firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 10 Sep 2022 01:06:09 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: q0o3cdUJiH9XQMLyQgjhbRdO5rFIRbjgCaWwDW4wN9VwnbXQ6rdaQg==
Age: 3013
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f55e483f32b3fd50b1a2414aaada9b61
9d6b22edb98866e002e3b1ace44dfb0f8d00935f
4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6205
Expires: Sat, 10 Sep 2022 03:39:47 GMT
Date: Sat, 10 Sep 2022 01:56:22 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XnXNCYlVO1QA-8LhdIc3SMQepZaBGjLToptjaH026dvbRyrUh2nkZQ==
age: 79788
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 01:56:22 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 10 Sep 2022 01:56:08 GMT
Cache-Control: max-age=3600
Expires: Sat, 10 Sep 2022 02:55:21 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nnhqlyw0qcRRO45pAYfEDncTkycG0c6d4zVlFvkMwDCj2NgzW1AWPw==
Age: 15
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d0c56e0b2955a5dd7f37ba4bbf5727b4
f435bd1f6fb8ec931f1817fe4b91e6b86a7cb14b
99f7da9dca677db8e9cec5491c0d6d8a86b9c5e907907c2fdd30973c747f4282
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5398
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 01:56:22 GMT
Last-Modified: Sat, 10 Sep 2022 00:26:24 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.212.166.60101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.212.166.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KUnHYI/qZDrkITBIlfhmPg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kQE6JRAklnylHER4LQl2Xg+Fauo=
neomaxfashions.com/sint-ut/documents.zip
162.241.75.135301 Moved Permanently 0 B URL HTTP/1.1 neomaxfashions.com/sint-ut/documents.zip
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /sint-ut/documents.zip HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 10 Sep 2022 01:56:22 GMT
Server: Apache
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Set-Cookie: PHPSESSID=c176a7ddd57bcb2b581354bf8f34226c; path=/
Location: https://neomaxfashions.com/sint-ut/documents.zip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2691
Expires: Sat, 10 Sep 2022 02:41:15 GMT
Date: Sat, 10 Sep 2022 01:56:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2691
Expires: Sat, 10 Sep 2022 02:41:15 GMT
Date: Sat, 10 Sep 2022 01:56:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2691
Expires: Sat, 10 Sep 2022 02:41:15 GMT
Date: Sat, 10 Sep 2022 01:56:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2691
Expires: Sat, 10 Sep 2022 02:41:15 GMT
Date: Sat, 10 Sep 2022 01:56:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F084d9cc4-53b3-451a-b338-2150cda2f06c.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F084d9cc4-53b3-451a-b338-2150cda2f06c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bfadcca0fbc9780f8975c53481914c0d
bb613c04bdeab6ea13249d1cd48bb3268a830018
72f1c42b60eb8fa3893db6c226fe5a2dff41b45d8786d5c8095bdf31abff35ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F084d9cc4-53b3-451a-b338-2150cda2f06c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9633
x-amzn-requestid: 85fa9747-6edf-45ae-b15e-85482c1dbf6c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNkC-GrIoAMFueg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb3ac-7ea5f2ef3d9478e530f0f888;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:44:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: ZF2SCGjcry_Jfob-sVB_n4JRLo3ghex0M-pzkVLZnE7WNLyiWTV84g==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:14:02 GMT
age: 13342
etag: "bb613c04bdeab6ea13249d1cd48bb3268a830018"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa03f5a55-72fc-42e1-bf3b-1c427237302d.webp
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa03f5a55-72fc-42e1-bf3b-1c427237302d.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 412441a2a064555c5d7f1400c2741360
7532d9543b93248891324e07e8edff10a36d174d
421b3e9db572f1077abd4ef2748696b38a4117e33db6ae0b5fa46841afa2693f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa03f5a55-72fc-42e1-bf3b-1c427237302d.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14312
x-amzn-requestid: 4d301754-9ed3-401f-9ad5-1862533d7559
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNj5wGowIAMF4WA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb371-7729383d0bc0f729231ad5b8;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:43:13 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: QWNGLaXe2lZ7niw6TU6KUOuMnWi-Ml3hkw6WLB8vD_jWsg5YMuFWbw==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:54:57 GMT
age: 14487
etag: "7532d9543b93248891324e07e8edff10a36d174d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdde1c872-426a-4aec-b295-a2cac8b36edf.webp
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdde1c872-426a-4aec-b295-a2cac8b36edf.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 71bafbee3867c04c3712ff98a123d52c
ccf471cd30f5aa96f4e5fdb9e0fbbcdbb475a0bf
58ff1700e0b125caefb73719e2b3d734b2fbcc5ed1aabe5a11bb73b43edab831
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdde1c872-426a-4aec-b295-a2cac8b36edf.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4477
x-amzn-requestid: bbdca46e-5628-4faf-a0fe-ea1b5b39ac2a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNjzaHrIoAMF-iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb348-567e946e7cf77f2e11c17c97;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:42:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: a0AyKhmYA7WPwciU2nTXwyChZV_riw1QsqI_giBIcdZhi3Nz4jM0Sw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:59:11 GMT
age: 14233
etag: "ccf471cd30f5aa96f4e5fdb9e0fbbcdbb475a0bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e8f11aeba65478b039cfb4100aa23435
88db17a82ea0207ccb4826c2961875c5106b427a
6f6ec5922ec54d824e7f933de87608c5a763da119ae9461d99c6525649b1a9af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8676
x-amzn-requestid: 64a58aa8-8321-4c91-98fe-dbf97996c513
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNiuZEjnIAMFRFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb18f-77b635593b202d7d3cd0ac84;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:35:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: VWwNSpFvcDq3nrn91QvYjrJX5hLjp96vrKgZzR-pOdrdHx7MlcagGQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d1d67b07408bba8c682597d8303642e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:13:43 GMT
age: 13361
etag: "88db17a82ea0207ccb4826c2961875c5106b427a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe535d149-d5c6-4543-8a5b-a5a98be48b9e.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe535d149-d5c6-4543-8a5b-a5a98be48b9e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 362d0931425ffa11f3287246f0480cc8
cc0f8bf63d11aeb3ea780af092523833f3b1abd3
75619cdf413b35451f109180e084a3630d0665a24b29e45510fed938d381db75
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe535d149-d5c6-4543-8a5b-a5a98be48b9e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6676
x-amzn-requestid: 97140273-f327-4ec8-b076-cea440ce1d29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNi34HNxoAMF9Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb1cb-6356b02944a048db1be05d1c;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:36:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2s35YFxVMMVFBVoSTyoCp0w0ivNRYerua-rmRWXdbvtP2UHafYwUmw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:10:25 GMT
age: 13559
etag: "cc0f8bf63d11aeb3ea780af092523833f3b1abd3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60fa03262bb3728f24a4c7a8177ec788
09dcbdc6043f01dd56920cca3ce3920d0d07b795
e7448f186933f9848f1d55f0e8dba593918846d02fb9cc3a7cd86d69b96a7fde
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7515
x-amzn-requestid: bb6a7928-9bdc-44e7-8478-b415bc504343
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YJu0bGYdoAMF5jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a2b4f-208339fd72e62dff4a2ba339;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 17:50:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: UaU9GK4lcCuAN2WghBDa7f-21dRTA4Fh1tlAmGFMKh4wQOGZlKdmOw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 13:14:31 GMT
age: 45713
etag: "09dcbdc6043f01dd56920cca3ce3920d0d07b795"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f1fa8224847ea7d9b4dc8e598fae4142
cb703a2944e58d97dd48a7e56ee9f4510ced78b4
920094aad2886535e2ba9e38d4731f63fbde93038d92b38f0030b0a0f47c2ac8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 01:56:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
neomaxfashions.com/sint-ut/documents.zip
162.241.75.135404 Not Found 60 kB URL HTTP/1.1 neomaxfashions.com/sint-ut/documents.zip
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 01f9e13d4959ac19fd1f7f35f0b5f0a5
4d432ef59e323f5471dc7a4643efaf7dccd86727
95ed36d49901ef6acbe55f347594067b41b19b217d62bb88c8e633258da26573
Analyzer Verdict Alert fortinet Malware
GET /sint-ut/documents.zip HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Date: Sat, 10 Sep 2022 01:56:23 GMT
Server: Apache
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://neomaxfashions.com/wp-json/>; rel="https://api.w.org/"
Set-Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d; path=/
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a4ae55dbf8e22a357ee36e37fafa37af
18d33f606a8bc692802cfaa3a22ceb4a5eedca8c
8343a46c0a87b15be71cab0ae84912ed07d3104d4b621c55e3cd69367f58ebb6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 01:56:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-183754233-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-183754233-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash 362af0af7620508841bf7b2f9c21cb92
2a1043067630b442adafae607119d973b1cb58c5
7592f3114ba0795e72e3422922e7c235026b4c376efcd4b17c8fcfc8a0e467bb
GET /gtag/js?id=UA-183754233-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 10 Sep 2022 01:56:27 GMT
expires: Sat, 10 Sep 2022 01:56:27 GMT
cache-control: private, max-age=900
last-modified: Sat, 10 Sep 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41970
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
neomaxfashions.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.9.0
162.241.75.135200 OK 4.9 kB URL HTTP/1.1 neomaxfashions.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.9.0
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4933), with no line terminators
Hash e372df47bd19e1563b557d7bdb817188
4efdf4050a78bdbd88aa255955b7423105895dd0
4b7693154069c53a16468d09d89c9eba5da6c0dfc69cf4d7eb675e32ba663361
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.9.0 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:27 GMT
Server: Apache
Last-Modified: Sun, 03 Apr 2022 07:35:05 GMT
Accept-Ranges: bytes
Content-Length: 4933
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:27 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
neomaxfashions.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.23
162.241.75.135200 OK 60 kB URL HTTP/1.1 neomaxfashions.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.23
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash 6965137b6996c7953be805866df582ed
7fa546bdc941a31224fcc0b64c75d30f23630583
b86f3cdcccad303cb5300fab4d2774eafc3a2788f07ff1f3cd1953dd0debaa3f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.23 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:27 GMT
Server: Apache
Last-Modified: Sun, 04 Oct 2020 10:05:07 GMT
Accept-Ranges: bytes
Content-Length: 60053
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:27 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f1fa8224847ea7d9b4dc8e598fae4142
cb703a2944e58d97dd48a7e56ee9f4510ced78b4
920094aad2886535e2ba9e38d4731f63fbde93038d92b38f0030b0a0f47c2ac8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 01:56:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a4ae55dbf8e22a357ee36e37fafa37af
18d33f606a8bc692802cfaa3a22ceb4a5eedca8c
8343a46c0a87b15be71cab0ae84912ed07d3104d4b621c55e3cd69367f58ebb6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 01:56:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
neomaxfashions.com/wp-content/plugins/woo-discount-rules-pro/Assets/Css/awdr_style.css?ver=2.3.2
162.241.75.135200 OK 1.1 kB URL HTTP/1.1 neomaxfashions.com/wp-content/plugins/woo-discount-rules-pro/Assets/Css/awdr_style.css?ver=2.3.2
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash b0af44348a08900199107155048211b9
97d63fbf5ee0cbe68cd7c8b2d0238dc1456806c1
86298a871666c6f4e59411b98f48f91043aeb724a584f92ef4248da454955b43
GET /wp-content/plugins/woo-discount-rules-pro/Assets/Css/awdr_style.css?ver=2.3.2 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:27 GMT
Server: Apache
Last-Modified: Thu, 31 Dec 2020 05:54:07 GMT
Accept-Ranges: bytes
Content-Length: 1143
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:27 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
neomaxfashions.com/wp-content/uploads/2020/10/xts-header_691229-1603704359.css?ver=5.2.0
162.241.75.135200 OK 8.9 kB URL HTTP/1.1 neomaxfashions.com/wp-content/uploads/2020/10/xts-header_691229-1603704359.css?ver=5.2.0
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 54ed12b56fb40e2022f19ff371d83ca0
2e06865dd43398969fb74ba4a9846b617112ce67
4655089fd27b62fdcd5abb74ba22494871288c6844df3b383b263df2ff5009b2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2020/10/xts-header_691229-1603704359.css?ver=5.2.0 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:27 GMT
Server: Apache
Last-Modified: Mon, 26 Oct 2020 09:25:59 GMT
Accept-Ranges: bytes
Content-Length: 8919
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:27 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
neomaxfashions.com/wp-content/themes/neomax/css/bootstrap.min.css?ver=5.2.0
162.241.75.135200 OK 29 kB URL HTTP/1.1 neomaxfashions.com/wp-content/themes/neomax/css/bootstrap.min.css?ver=5.2.0
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (29170)
Hash 0fbaa013db970e746b75aaa9d74aebcf
936336ad277b6502628e99ea35c4e2aa91248f1b
cb9c70717afe1805fde356cccb20ea5b797027efbf97f62f3e62f8b7aad1c960
GET /wp-content/themes/neomax/css/bootstrap.min.css?ver=5.2.0 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:27 GMT
Server: Apache
Last-Modified: Sun, 04 Oct 2020 10:04:02 GMT
Accept-Ranges: bytes
Content-Length: 29387
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:27 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
neomaxfashions.com/wp-content/plugins/wp-whatsapp/assets/dist/css/style.css?ver=5.9.4
162.241.75.135200 OK 42 kB URL HTTP/1.1 neomaxfashions.com/wp-content/plugins/wp-whatsapp/assets/dist/css/style.css?ver=5.9.4
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (42417), with no line terminators
Hash 4dbe5be01784bcfa97375e21c9bfbe50
83f6874ca3f0dd800cf73182fd5717961239541a
9363aa094af033d1f036980aaab13c0db03311dfa51077fa6d55f6f749b08de9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-whatsapp/assets/dist/css/style.css?ver=5.9.4 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:27 GMT
Server: Apache
Last-Modified: Sun, 03 Apr 2022 07:35:35 GMT
Accept-Ranges: bytes
Content-Length: 42417
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:27 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
neomaxfashions.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
162.241.75.135200 OK 11 kB URL HTTP/1.1 neomaxfashions.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:27 GMT
Server: Apache
Last-Modified: Wed, 18 Nov 2020 09:06:06 GMT
Accept-Ranges: bytes
Content-Length: 11224
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:27 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
neomaxfashions.com/wp-content/uploads/2021/03/xts-theme_settings_default-1616246988.css?ver=5.2.0
162.241.75.135200 OK 21 kB URL HTTP/1.1 neomaxfashions.com/wp-content/uploads/2021/03/xts-theme_settings_default-1616246988.css?ver=5.2.0
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5549), with CRLF, LF line terminators
Hash 15ee1bf0328c25068f4bb3007ce4fc2e
7f60f850d981e6a753d7a0456ed2d2db3c044c79
0b354969426a90aeecea597cb86d31ca876b89867ddca2b294b0cea201fe9e35
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2021/03/xts-theme_settings_default-1616246988.css?ver=5.2.0 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:27 GMT
Server: Apache
Last-Modified: Sat, 20 Mar 2021 13:29:48 GMT
Accept-Ranges: bytes
Content-Length: 21344
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:27 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
neomaxfashions.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
162.241.75.135200 OK 90 kB URL HTTP/1.1 neomaxfashions.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65447)
Hash 02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:27 GMT
Server: Apache
Last-Modified: Wed, 10 Mar 2021 15:07:24 GMT
Accept-Ranges: bytes
Content-Length: 89521
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:27 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
neomaxfashions.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.9.0
162.241.75.135200 OK 210 kB URL HTTP/1.1 neomaxfashions.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.9.0
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Size 210 kB (209831 bytes)
Hash 9ed8fcb16418ff477a6c93fe33f86563
47be642692139a2ce63cf655cba31767cb7e8074
3f7c8f55c3c421a6f14efb39bf07abb73d1d244f194e133a2453913330e38819
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.9.0 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:27 GMT
Server: Apache
Last-Modified: Sun, 03 Apr 2022 07:35:05 GMT
Accept-Ranges: bytes
Content-Length: 209831
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:27 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
neomaxfashions.com/wp-content/themes/neomax/style.min.css?ver=5.2.0
162.241.75.135200 OK 750 kB URL HTTP/1.1 neomaxfashions.com/wp-content/themes/neomax/style.min.css?ver=5.2.0
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Size 750 kB (750303 bytes)
Hash 8969fe3a5a7c8893db51aee909c9e0a9
7f16438180b792277655d134339318e4a793e3ce
43cf0608b4227043466e559b661670e1e472e93373de9837a80513ef5146999e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/neomax/style.min.css?ver=5.2.0 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:27 GMT
Server: Apache
Last-Modified: Sun, 04 Oct 2020 10:04:02 GMT
Accept-Ranges: bytes
Content-Length: 750303
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:27 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
neomaxfashions.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1
162.241.75.135200 OK 9.5 kB URL HTTP/1.1 neomaxfashions.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9139)
Hash 87c54edf7dad7dfdfde015f6eee45ff1
96ec1a06ea3093c47e1e2fc4444ada7f4456135d
ef22199864042b8ceeee3729f3254c140df7217364045737ca3aadf8434fb3da
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:28 GMT
Server: Apache
Last-Modified: Sun, 03 Apr 2022 07:35:06 GMT
Accept-Ranges: bytes
Content-Length: 9533
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:28 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
neomaxfashions.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.23
162.241.75.135200 OK 121 kB URL HTTP/1.1 neomaxfashions.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.23
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (41022), with CRLF line terminators
Size 121 kB (121174 bytes)
Hash 29aeb6e61a240e1ad98602994cf24bf4
daf76664c634a38b010fef0dff868af7fa4c5cc1
6f2f318f382714ae5a0d26bf0d3bace2ff2602e04add7f23afbc521423ddaa2e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.23 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:28 GMT
Server: Apache
Last-Modified: Sun, 04 Oct 2020 10:05:07 GMT
Accept-Ranges: bytes
Content-Length: 121174
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:28 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
neomaxfashions.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1
162.241.75.135200 OK 3.0 kB URL HTTP/1.1 neomaxfashions.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 8bc2109ef48cabf7a26b73d7c3536c5f
0e0dfee3a3975eafc3dd55f190d1deb3c6c55d3b
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:28 GMT
Server: Apache
Last-Modified: Sun, 03 Apr 2022 07:35:06 GMT
Accept-Ranges: bytes
Content-Length: 3037
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:28 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
neomaxfashions.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.4.1
162.241.75.135200 OK 485 kB URL HTTP/1.1 neomaxfashions.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.4.1
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65358)
Size 485 kB (485416 bytes)
Hash 2fcf15b9242ca9cbf091c45419959fdb
52e744ee97e3612e790305643ab5046201831618
f1dbbc4be8d88ae17466b1d7a8fd7bf4f9d9b5ab492719cdea721d82cecb738d
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.4.1 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:27 GMT
Server: Apache
Last-Modified: Sun, 04 Oct 2020 10:05:36 GMT
Accept-Ranges: bytes
Content-Length: 485416
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:27 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
neomaxfashions.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.4.1
162.241.75.135200 OK 2.8 kB URL HTTP/1.1 neomaxfashions.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.4.1
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1788)
Hash ced0ba1955b2a3f3eca058df26d0b7cc
56d7b4d40ef3ad12d0b0c3dc21fe75f74e771c14
bdaab6b0e2a255570d957c434139a2fd201322b97249169713b464f8931001b3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.4.1 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:28 GMT
Server: Apache
Last-Modified: Sun, 04 Oct 2020 10:05:36 GMT
Accept-Ranges: bytes
Content-Length: 2780
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:28 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
neomaxfashions.com/wp-content/plugins/woo-discount-rules-pro/Assets/Js/awdr_pro.js?ver=2.3.2
162.241.75.135200 OK 3.8 kB URL HTTP/1.1 neomaxfashions.com/wp-content/plugins/woo-discount-rules-pro/Assets/Js/awdr_pro.js?ver=2.3.2
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1799)
Hash 6547b3a6ebb8b4b8a5a87673abb033a3
8f3302e5c7cdefcbcdb5a4ae65461bb549b89496
51db5a84a878860e40fac205969555f500137fcf5a0f919a34ffdb9d12124345
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woo-discount-rules-pro/Assets/Js/awdr_pro.js?ver=2.3.2 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:28 GMT
Server: Apache
Last-Modified: Thu, 31 Dec 2020 05:54:07 GMT
Accept-Ranges: bytes
Content-Length: 3757
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:28 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
neomaxfashions.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
162.241.75.135200 OK 19 kB URL HTTP/1.1 neomaxfashions.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (19111)
Hash 1b0fe9b37e9e47e0c8919cb618792bf5
5d1c1e03e3e773e572db2ad86f9771caa7286369
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:28 GMT
Server: Apache
Last-Modified: Mon, 15 Nov 2021 12:50:17 GMT
Accept-Ranges: bytes
Content-Length: 19261
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:28 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
neomaxfashions.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
162.241.75.135200 OK 6.5 kB URL HTTP/1.1 neomaxfashions.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6494), with no line terminators
Hash 64e89b93b02055fb75ea0913089ded0b
9ccf854a6acedb27496725fa7570a670fd7bd572
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:28 GMT
Server: Apache
Last-Modified: Mon, 15 Nov 2021 16:35:13 GMT
Accept-Ranges: bytes
Content-Length: 6494
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:28 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
neomaxfashions.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
162.241.75.135200 OK 9.7 kB URL HTTP/1.1 neomaxfashions.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (9720), with no line terminators
Hash cfb428c02811f0cbe515d5f3dca61de6
e95f8696fbe29a706e66ccf582b36d9bd650ab9f
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:28 GMT
Server: Apache
Last-Modified: Sat, 26 Feb 2022 16:16:02 GMT
Accept-Ranges: bytes
Content-Length: 9720
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:28 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
neomaxfashions.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1
162.241.75.135200 OK 1.8 kB URL HTTP/1.1 neomaxfashions.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1668)
Hash d0a6d8547c66b0d7b0172466558d1208
ff93916519c7b9483251f609e4d29f38c30a66e3
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:28 GMT
Server: Apache
Last-Modified: Sun, 03 Apr 2022 07:35:06 GMT
Accept-Ranges: bytes
Content-Length: 1834
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:28 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
neomaxfashions.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.3.1
162.241.75.135200 OK 2.1 kB URL HTTP/1.1 neomaxfashions.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.3.1
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2139), with no line terminators
Hash b72c1cbb1530a011a27bd9800f26765a
27b825c5d8255f33b8427a059d4545ebd65e1746
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.3.1 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:28 GMT
Server: Apache
Last-Modified: Sun, 03 Apr 2022 07:35:06 GMT
Accept-Ranges: bytes
Content-Length: 2139
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:28 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
neomaxfashions.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1
162.241.75.135200 OK 2.9 kB URL HTTP/1.1 neomaxfashions.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2938), with no line terminators
Hash 0fd625c3991a4015814cffdc88e2fc82
d7c2f53e058210ff3ea773297641008bab71a5f3
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:28 GMT
Server: Apache
Last-Modified: Sun, 03 Apr 2022 07:35:06 GMT
Accept-Ranges: bytes
Content-Length: 2938
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:28 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
neomaxfashions.com/wp-content/plugins/woo-discount-rules/v2/Assets/Js/site_main.js?ver=2.3.13
162.241.75.135200 OK 9.7 kB URL HTTP/1.1 neomaxfashions.com/wp-content/plugins/woo-discount-rules/v2/Assets/Js/site_main.js?ver=2.3.13
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 7237a842df6ff90e7d924e9493d49796
2b5ff1ec857fef073adc6d370c467ce5b1abfa25
9d58be93d455eb9e641052f86b28d51a1c47c3283679fd12e5ec457cf2f40161
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woo-discount-rules/v2/Assets/Js/site_main.js?ver=2.3.13 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:28 GMT
Server: Apache
Last-Modified: Sat, 26 Feb 2022 16:17:17 GMT
Accept-Ranges: bytes
Content-Length: 9679
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:28 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
neomaxfashions.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.23
162.241.75.135200 OK 329 kB URL HTTP/1.1 neomaxfashions.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.23
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (64268)
Size 329 kB (328788 bytes)
Hash 8d698cfd33f440494717d98f6d8b43fd
24ad1c17eb2088fc09406644c0fd46f3c3cee844
20d40e87d6a4e382643c45e589c61273f0fbe54685912941b826dab688059b0a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.23 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:28 GMT
Server: Apache
Last-Modified: Sun, 04 Oct 2020 10:05:07 GMT
Accept-Ranges: bytes
Content-Length: 328788
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:28 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
neomaxfashions.com/wp-content/plugins/woo-discount-rules/v2/Assets/Js/awdr-dynamic-price.js?ver=2.3.13
162.241.75.135200 OK 3.1 kB URL HTTP/1.1 neomaxfashions.com/wp-content/plugins/woo-discount-rules/v2/Assets/Js/awdr-dynamic-price.js?ver=2.3.13
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 0624a076a8b15d2d238fb31043bed59c
a1f9adbcb37555b3adb1f59666ce22db51658382
cb8528f82c58653ab48a3c62c296c0e5b8483ab9d53a435d1372d401fd2a63d0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woo-discount-rules/v2/Assets/Js/awdr-dynamic-price.js?ver=2.3.13 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:28 GMT
Server: Apache
Last-Modified: Sat, 26 Feb 2022 16:17:17 GMT
Accept-Ranges: bytes
Content-Length: 3053
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:28 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
neomaxfashions.com/wp-content/plugins/wp-whatsapp/assets/js/whatsapp-button.js?ver=3.1.8
162.241.75.135200 OK 888 B URL HTTP/1.1 neomaxfashions.com/wp-content/plugins/wp-whatsapp/assets/js/whatsapp-button.js?ver=3.1.8
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 0a93084318763e71e66c860b71caf9ca
69bec1073e483b81e9d4f87c75dc5f2685e762f2
34e33d9ff223080eb9bbb846525d2290d517313e3889e212d55046d68cd4b7db
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-whatsapp/assets/js/whatsapp-button.js?ver=3.1.8 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:28 GMT
Server: Apache
Last-Modified: Sun, 03 Apr 2022 07:35:35 GMT
Accept-Ranges: bytes
Content-Length: 888
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:28 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
neomaxfashions.com/wp-content/plugins/product-gtin-ean-upc-isbn-for-woocommerce/assets/js/product-gtin-wc-frontend.min.js?ver=1.1.1
162.241.75.135200 OK 644 B URL HTTP/1.1 neomaxfashions.com/wp-content/plugins/product-gtin-ean-upc-isbn-for-woocommerce/assets/js/product-gtin-wc-frontend.min.js?ver=1.1.1
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (644), with no line terminators
Hash b1c65728a803729bf9ec5b8b5b747a25
e66a7d5f79d4684a65824f62489872d30ad93c28
1f6426b89c7b358e25b8433a7d9809d710dcdc3267cbfa64c3a48ec290da2f11
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/product-gtin-ean-upc-isbn-for-woocommerce/assets/js/product-gtin-wc-frontend.min.js?ver=1.1.1 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:28 GMT
Server: Apache
Last-Modified: Mon, 22 Nov 2021 11:13:28 GMT
Accept-Ranges: bytes
Content-Length: 644
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:28 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
neomaxfashions.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.4.1
162.241.75.135200 OK 22 kB URL HTTP/1.1 neomaxfashions.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.4.1
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (22266)
Hash 1d8aa4c6c44c6f36fb21a8ded9feb0e3
e83b719df158acfc3916e952fff942d08d6c226c
10bcbd4ae09be30754f3af7aa2cc9e547e37b14d8b765453d90949644a41a679
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.4.1 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:28 GMT
Server: Apache
Last-Modified: Sun, 04 Oct 2020 10:05:36 GMT
Accept-Ranges: bytes
Content-Length: 22485
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:28 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
neomaxfashions.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
162.241.75.135200 OK 5.6 kB URL HTTP/1.1 neomaxfashions.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5477)
Hash 3a56752b736635bf69cb069b8818cbfd
42e0951fe74bb3f56a30f51291823bcd4a84d76e
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:28 GMT
Server: Apache
Last-Modified: Sat, 13 Jun 2020 18:53:27 GMT
Accept-Ranges: bytes
Content-Length: 5629
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:28 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
neomaxfashions.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.4.1
162.241.75.135200 OK 38 kB URL HTTP/1.1 neomaxfashions.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.4.1
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32004)
Hash f61b01a34a1da9447da88c1ddd7bf946
f21772cf0a93cbdc387c02230bf63962f12d451c
017580aec08ce8e0f36f416e1d07463b22696dd108534bdfbdffdfce3af3a399
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.4.1 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:28 GMT
Server: Apache
Last-Modified: Sun, 04 Oct 2020 10:05:36 GMT
Accept-Ranges: bytes
Content-Length: 37510
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:28 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ebc205cf750164c31d1fce2318d1636b
9309949107d69193b1c5156d45fbcc91e20a0fe4
4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 01:56:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ebc205cf750164c31d1fce2318d1636b
9309949107d69193b1c5156d45fbcc91e20a0fe4
4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 01:56:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
142.250.74.163200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://neomaxfashions.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 17:10:21 GMT
expires: Wed, 06 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 290767
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
neomaxfashions.com/wp-includes/js/underscore.min.js?ver=1.13.1
162.241.75.135200 OK 19 kB URL HTTP/1.1 neomaxfashions.com/wp-includes/js/underscore.min.js?ver=1.13.1
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19034)
Hash 47e07d05e0e32338ed2e112d3f46cac1
331fa3259ce673bf92047a25542305242eb6f35f
4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/underscore.min.js?ver=1.13.1 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:28 GMT
Server: Apache
Last-Modified: Mon, 01 Nov 2021 21:47:13 GMT
Accept-Ranges: bytes
Content-Length: 19069
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:28 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ebc205cf750164c31d1fce2318d1636b
9309949107d69193b1c5156d45fbcc91e20a0fe4
4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 01:56:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ebc205cf750164c31d1fce2318d1636b
9309949107d69193b1c5156d45fbcc91e20a0fe4
4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 01:56:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/oxygen/v15/2sDfZG1Wl4LcnbuKjk0m.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/oxygen/v15/2sDfZG1Wl4LcnbuKjk0m.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 16348, version 1.0\012- data
Hash 8dc707b4818131fab44d482b1db5d458
8a0ff82b12fa25391ce17a6ae069d7fe5002f12d
9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570
GET /s/oxygen/v15/2sDfZG1Wl4LcnbuKjk0m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://neomaxfashions.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16348
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 21:34:21 GMT
expires: Tue, 05 Sep 2023 21:34:21 GMT
cache-control: public, max-age=31536000
age: 361327
last-modified: Mon, 09 May 2022 18:31:32 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ebc205cf750164c31d1fce2318d1636b
9309949107d69193b1c5156d45fbcc91e20a0fe4
4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 01:56:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
neomaxfashions.com/wp-includes/js/wp-util.min.js?ver=5.9.4
162.241.75.135200 OK 1.3 kB URL HTTP/1.1 neomaxfashions.com/wp-includes/js/wp-util.min.js?ver=5.9.4
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1305)
Hash 8637362089372427b52fa10a43d8109c
6009bed674718329dce6055ab09fa95181162d81
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-util.min.js?ver=5.9.4 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:28 GMT
Server: Apache
Last-Modified: Fri, 25 Jun 2021 14:50:58 GMT
Accept-Ranges: bytes
Content-Length: 1340
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:28 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
neomaxfashions.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=6.3.1
162.241.75.135200 OK 14 kB URL HTTP/1.1 neomaxfashions.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=6.3.1
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (13590), with no line terminators
Hash a49a60e0186f705f693279985371da20
3419d4683879d6a48e051e38356602a2f5094511
3b55a00b09e9df011435d1f358401cf7153066bbfeafdc3384e5d8cdaf4e3262
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=6.3.1 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:28 GMT
Server: Apache
Last-Modified: Sun, 03 Apr 2022 07:35:06 GMT
Accept-Ranges: bytes
Content-Length: 13590
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:28 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://neomaxfashions.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 17:10:21 GMT
expires: Wed, 06 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 290767
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwaPGR_p.woff2
142.250.74.163200 OK 5.4 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwaPGR_p.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 5368, version 1.0\012- data
Hash a48b0f049358d7503c497abb4dcbc4d6
d764e136ada1fba8ec4d99994b179d984d7983b8
4ef7cd3d4ed7de91e7eb3c05a31c6fa1da0b08d07cbfab8ae108c34d5e39cdb9
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwaPGR_p.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://neomaxfashions.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 17:20:17 GMT
expires: Wed, 06 Sep 2023 17:20:17 GMT
cache-control: public, max-age=31536000
age: 290171
last-modified: Tue, 26 Apr 2022 15:56:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oxygen/v15/2sDcZG1Wl4LcnbuCNWgzaGW5.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/oxygen/v15/2sDcZG1Wl4LcnbuCNWgzaGW5.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 16172, version 1.0\012- data
Hash 891cacadb2d3449b6f342f571dc743ae
e35ea255304a2981b27f6c2822eb4fd8eaa984d5
5740bce57f68562d42e8ca6f6eb70dca3bc33be11ef0361e78274d360f41adc9
GET /s/oxygen/v15/2sDcZG1Wl4LcnbuCNWgzaGW5.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://neomaxfashions.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16172
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 21:34:21 GMT
expires: Tue, 05 Sep 2023 21:34:21 GMT
cache-control: public, max-age=31536000
age: 361327
last-modified: Mon, 09 May 2022 18:30:51 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ebc205cf750164c31d1fce2318d1636b
9309949107d69193b1c5156d45fbcc91e20a0fe4
4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 01:56:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
neomaxfashions.com/wp-content/plugins/wp-whatsapp/assets/js/whatsapp-popup.js?ver=5.9.4
162.241.75.135200 OK 543 B URL HTTP/1.1 neomaxfashions.com/wp-content/plugins/wp-whatsapp/assets/js/whatsapp-popup.js?ver=5.9.4
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash a3f411c086256fbbce02a971582a9536
5653cd9e4a9530e5fabbbf15bfe047994f287975
e853e383929514630e5499f0f86fd06e1b61dc7e18e5443851073188f65a3928
GET /wp-content/plugins/wp-whatsapp/assets/js/whatsapp-popup.js?ver=5.9.4 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:28 GMT
Server: Apache
Last-Modified: Sun, 03 Apr 2022 07:35:35 GMT
Accept-Ranges: bytes
Content-Length: 543
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:28 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
neomaxfashions.com/wp-content/themes/neomax/fonts/woodmart-font.woff?v=5.2.0
162.241.75.135200 OK 20 kB URL HTTP/1.1 neomaxfashions.com/wp-content/themes/neomax/fonts/woodmart-font.woff?v=5.2.0
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 20144, version 1.0\012- data
Hash db8e037e138a7f0b7902eab0285087c1
68e6a68dcb5dfe755be0eb8ce1865cfbcfbeb957
591eb5805f73292e997f36d8baa027a69f5e4a2ad367f0b15ce656aef3083062
GET /wp-content/themes/neomax/fonts/woodmart-font.woff?v=5.2.0 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://neomaxfashions.com/wp-content/uploads/2021/03/xts-theme_settings_default-1616246988.css?ver=5.2.0
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:28 GMT
Server: Apache
Last-Modified: Sun, 04 Oct 2020 10:04:02 GMT
Accept-Ranges: bytes
Content-Length: 20144
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:28 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/woff
neomaxfashions.com/wp-content/uploads/2020/10/neomax-london-Logotypo-1.svg
162.241.75.135200 OK 7.0 kB URL HTTP/1.1 neomaxfashions.com/wp-content/uploads/2020/10/neomax-london-Logotypo-1.svg
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (7008), with no line terminators
Hash 06acd6a029135f3d90adfe492e8cbc4f
453f26535e043a15f016d6fea98823af999a76bc
ec5d8a914c828a3aaab07a2576d184c50ef6fc89e274ccf95402bc32f7924c8d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2020/10/neomax-london-Logotypo-1.svg HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:28 GMT
Server: Apache
Last-Modified: Tue, 20 Oct 2020 12:14:50 GMT
Accept-Ranges: bytes
Content-Length: 7008
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:28 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/svg+xml
neomaxfashions.com/wp-content/uploads/2018/06/glasses-search.svg
162.241.75.135200 OK 772 B URL HTTP/1.1 neomaxfashions.com/wp-content/uploads/2018/06/glasses-search.svg
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 0deee61d01fe9161dc5051925bf9af46
12b958db83d600ebd348f3ac2663ecc4fa600fb8
8ba093e960bcf50a25c7de39c48a0ec7d8441b519396b6d26c403f798e87ff50
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2018/06/glasses-search.svg HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:28 GMT
Server: Apache
Last-Modified: Thu, 20 Feb 2020 08:58:45 GMT
Accept-Ranges: bytes
Content-Length: 772
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:28 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/svg+xml
neomaxfashions.com/wp-content/uploads/2018/06/glasses-wish-list.svg
162.241.75.135200 OK 960 B URL HTTP/1.1 neomaxfashions.com/wp-content/uploads/2018/06/glasses-wish-list.svg
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 419ca9bdd5513c1f2a8eac0b8df18217
0e5e383f05f12db2a0b3919026aabd25293ad9e1
f6ea1fb72a75fb97f1de96e735b0b787dae2be82276e41071432254d0f1dce12
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2018/06/glasses-wish-list.svg HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:28 GMT
Server: Apache
Last-Modified: Thu, 20 Feb 2020 08:58:45 GMT
Accept-Ranges: bytes
Content-Length: 960
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:28 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/svg+xml
neomaxfashions.com/wp-content/uploads/2018/06/glass-shopping-bag.svg
162.241.75.135200 OK 928 B URL HTTP/1.1 neomaxfashions.com/wp-content/uploads/2018/06/glass-shopping-bag.svg
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6686c6332ba7f9b440ebd84b4e209cab
8012249e0c6cb019f5f51fbd59d6e62068e2e7a9
aa912f7e8ae031d5b4381e67ea78129e6b13f7a8845f279817577ce3bef909a8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2018/06/glass-shopping-bag.svg HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:28 GMT
Server: Apache
Last-Modified: Thu, 20 Feb 2020 08:58:45 GMT
Accept-Ranges: bytes
Content-Length: 928
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:28 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/svg+xml
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Sat, 10 Sep 2022 00:41:12 GMT
expires: Sat, 10 Sep 2022 02:41:12 GMT
cache-control: public, max-age=7200
age: 4516
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
neomaxfashions.com/wp-content/uploads/2020/02/cropped-ninofav-1-192x192.png
162.241.75.135200 OK 3.0 kB URL HTTP/1.1 neomaxfashions.com/wp-content/uploads/2020/02/cropped-ninofav-1-192x192.png
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 9b0d7a5fed9dc80b77f3a8cb272de151
94ccd4d0c774b0f57c9ef9274e758bc06ed6e4bb
820ad89534b47532fe71fec14060c6d9549a6457dfefd23f023b93b0deec02b7
GET /wp-content/uploads/2020/02/cropped-ninofav-1-192x192.png HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:29 GMT
Server: Apache
Last-Modified: Wed, 04 Nov 2020 10:24:15 GMT
Accept-Ranges: bytes
Content-Length: 2966
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:29 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
neomaxfashions.com/wp-content/uploads/2020/02/cropped-ninofav-1-32x32.png
162.241.75.135200 OK 414 B URL HTTP/1.1 neomaxfashions.com/wp-content/uploads/2020/02/cropped-ninofav-1-32x32.png
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 5e90b0c089e40c633b70b7119b1f8f14
2ef49c40e1a0fdb42b4f2225f66db741065a243f
c2d246fd0783d01e7ca36888555fbbc5d167244def8955a3c220fe1367b36870
GET /wp-content/uploads/2020/02/cropped-ninofav-1-32x32.png HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:29 GMT
Server: Apache
Last-Modified: Wed, 04 Nov 2020 10:24:15 GMT
Accept-Ranges: bytes
Content-Length: 414
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:29 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
neomaxfashions.com/?wc-ajax=get_refreshed_fragments
162.241.75.135200 OK 969 B URL HTTP/1.1 neomaxfashions.com/?wc-ajax=get_refreshed_fragments
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JSON data\012- , ASCII text, with very long lines (969), with no line terminators
Hash 78d13faf128ee038e9f15086b5247144
cb57104204fea80be3faa1690559e836b35c4b96
551d8276258eba3f0a87bf8b6f2a507940712fe9c9becd05c97231ad28908b6a
Analyzer Verdict Alert fortinet Malware
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://neomaxfashions.com
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d; _ga=GA1.2.1085844392.1662774980; _gid=GA1.2.2043641509.1662774980
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:29 GMT
Server: Apache
Pragma: no-cache
Access-Control-Allow-Origin: https://neomaxfashions.com
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Robots-Tag: noindex
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa182b544-7a04-472f-a9a7-ebdbae8e3f2b.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa182b544-7a04-472f-a9a7-ebdbae8e3f2b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5839e530b8896305482a891ce3ee932
656d3067399152a787e1892177999b18b68df0e8
e626c93be83078240745ed4c7cbf1583f961a4ba5bffda39bce5ac3e8173ac22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa182b544-7a04-472f-a9a7-ebdbae8e3f2b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9882
x-amzn-requestid: cd8faaa9-718f-4996-8ad2-422262171c1a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNitWFwXoAMFy-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb188-16672c55534c2dc52aae3ebb;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:35:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: OT_CQarnEnYCsdaFtzgiZkcxZCiAaw_XOluJ00u60bI5dMS4I_l18w==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:13:32 GMT
age: 13378
etag: "656d3067399152a787e1892177999b18b68df0e8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Oxygen%3A300%2C400%2C700%7CLato%3A100%2C100italic%2C300%2C300italic%2C400%2C400italic%2C700%2C700italic%2C900%2C900italic&ver=5.2.0
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Oxygen%3A300%2C400%2C700%7CLato%3A100%2C100italic%2C300%2C300italic%2C400%2C400italic%2C700%2C700italic%2C900%2C900italic&ver=5.2.0
IP 142.250.74.10:0
GET /css?family=Oxygen%3A300%2C400%2C700%7CLato%3A100%2C100italic%2C300%2C300italic%2C400%2C400italic%2C700%2C700italic%2C900%2C900italic&ver=5.2.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 10 Sep 2022 01:56:27 GMT
date: Sat, 10 Sep 2022 01:56:27 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
neomaxfashions.com/wp-content/themes/neomax/js/theme.min.js?ver=5.2.0
162.241.75.135200 OK 0 B URL HTTP/1.1 neomaxfashions.com/wp-content/themes/neomax/js/theme.min.js?ver=5.2.0
IP 162.241.75.135:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/themes/neomax/js/theme.min.js?ver=5.2.0 HTTP/1.1
Host: neomaxfashions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://neomaxfashions.com/sint-ut/documents.zip
Cookie: PHPSESSID=5523d8f5a2d6e4ec9c26fa8f591e6c8d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 01:56:28 GMT
Server: Apache
Last-Modified: Sun, 04 Oct 2020 10:04:02 GMT
Accept-Ranges: bytes
Content-Length: 738048
Cache-Control: max-age=86400
Expires: Sun, 11 Sep 2022 01:56:28 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript