js/users/a48875f192c7d70f45c454943/7293d9cea013571e75b3b05d3.js
IP 96.6.17.210:0
Hash 5c4175ac0e0e6d95ac18d804b263153a
66985f07a251a4cb15b7570f57ae7eb30ab0e180
58bde7a88d8aa4d7f183b4749b2f747cda33ed54035190f10ba81c9312ba25d7
GET /mcjs-connected/js/users/a48875f192c7d70f45c454943/7293d9cea013571e75b3b05d3.js HTTP/1.1
Host: chimpstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neshuafoods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: UCsRsLgl6Wq6lnuj/IKW9jPe4wo31peHvMr3xFzw7VXIaPGPQ+9ms/k3gLJgTX5w6Gmx+C+tZPA=
x-amz-request-id: 05S3YKKQT8MM9TFE
Last-Modified: Fri, 08 Jan 2021 22:32:46 GMT
ETag: "4b60d3ea13c42468679685c32a1680ac"
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
X-EdgeConnect-MidMile-RTT: 6
X-EdgeConnect-Origin-MEX-Latency: 106
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1800
Expires: Sat, 19 Nov 2022 17:19:48 GMT
Date: Sat, 19 Nov 2022 16:49:48 GMT
Content-Length: 653
Connection: keep-alive
neshuafoods.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.5.1
23.94.191.90200 OK 2.9 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.5.1
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (2938), with no line terminators
Hash 0fd625c3991a4015814cffdc88e2fc82
d7c2f53e058210ff3ea773297641008bab71a5f3
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.5.1 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 15:44:28 GMT
Accept-Ranges: bytes
Content-Length: 2938
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.5.1
23.94.191.90200 OK 2.1 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.5.1
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (2139), with no line terminators
Hash b72c1cbb1530a011a27bd9800f26765a
27b825c5d8255f33b8427a059d4545ebd65e1746
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.5.1 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 15:44:28 GMT
Accept-Ranges: bytes
Content-Length: 2139
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/plugins/smooth-back-to-top-button/assets/js/smooth-back-to-top-button.js?ver=1.1.5
23.94.191.90200 OK 1.0 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/smooth-back-to-top-button/assets/js/smooth-back-to-top-button.js?ver=1.1.5
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with CRLF line terminators
Hash 9ee8e0f407332cb57d3f03e664ae722f
d4bbddeac130b17168a1e9bb1fd4d329003f3a42
beaf46c2dddcba315a4c8ca636b7a8348ea3c2d2b5580bce33a82ca2780160f0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/smooth-back-to-top-button/assets/js/smooth-back-to-top-button.js?ver=1.1.5 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 15:42:52 GMT
Accept-Ranges: bytes
Content-Length: 1029
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21
23.94.191.90200 OK 12 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (11827)
Hash 06a3b48689b0314af6c5da5b6ff27bfd
a98a815d90cba195409d39bd74d31b1e6f9dbf95
4cd7a0d2c9eb03966a0dc60658526c20fa4e8ee4a0660da469f55edaf9a18c9f
GET /wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 15:45:23 GMT
Accept-Ranges: bytes
Content-Length: 11900
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.14.0
23.94.191.90200 OK 4.6 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.14.0
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (4602), with no line terminators
Hash 25d887c9c8997522cf1184e1171d605c
8f9fc958307ce831e7313d22d996908f578956e2
ccdea9568a2dafdc3b5dfafd7cc65ed784a235fe1a3c2da2e4183a9bb834c136
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.14.0 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 15:45:23 GMT
Accept-Ranges: bytes
Content-Length: 4602
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
demo.roadthemes.com/mooboo/wp-content/plugins/mega_main_menu/framework/src/img/megamain-logo-120x120.png
162.241.159.229200 OK 5.7 kB URL HTTP/1.1 demo.roadthemes.com/mooboo/wp-content/plugins/mega_main_menu/framework/src/img/megamain-logo-120x120.png
IP 162.241.159.229:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 5303a0fcf894e92a3278e7e7b54468a7
45a20a31e4e5c29e42207c5b6f72e520009b4b1e
7954ecbcdde7f77dc3d0a3aace143d1088ee5b433cbdf916893ab0a48e312049
GET /mooboo/wp-content/plugins/mega_main_menu/framework/src/img/megamain-logo-120x120.png HTTP/1.1
Host: demo.roadthemes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Thu, 03 Jan 2019 08:47:56 GMT
Accept-Ranges: bytes
Content-Length: 5657
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
neshuafoods.com/wp-content/themes/lukani/js/owl.carousel.min.js?ver=2.3.4
23.94.191.90200 OK 44 kB URL HTTP/1.1 neshuafoods.com/wp-content/themes/lukani/js/owl.carousel.min.js?ver=2.3.4
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (31997)
Hash f416f9031fef25ae25ba9756e3eb6978
e2a600e433df72b4cfde93d7880e3114917a3cbe
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/lukani/js/owl.carousel.min.js?ver=2.3.4 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:44:48 GMT
Accept-Ranges: bytes
Content-Length: 44342
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/themes/lukani/js/fancybox/jquery.fancybox.pack.js?ver=2.1.5
23.94.191.90200 OK 23 kB URL HTTP/1.1 neshuafoods.com/wp-content/themes/lukani/js/fancybox/jquery.fancybox.pack.js?ver=2.1.5
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (645)
Hash cc9e759f24ba773aeef8a131889d3728
53360764b429c212f424399384417ccc233bb3be
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/lukani/js/fancybox/jquery.fancybox.pack.js?ver=2.1.5 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:44:48 GMT
Accept-Ranges: bytes
Content-Length: 23135
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.6.2.01
23.94.191.90200 OK 6.9 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.6.2.01
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (6854), with no line terminators
Hash 4962698b494fa6c5b9a259b936853426
df655b977be8a3c9c563c837ae80693f21670f9d
e23064f0de65944686ada90242a58d8c0de5ed90225c573b883640d315104c04
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.6.2.01 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 15:42:34 GMT
Accept-Ranges: bytes
Content-Length: 6854
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/themes/lukani/js/fancybox/helpers/jquery.fancybox-buttons.js?ver=1.0.5
23.94.191.90200 OK 3.0 kB URL HTTP/1.1 neshuafoods.com/wp-content/themes/lukani/js/fancybox/helpers/jquery.fancybox-buttons.js?ver=1.0.5
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (411)
Hash f53c246661fb995a3f12e67fa38e0fa0
91e41741c2e93f732c82aaacec4cfc6e3f3ec876
2d63b8ad7966c80ce51051da38da14f52b99cfb019aec650b2437fc74fac1560
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/lukani/js/fancybox/helpers/jquery.fancybox-buttons.js?ver=1.0.5 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:44:48 GMT
Accept-Ranges: bytes
Content-Length: 3041
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/themes/lukani/js/fancybox/helpers/jquery.fancybox-media.js?ver=1.0.6
23.94.191.90200 OK 5.3 kB URL HTTP/1.1 neshuafoods.com/wp-content/themes/lukani/js/fancybox/helpers/jquery.fancybox-media.js?ver=1.0.6
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
Hash c017067f48d97ec4a077ccdf056e6a2e
3bdf69ed2469e4fb57f5a95f17300eef891ff90d
e53e650a83dbce1ab8d93c365299f2e8f5070c414c9ea302f2422ca65f5fdab4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/lukani/js/fancybox/helpers/jquery.fancybox-media.js?ver=1.0.6 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:44:48 GMT
Accept-Ranges: bytes
Content-Length: 5305
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/themes/lukani/js/fancybox/helpers/jquery.fancybox-thumbs.js?ver=1.0.7
23.94.191.90200 OK 3.8 kB URL HTTP/1.1 neshuafoods.com/wp-content/themes/lukani/js/fancybox/helpers/jquery.fancybox-thumbs.js?ver=1.0.7
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
Hash cf1fc1df534eede4cb460c5cbd71aba6
53e194f4a72e649c04fb586dd57762b8c022800b
0ba02b924fc5beeb370ed64d478401e94a513e970cac2c46266c708348135cf2
GET /wp-content/themes/lukani/js/fancybox/helpers/jquery.fancybox-thumbs.js?ver=1.0.7 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:44:48 GMT
Accept-Ranges: bytes
Content-Length: 3836
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/uploads/2021/01/Untitled-design-19.png
23.94.191.90200 OK 19 kB URL HTTP/1.1 neshuafoods.com/wp-content/uploads/2021/01/Untitled-design-19.png
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type PNG image data, 470 x 110, 8-bit/color RGBA, non-interlaced\012- data
Hash 0781e7560629f29241ed8b4471bdff34
6d0da232e2828a89d0fa4330837974a66512bd04
44960d188f7bd332be6ec17a559f0b9199ab1599e13d3062041ef7d9935110e8
GET /wp-content/uploads/2021/01/Untitled-design-19.png HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neshuafoods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Fri, 08 Jan 2021 11:30:03 GMT
Accept-Ranges: bytes
Content-Length: 19134
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
neshuafoods.com/wp-content/themes/lukani/js/jquery.mousewheel.min.js?ver=3.1.12
23.94.191.90200 OK 2.8 kB URL HTTP/1.1 neshuafoods.com/wp-content/themes/lukani/js/jquery.mousewheel.min.js?ver=3.1.12
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (2609)
Hash 639d1c35a685d111aa4a509a2dbf660c
d0991ef04e2dd8fd1b0cb0c8bb0f1026649d9b25
1fdbb2180496fca532f43deaffec879f8ca6990258b38a469aed4120d6c0d2fe
GET /wp-content/themes/lukani/js/jquery.mousewheel.min.js?ver=3.1.12 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:44:48 GMT
Accept-Ranges: bytes
Content-Length: 2777
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/themes/lukani/js/modernizr.custom.min.js?ver=2.6.2
23.94.191.90200 OK 3.1 kB URL HTTP/1.1 neshuafoods.com/wp-content/themes/lukani/js/modernizr.custom.min.js?ver=2.6.2
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type HTML document, ASCII text, with very long lines (2861)
Hash 6ab50f7923c5f783c336d1bf3a579c1b
fc75cd09d3084021048a41da9c47f2fe42ad96eb
6a1fe0907100410728ab4d870e8b1cca4b9ce788b9c87e83444dd0cd5818ca3e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/lukani/js/modernizr.custom.min.js?ver=2.6.2 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:44:48 GMT
Accept-Ranges: bytes
Content-Length: 3074
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/themes/lukani/js/jquery.shuffle.min.js?ver=3.0.0
23.94.191.90200 OK 13 kB URL HTTP/1.1 neshuafoods.com/wp-content/themes/lukani/js/jquery.shuffle.min.js?ver=3.0.0
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (12821)
Hash 54fcfddd4e512c1b92cd0b5486e6ca8f
ffb953e2d036ff0d72aeaac3d8b8587358fc4b3f
6592712c1dfa4fcf94be74b77fa551283c7678cb939b11553e06e69f41dcb024
GET /wp-content/themes/lukani/js/jquery.shuffle.min.js?ver=3.0.0 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:44:48 GMT
Accept-Ranges: bytes
Content-Length: 13005
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/themes/lukani/js/superfish/superfish.min.js?ver=1.3.15
23.94.191.90200 OK 4.3 kB URL HTTP/1.1 neshuafoods.com/wp-content/themes/lukani/js/superfish/superfish.min.js?ver=1.3.15
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (4065)
Hash 2b93a3aca5d8ef8b8acfc24fd5d75b8e
728614d29875fe0d322ed1c8aeba6253f1eba811
c6fd16c8647ea8f1409657c80ab96b603a45f6a4d83c657c4eda10591a7903b8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/lukani/js/superfish/superfish.min.js?ver=1.3.15 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:44:48 GMT
Accept-Ranges: bytes
Content-Length: 4293
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/themes/lukani/js/jquery.countdown.min.js?ver=2.0.4
23.94.191.90200 OK 4.6 kB URL HTTP/1.1 neshuafoods.com/wp-content/themes/lukani/js/jquery.countdown.min.js?ver=2.0.4
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (3349)
Hash f67da8ef1bb72583a9be2d03590e071d
08eb3f24f36d538f11bd6fa97ab72767f369c44d
96cfb196db175fd802227935d2e58a6c25b6783ac42adb85782bc986fe3fde82
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/lukani/js/jquery.countdown.min.js?ver=2.0.4 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:44:48 GMT
Accept-Ranges: bytes
Content-Length: 4552
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/themes/lukani/js/jquery.counterup.min.js?ver=1.0
23.94.191.90200 OK 1.1 kB URL HTTP/1.1 neshuafoods.com/wp-content/themes/lukani/js/jquery.counterup.min.js?ver=1.0
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (917)
Hash ef36cca760bf1cd76cfcd0e4dc10cef1
ef38469f60d58850fe55c4de2ec7e289a2415d71
26d40f8ffdf1b9bf286a954c6888a33cda0cd031e802d821fe0c0562e379ae29
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/lukani/js/jquery.counterup.min.js?ver=1.0 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:44:48 GMT
Accept-Ranges: bytes
Content-Length: 1067
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/themes/lukani/js/variables.js?ver=20140826
23.94.191.90200 OK 1.4 kB URL HTTP/1.1 neshuafoods.com/wp-content/themes/lukani/js/variables.js?ver=20140826
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
Hash 5f0634216b0e30c6b12fcf77eccc4559
5f587d0f755ef8661125c4da093280297922fb9a
88619b8805b56c0d391fed8914b0adb3e8a545cd51fc45e04827fe111eabb076
GET /wp-content/themes/lukani/js/variables.js?ver=20140826 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Fri, 08 Jan 2021 02:57:23 GMT
Accept-Ranges: bytes
Content-Length: 1366
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-includes/js/underscore.min.js?ver=1.13.3
23.94.191.90200 OK 19 kB URL HTTP/1.1 neshuafoods.com/wp-includes/js/underscore.min.js?ver=1.13.3
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (18876)
Hash 42aa17e1f850a414638ee4a32a3aa807
2e42d03a5e042701191650c041eae1cfb2d6c7b9
0da4791b446818516f710c51707081aec7b23a7c5212fc0b2629c973210136a4
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/underscore.min.js?ver=1.13.3 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Wed, 27 Apr 2022 19:09:22 GMT
Accept-Ranges: bytes
Content-Length: 18911
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-includes/js/wp-util.min.js?ver=6.0.3
23.94.191.90200 OK 1.3 kB URL HTTP/1.1 neshuafoods.com/wp-includes/js/wp-util.min.js?ver=6.0.3
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (1305)
Hash 8637362089372427b52fa10a43d8109c
6009bed674718329dce6055ab09fa95181162d81
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-util.min.js?ver=6.0.3 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Fri, 25 Jun 2021 19:20:58 GMT
Accept-Ranges: bytes
Content-Length: 1340
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/themes/lukani/js/lukani-theme.js?ver=20140826
23.94.191.90200 OK 36 kB URL HTTP/1.1 neshuafoods.com/wp-content/themes/lukani/js/lukani-theme.js?ver=20140826
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (449)
Hash dd33147e84548e22fb97cb8aad30e85a
e1923503dc49ec2e7ee34e47ddc832e26e6dda53
e6d04dd05f6a3e3122459a4d01dd371637381568622868f1124cb7b74f91d082
GET /wp-content/themes/lukani/js/lukani-theme.js?ver=20140826 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:44:48 GMT
Accept-Ranges: bytes
Content-Length: 36113
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=6.5.1
23.94.191.90200 OK 14 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=6.5.1
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (13590), with no line terminators
Hash a49a60e0186f705f693279985371da20
3419d4683879d6a48e051e38356602a2f5094511
3b55a00b09e9df011435d1f358401cf7153066bbfeafdc3384e5d8cdaf4e3262
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=6.5.1 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 15:44:28 GMT
Accept-Ranges: bytes
Content-Length: 13590
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/uploads/2016/10/payment.png
23.94.191.90200 OK 8.0 kB URL HTTP/1.1 neshuafoods.com/wp-content/uploads/2016/10/payment.png
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type PNG image data, 410 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 906a11e6bdf1cc714c6e8ee2d46f3da8
0efc51b044e30915acee4aa3c52133d812758714
b0a998d3dc4e62c818903b9666c01a8fe57017c9c5e221892e5c3fded0127270
GET /wp-content/uploads/2016/10/payment.png HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neshuafoods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:57:25 GMT
Accept-Ranges: bytes
Content-Length: 8021
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
neshuafoods.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.5.0
23.94.191.90200 OK 21 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.5.0
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (20421)
Hash 6d9891ac8ff815503194acfdfb33d65a
1b9c16ab6b2852198485b6b78aa273e7abdcfdec
d4e6e79818a2eea4b4353e93f6edb3883a72983484377e43879c3710b3de8c96
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.5.0 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:49 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:52:06 GMT
Accept-Ranges: bytes
Content-Length: 20640
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/themes/lukani/fonts/plaza-icon.ttf?leeyft
23.94.191.90200 OK 144 kB URL HTTP/1.1 neshuafoods.com/wp-content/themes/lukani/fonts/plaza-icon.ttf?leeyft
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, plaza-icon \012- data
Size 144 kB (143644 bytes)
Hash b5a61b4f62a025b0f24d76dfca807660
8819150ace7680f0536481224bc1e09aaa0a73dd
a3c6dc4b8b4601614f655c85e6ed127183d23d0f1e06395079f6e192a602cbee
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/lukani/fonts/plaza-icon.ttf?leeyft HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/themes/lukani/css/plaza-font.css?ver=6.0.3
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:49 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:44:47 GMT
Accept-Ranges: bytes
Content-Length: 143644
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: font/ttf
neshuafoods.com/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.5.0
23.94.191.90200 OK 9.2 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.5.0
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type Unicode text, UTF-8 text, with very long lines (8853)
Hash 5ff487a413612cbbf6bc391c10ff7bac
acbbd8a96ecad33158f29e45afcd41e4b2dd6579
357ad057de8ffc0fc9df301dd1873c3d482e926791195ee262da3886269f84d8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.5.0 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:49 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:51:58 GMT
Accept-Ranges: bytes
Content-Length: 9237
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/themes/lukani/fonts/fontawesome-webfont.woff2?v=4.7.0
23.94.191.90200 OK 77 kB URL HTTP/1.1 neshuafoods.com/wp-content/themes/lukani/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/lukani/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/themes/lukani/css/font-awesome.css?ver=4.7.0
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:49 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:44:47 GMT
Accept-Ranges: bytes
Content-Length: 77160
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: font/woff2
neshuafoods.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.5.1
23.94.191.90200 OK 7.0 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.5.1
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (7043), with no line terminators
Hash 456663a286a204386735fd775542a59e
0a61620b88f4ae0fa7d71e2c7a014ea2c3ab5749
a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.5.1 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:49 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 15:44:26 GMT
Accept-Ranges: bytes
Content-Length: 7043
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: text/css
neshuafoods.com/wp-content/themes/lukani/js/bootstrap.min.js?ver=4.1.0
23.94.191.90200 OK 51 kB URL HTTP/1.1 neshuafoods.com/wp-content/themes/lukani/js/bootstrap.min.js?ver=4.1.0
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (50395)
Hash ce6e785579ae4cb555c9de311d1b9271
5ef2c15b47d7290698c737676ba9c3056b45f2e8
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/lukani/js/bootstrap.min.js?ver=4.1.0 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:44:48 GMT
Accept-Ranges: bytes
Content-Length: 50676
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/plugins/mega_main_menu/src/js/frontend.js?ver=2.2.1
23.94.191.90200 OK 15 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/mega_main_menu/src/js/frontend.js?ver=2.2.1
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (367), with CRLF line terminators
Hash b6dff1628078e6bedbdde382d1759a60
da591e520ace1fe4999f3b8c866de027159d2bab
414ea84fc4529a749bf400e35a46bcc39cc0248aab5dc5e8026a06de1152bca8
GET /wp-content/plugins/mega_main_menu/src/js/frontend.js?ver=2.2.1 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/setup.exe
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:48 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2021 20:50:25 GMT
Accept-Ranges: bytes
Content-Length: 14797
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
neshuafoods.com/wp-content/plugins/smooth-back-to-top-button/assets/fonts/icomoon.ttf?9zg56
23.94.191.90200 OK 2.1 kB URL HTTP/1.1 neshuafoods.com/wp-content/plugins/smooth-back-to-top-button/assets/fonts/icomoon.ttf?9zg56
IP 23.94.191.90:0
ASN #36352 AS-COLOCROSSING
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Hash a140d42416f9bd4c1de1574210a9424a
4bd70248a4426cbfbb69111e62f9f5636ea9a6e3
7613f88667432d2b7c096cb01bf5fce0279bea9476d0895caed2884940362487
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/smooth-back-to-top-button/assets/fonts/icomoon.ttf?9zg56 HTTP/1.1
Host: neshuafoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neshuafoods.com/wp-content/plugins/smooth-back-to-top-button/assets/css/sbttb-fonts.css?ver=1.1.5
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 16:49:49 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 15:42:52 GMT
Accept-Ranges: bytes
Content-Length: 2100
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: font/ttf
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F640a732f-1fd9-47b0-8311-39061579f99b.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F640a732f-1fd9-47b0-8311-39061579f99b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8cf981b1ea47b981c73aa1f291be4d8a
d18b869e1940841e9b03f66f5608e381f1727b37
3352a04b9596b594aeb5de3dc70047196a830e3ca79babf7c1b72ff1103b2d26
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F640a732f-1fd9-47b0-8311-39061579f99b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7754
x-amzn-requestid: 2c21447c-03bb-4e50-9eeb-a8ae86c0d204
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QRmFuiIAMFjWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa70-7a7e65fc5d443a1d70feb62b;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:40 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FOOPIt4Esu0ifQGtxGkVlsrvvCrMjc8K6u02NCgurh2d7bvBieMkwg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:48:36 GMT
etag: "d18b869e1940841e9b03f66f5608e381f1727b37"
content-type: image/jpeg
age: 68473
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Rubik:300,400,500,600,700,800,900,300italic,400italic,500italic,600italic,700italic,800italic,900italic%7CLora:400,500,600,700,400italic,500italic,600italic,700italic&display=swap&ver=1646739222
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Rubik:300,400,500,600,700,800,900,300italic,400italic,500italic,600italic,700italic,800italic,900italic%7CLora:400,500,600,700,400italic,500italic,600italic,700italic&display=swap&ver=1646739222
IP 142.250.74.10:0
GET /css?family=Rubik:300,400,500,600,700,800,900,300italic,400italic,500italic,600italic,700italic,800italic,900italic%7CLora:400,500,600,700,400italic,500italic,600italic,700italic&display=swap&ver=1646739222 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neshuafoods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 19 Nov 2022 16:49:47 GMT
date: Sat, 19 Nov 2022 16:49:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext
IP 142.250.74.10:0
GET /css?family=Open+Sans%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neshuafoods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 19 Nov 2022 16:49:47 GMT
date: Sat, 19 Nov 2022 16:49:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2