r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11174
Expires: Fri, 31 Mar 2023 10:25:12 GMT
Date: Fri, 31 Mar 2023 07:18:58 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b93010cbf31ba3ec785b4088e5d0f529
c0f1ab8a2aae3c445a8f24959a4eea433a345caf
2cc1a5865dee7636b82a68deddd3aff8b697e846e37789a694cc3c7c47340590
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CC1A5865DEE7636B82A68DEDDD3AFF8B697E846E37789A694CC3C7C47340590"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19830
Expires: Fri, 31 Mar 2023 12:49:28 GMT
Date: Fri, 31 Mar 2023 07:18:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 29fdbcd53b5646cfcdd46510063734c4
85e3ceda5ef130219f4fe8a31e52e2690c8f7d8e
24c27586332c016685e6231fec5836e921048d8aaefbcd4cd6f88969f9d91e18
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 31 Mar 2023 06:28:22 GMT
content-type: application/json
age: 3036
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 76218c893040d958ae1c4231cdd2133c
6a7b336dee91d4aec26ace0a5883ecdfac52e68f
d35492b04d16ed00e9e195e7c84c99aa6a2b8a93abeb656baae0918986f0a7e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D35492B04D16ED00E9E195E7C84C99AA6A2B8A93ABEB656BAAE0918986F0A7E4"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11624
Expires: Fri, 31 Mar 2023 10:32:42 GMT
Date: Fri, 31 Mar 2023 07:18:58 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: KDhpQCf5/iI8ehjgmek4RgWgcFpKZ3Ew1R9GLZImdGiuFUuOZlYgIz4RbISG7xRz5GyhkKws/hw=
x-amz-request-id: GJMJ59F5HM41T46X
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 31 Mar 2023 06:33:59 GMT
age: 2699
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:18:59 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ab61862f016dea85f8aa55e59369d905
a5e81f13052b9e9184caf05a9740c345a40d1f22
e0d580c313088d524a5338e63e4acf9f3f3cb45a54f2528c5d1c4915d71b255b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0D580C313088D524A5338E63E4ACF9F3F3CB45A54F2528C5D1C4915D71B255B"
Last-Modified: Thu, 30 Mar 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15244
Expires: Fri, 31 Mar 2023 11:33:03 GMT
Date: Fri, 31 Mar 2023 07:18:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Backoff, Cache-Control, Last-Modified, Content-Length, Retry-After, Pragma, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 31 Mar 2023 07:14:39 GMT
age: 260
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
184.168.113.29301 Moved Permanently 0 B URL HTTP/1.1 www.neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata high ET PHISHING Generic Phishkit Activity (GET)
GET /BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272 HTTP/1.1
Host: www.neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 31 Mar 2023 07:19:08 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Expires: Fri, 31 Mar 2023 08:19:08 GMT
Cache-Control: max-age=3600
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
Vary: Accept-Encoding
Content-Length: 0
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
34.117.65.55101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.117.65.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BUxcLPcxfUUG26bJdFsieQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UM89aSbZJqIzH/Gd0kiWUfmw9Pg=
Date: Fri, 31 Mar 2023 07:18:59 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
neofitnes.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
184.168.113.29302 Found 264 B URL HTTP/1.1 neofitnes.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 59f5b2764e2ca9b2143e6d64a9164f16
b5653fdb30b91173ffaffa4e971ac3dcf1af76ce
ba32577e7809bb21ed2da2d8da43c6f6d44c67c685dd1026f706dba0d1444544
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:10 GMT
Server: Apache
Location: https://neofitnes.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Content-Length: 264
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=9.6.6
184.168.113.29302 Found 300 B URL HTTP/1.1 neofitnes.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=9.6.6
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7f35210d3440b7c8219a620986752101
7efd8aa6f34db7a34f009bc715931c3b5868616d
08f951e5b2546c73c85ba2aaaf743d536b3916e4d9cb69c873200006e50cc436
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=9.6.6 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:10 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=9.6.6
Content-Length: 300
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=9.6.6
184.168.113.29302 Found 308 B URL HTTP/1.1 neofitnes.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=9.6.6
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f60c050f9ba290c379769858768b11d0
ad57e0425906d66707adb7442bc5a0525e1c571f
ee44b4ebbc3a5cb3c55aa3bca845609a0148d4612ca29a2f5cd7617a6ef96b64
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=9.6.6 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:10 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=9.6.6
Content-Length: 308
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-includes/css/classic-themes.min.css?ver=1
184.168.113.29302 Found 250 B URL HTTP/1.1 neofitnes.com/wp-includes/css/classic-themes.min.css?ver=1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5a358898ad337ddd078dd1f5f4fe7e8b
59bde706e30a449b46d727dbc83768a1a3dda749
b8e127ebc4ccf661798d7df356c3b535d6bdbf021715fabcef901a47f920e59f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:10 GMT
Server: Apache
Location: https://neofitnes.com/wp-includes/css/classic-themes.min.css?ver=1
Content-Length: 250
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.5.1
184.168.113.29302 Found 275 B URL HTTP/1.1 neofitnes.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.5.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash aad69d61756163b754b3608a4735724f
4031fb86cf8e67f3a6c96c391742afa2f2161209
f04f42d55323dd10b4f6d4ee73f6eb3affe2c86413b0d413f7c42311dc7ac121
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.5.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:10 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.5.1
Content-Length: 275
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
184.168.113.29302 Found 254 B URL HTTP/1.1 neofitnes.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b8d6d44c83c474bf01e1b9a1ef72049a
1897eb5c943bea3e6b3c258eae1bc3f2761fd8c8
020fa250aeb66f1da2988d9c7cc96a30bc8d84e62a620fec59a275436e401a56
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:10 GMT
Server: Apache
Location: https://neofitnes.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Content-Length: 254
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19287
Expires: Fri, 31 Mar 2023 12:40:28 GMT
Date: Fri, 31 Mar 2023 07:19:01 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19287
Expires: Fri, 31 Mar 2023 12:40:28 GMT
Date: Fri, 31 Mar 2023 07:19:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8a2b8f737604b7983cf686c82599dc73
aa63be93c4cd641f09ce0d5144ef60aab21caed1
78835586bfd170fee7e6f70b2b426ed186f5aeae969459c6dcbf527ba9c0deec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6380
x-amzn-requestid: 0a129a69-0720-47a0-8b0e-b3200de24204
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUn6E19IAMF9SQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260165-564474a42e79d1dc4eb9558f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:45 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: L6tgzFrj9t69Rnfd9bziAPiROAX0tvcj9Kcg8sXkto8qRFeKqiwkpg==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 22:17:06 GMT
age: 32515
etag: "aa63be93c4cd641f09ce0d5144ef60aab21caed1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba3e3682-3d0e-4ac1-8330-9ea9ebe92041.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba3e3682-3d0e-4ac1-8330-9ea9ebe92041.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0530376e431b6563796e4abb0db0bc4e
6921f4bd83a806e1ea8247854ad4c045fa7ee298
d6371c81d5494d5e50fd5cc1cfe1ce28213dfa70ea5a94df82c9f4b3e6430a53
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba3e3682-3d0e-4ac1-8330-9ea9ebe92041.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10490
x-amzn-requestid: 0525e5c4-485e-47eb-ab95-1136e4d5c29a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUnTEztoAMFzMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260161-54b47454475ff6ee4d880534;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:41 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: jl5cQc_Zqq5xNDMcs5jRHb3HBIjuucl-JHF126hInXrOfv_CG-UqSg==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 22:18:02 GMT
age: 32459
etag: "6921f4bd83a806e1ea8247854ad4c045fa7ee298"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19287
Expires: Fri, 31 Mar 2023 12:40:28 GMT
Date: Fri, 31 Mar 2023 07:19:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5ac5665-fe23-4026-a00b-567f98678f9e.webp
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5ac5665-fe23-4026-a00b-567f98678f9e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e55c2ccec92fa37b631f5616ba5e1b77
c3f1113bad672968f22e63693ef4481f7f5616fe
10bfe1a2cf0b6e0a2a548935a1afc061fc61990a121a84580f3969df68b7974c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5ac5665-fe23-4026-a00b-567f98678f9e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10706
x-amzn-requestid: 2e382033-306f-40ed-b259-76790e5e3ac9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUlmGujoAMFamQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260156-3856db4579fce52a18219166;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: cYDbU2yRL1y7tFVehv7XBDdywykpvl7kVurr1JvsGPTlYkmsOBwczg==
via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 22:04:58 GMT
age: 33243
etag: "c3f1113bad672968f22e63693ef4481f7f5616fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19287
Expires: Fri, 31 Mar 2023 12:40:28 GMT
Date: Fri, 31 Mar 2023 07:19:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2f9b47f-7e28-468a-96d8-f92534ab813e.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2f9b47f-7e28-468a-96d8-f92534ab813e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 809c8ac4f4ec3c118e43e401ff7f1570
5e3437ccd6b18b17b5fd2ffe67ee592acb01eb29
5c8e37e45cabe2b53d654fb01f869846c282f53b36a8fdb3521992aedc96cf70
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2f9b47f-7e28-468a-96d8-f92534ab813e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9471
x-amzn-requestid: 3882bb5f-32d0-451d-aeb2-ff6474747a14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnVE_Gx_oAMFmsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6426021f-486afb1d6942e493158fe68a;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:41:51 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 0ovDSxobqvu97QXQme6M_kCrBD9Dyug4z5i6t1eyHFMuUc6H4pq5uw==
via: 1.1 4e4278a2778e72cc34feef6db603088c.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:46:05 GMT
age: 34376
etag: "5e3437ccd6b18b17b5fd2ffe67ee592acb01eb29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef54a1ed997cc09495edb102ccdf6803
f5637efb37b5eecff77e60e6bcf5f599991f334f
fa76d7a82dc15baf02b207cea874d1332c20a0ebe1eea99929a6f2746608412c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8745
x-amzn-requestid: e1d8dab6-4c15-4752-b528-21854c93a11c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguJ5Hy5oAMFyAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235d72-4bd62c8472f7257a155b2a80;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:42 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: LAAUFZcFBIpdMUkaDQXGW1sdwLK9c_uhQQHLiJHGF7dEvfJ0KX7MaA==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 06:44:37 GMT
age: 2064
etag: "f5637efb37b5eecff77e60e6bcf5f599991f334f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19287
Expires: Fri, 31 Mar 2023 12:40:28 GMT
Date: Fri, 31 Mar 2023 07:19:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36630e1b-1c89-4e55-ac67-f104436fd02c.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36630e1b-1c89-4e55-ac67-f104436fd02c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45a4bac8a91b725def9099fd6f720285
134ace682a567c7e385817c8f8af0d49acfde847
3d60e54132cbbba19ce8ad4bdf79a4b3b6ae74573f45bf4f080a283aa250b53c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36630e1b-1c89-4e55-ac67-f104436fd02c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8358
x-amzn-requestid: 8069495f-4ea5-4975-8369-fc4db9199774
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUllH2fIAMFdlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260156-2e5418a132076d0569e30de6;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: z4Jd4oIn19s5lhDNYlrrh6RlxDz7mxCg1KJKUyFfJfqZsymvADn88g==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 6a6653dfb47ccc5082f2a5b9d0d168ce.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 22:02:05 GMT
age: 33416
etag: "134ace682a567c7e385817c8f8af0d49acfde847"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
184.168.113.29404 Not Found 122 kB URL HTTP/1.1 neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (50685)
Size 122 kB (122396 bytes)
Hash dca28d0df84ef204b9ff3396c4fa7ef6
100dfebc376549dd6aa62a07ddb84fe107833efd
839a637b3a1b418f0afc63d911910cba9e4727c314453f234a20268098f11064
NIDS Severity Alert suricata high ET PHISHING Generic Phishkit Activity (GET)
GET /BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 07:19:09 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://neofitnes.com/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Keep-Alive: timeout=5
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
neofitnes.com/wp-content/themes/sway/core/assets/css/bootstrap.min.css?ver=2.8
184.168.113.29302 Found 270 B URL HTTP/1.1 neofitnes.com/wp-content/themes/sway/core/assets/css/bootstrap.min.css?ver=2.8
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e036a4d288c3ca380c6457b6a58a44d2
878e2606a0ba73d15f35e1e315aafec353026c5f
147aa2dccead98c3b1e6bc03d51b2ab168367d8a8245814f5c934a16694c4547
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/sway/core/assets/css/bootstrap.min.css?ver=2.8 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:10 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/themes/sway/core/assets/css/bootstrap.min.css?ver=2.8
Content-Length: 270
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/themes/sway/style.css?ver=2.8
184.168.113.29302 Found 246 B URL HTTP/1.1 neofitnes.com/wp-content/themes/sway/style.css?ver=2.8
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 05c525ce20c3b29089c7d297ec29050d
b0c0e4125657aeff6eaadfcd97f02375cbb68b30
93b7026c76327e5b21aa0c0be24e0d507d61ae8ecae167eb2e0b35739b04a8ce
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/sway/style.css?ver=2.8 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:10 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/themes/sway/style.css?ver=2.8
Content-Length: 246
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/plugins/keydesign-addon/assets/css/kd_vc_front.css?ver=6.1.1
184.168.113.29302 Found 277 B URL HTTP/1.1 neofitnes.com/wp-content/plugins/keydesign-addon/assets/css/kd_vc_front.css?ver=6.1.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 40a453c577d2872df55af07d9034bf14
db27e0ef5a70321cc49884061e0cc25089ce602b
ce18f3c3a1edcd2e0101096080198892e517f27d5939f150aa5e45a6a12b601f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/keydesign-addon/assets/css/kd_vc_front.css?ver=6.1.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:10 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/plugins/keydesign-addon/assets/css/kd_vc_front.css?ver=6.1.1
Content-Length: 277
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/plugins/redux-framework/redux-core/inc/extensions/social_profiles/social_profiles/css/field_social_profiles_frontend.css?ver=4.3.17
184.168.113.29302 Found 348 B URL HTTP/1.1 neofitnes.com/wp-content/plugins/redux-framework/redux-core/inc/extensions/social_profiles/social_profiles/css/field_social_profiles_frontend.css?ver=4.3.17
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4eba6eeb25c190be3d0b6e0709092615
7c192108800ab2504cafa98b405c8359e9031fa8
aed27781265c3fbaa86543bfbbe89cb38f2591afd3991d6c008823b0171435e5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/redux-framework/redux-core/inc/extensions/social_profiles/social_profiles/css/field_social_profiles_frontend.css?ver=4.3.17 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:10 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/plugins/redux-framework/redux-core/inc/extensions/social_profiles/social_profiles/css/field_social_profiles_frontend.css?ver=4.3.17
Content-Length: 348
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/themes/sway/core/assets/css/woocommerce.css
184.168.113.29302 Found 260 B URL HTTP/1.1 neofitnes.com/wp-content/themes/sway/core/assets/css/woocommerce.css
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f503f593700d51c5612e9d99d1f980bf
2f77815b8d62d2e12755eecc9651eb93dfe6f78c
3d23ffbaa2b4898ee8f711d1087baf5ccef6135f86f048a74ad85e725d595d8a
GET /wp-content/themes/sway/core/assets/css/woocommerce.css HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:10 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/themes/sway/core/assets/css/woocommerce.css
Content-Length: 260
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 66d3c8a2dc7656b819dfe99dd74ef41b
9ac102973657c13264a7a17ad2e3ffc6f4d1f570
23346d5aae2c9440f6a6d9c1d366003dfaefd1cc83212ce033bfdc30e5054cc6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 07:19:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
neofitnes.com/wp-content/plugins/miniorange-otp-verification/includes/js/intlTelInput.min.js?version=13.0.0&ver=6.1.1
184.168.113.29302 Found 313 B URL HTTP/1.1 neofitnes.com/wp-content/plugins/miniorange-otp-verification/includes/js/intlTelInput.min.js?version=13.0.0&ver=6.1.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 389d9e0c4cfa3c77862c574b472a1d62
0890e78d2dd22566917a07171648feb2aafea2f9
46fcbd08212333b3fa6987a5e998c4e4c007ed10523b59befdb8a9f0fca76a12
GET /wp-content/plugins/miniorange-otp-verification/includes/js/intlTelInput.min.js?version=13.0.0&ver=6.1.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:10 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/plugins/miniorange-otp-verification/includes/js/intlTelInput.min.js?version=13.0.0&ver=6.1.1
Content-Length: 313
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.googletagmanager.com/gtag/js?id=G-T99VP73TNT
172.217.21.168200 OK 81 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-T99VP73TNT
IP 172.217.21.168:0
File type ASCII text, with very long lines (25752)
Hash 7b2354ba68f2e926dfabd6ffea6a2d1e
914da29bb75a9b511eaeed1b994dc2d0814e8d47
1418729c72c7b42c5542bac05e070d0ddee9172a0c73bfe0ae8278351851ae47
GET /gtag/js?id=G-T99VP73TNT HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neofitnes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 31 Mar 2023 07:19:01 GMT
expires: Fri, 31 Mar 2023 07:19:01 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81176
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
kit.fontawesome.com/a29229187e.js?ver=1680247149
104.18.23.52200 OK 4.6 kB URL HTTP/2 kit.fontawesome.com/a29229187e.js?ver=1680247149
IP 104.18.23.52:0
Hash 3a712ebf547d226a8ba7c46211df0414
2a23d182700aea9e9d0332f0a3ee4216404f2582
6ef8ed1ffec7f6e6af0978d27fb37c4208b69aaa32c43d256730da9f200eeeff
GET /a29229187e.js?ver=1680247149 HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neofitnes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 07:19:01 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F1Fv32eaKB6OqP458BgC
cf-cache-status: MISS
server: cloudflare
cf-ray: 7b06d258dba8b50b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
neofitnes.com/wp-content/plugins/miniorange-otp-verification/includes/css/intlTelInput.min.css?version=13.0.0&ver=6.1.1
184.168.113.29302 Found 315 B URL HTTP/1.1 neofitnes.com/wp-content/plugins/miniorange-otp-verification/includes/css/intlTelInput.min.css?version=13.0.0&ver=6.1.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2301024f00be88257f5b591da1ec778b
ed1cd6c6c4f4418905c80d31ebffb044d78677d3
d59b4b0556c53c97a4bf815b03f7ef1bf6b440f1049a8b2e80338f98d6119cb5
GET /wp-content/plugins/miniorange-otp-verification/includes/css/intlTelInput.min.css?version=13.0.0&ver=6.1.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:10 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/plugins/miniorange-otp-verification/includes/css/intlTelInput.min.css?version=13.0.0&ver=6.1.1
Content-Length: 315
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
184.168.113.29302 Found 251 B URL HTTP/1.1 neofitnes.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ae4a77a048f66aab944002fa89f2dfff
945776622dabe3005ebf927ce9b1aabe4a240643
f9782ffae5bdf7cd162476f294dc45114320023fd57036cb75afcfd2398ef112
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:10 GMT
Server: Apache
Location: https://neofitnes.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Content-Length: 251
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
184.168.113.29302 Found 259 B URL HTTP/1.1 neofitnes.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ec311eecbbdfb075303358dee665260b
6151be573b3a4092a189a9dec946d8a8110afe9d
15ced36416cdef411d3a263c7f222789c81db231d683e513de75a4cb56738eb8
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:10 GMT
Server: Apache
Location: https://neofitnes.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Content-Length: 259
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/plugins/keydesign-addon/assets/js/owl.carousel.min.js?ver=6.1.1
184.168.113.29302 Found 280 B URL HTTP/1.1 neofitnes.com/wp-content/plugins/keydesign-addon/assets/js/owl.carousel.min.js?ver=6.1.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c5d2eb72118037ab32c2b4eeaedcae64
adf8a1e2cc19bdd7c17d92b8a745e390ae5750b5
ef62596dc633d9e8c63486eb7dcd2379b2d64f5a2dde29539d122d3ee6c9e60b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/keydesign-addon/assets/js/owl.carousel.min.js?ver=6.1.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:10 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/plugins/keydesign-addon/assets/js/owl.carousel.min.js?ver=6.1.1
Content-Length: 280
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/plugins/keydesign-addon/assets/js/kd_addon_script.js?ver=6.1.1
184.168.113.29302 Found 279 B URL HTTP/1.1 neofitnes.com/wp-content/plugins/keydesign-addon/assets/js/kd_addon_script.js?ver=6.1.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9265b82b58b930359600fd161767c766
d3bf4a079409329f1b0bcbb1777d82008316dde4
78346ba6f4b16ea1b9970d40c157247f5a2d29e5b31ef0ee03a572dfc7fd6a45
GET /wp-content/plugins/keydesign-addon/assets/js/kd_addon_script.js?ver=6.1.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:10 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/plugins/keydesign-addon/assets/js/kd_addon_script.js?ver=6.1.1
Content-Length: 279
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.5.1
184.168.113.29302 Found 302 B URL HTTP/1.1 neofitnes.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.5.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 356ebb5f9f08ecb44cac66a7f6c988b4
d297f81598804df1bf2a62681fd4b540c78c7878
d1492275145f75a7d18d0898ecb572f3305e3f636f8abe86c9384c3e7fc0a4d2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.5.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:10 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.5.1
Content-Length: 302
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.10.0
184.168.113.29302 Found 292 B URL HTTP/1.1 neofitnes.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.10.0
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 457caa4f9b626d9dfe22d8a66f9b48f6
c2dc3e2b2db4f6aaa34831006dbb31368cdbeaed
8ae5a67c0a45e68caa95f30a1894eec92209c43954dd2e8933e396e170eda170
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.10.0 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:11 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.10.0
Content-Length: 292
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.5.1
184.168.113.29302 Found 284 B URL HTTP/1.1 neofitnes.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.5.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6ccce1458115d4f6b078a5e94a60ddba
1fdd06fa4a31744d02fe70b994cf43be3ece56cf
2dfbb2f8aeb085e8d444fa82c7541ad52d11018c05994f190a12e16855bae564
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.5.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:11 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.5.1
Content-Length: 284
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/themes/sway/core/assets/js/woocommerce-keydesign.js
184.168.113.29302 Found 268 B URL HTTP/1.1 neofitnes.com/wp-content/themes/sway/core/assets/js/woocommerce-keydesign.js
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0737076ada51cc92a9b9a332a27a15e4
f3bab73d96f531594081fc848cf2a2b7f6d78d3d
a41eb9f77f531c0f908c8c97d6a97552bd1e141157c6b0ca57ad2f77cc51ffb4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/sway/core/assets/js/woocommerce-keydesign.js HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:11 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/themes/sway/core/assets/js/woocommerce-keydesign.js
Content-Length: 268
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/uploads/redux/custom-fonts/fonts.css?ver=1680247149
184.168.113.29302 Found 268 B URL HTTP/1.1 neofitnes.com/wp-content/uploads/redux/custom-fonts/fonts.css?ver=1680247149
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fb0cb201e3fadd63470cecd0eaf37b82
03a725982a4af2e60aa07db905f9806f1c32d6c7
d555b3c19531abb403e3a309ee8f97501affbce43efead40df103fafad9b4cf0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1680247149 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:11 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/uploads/redux/custom-fonts/fonts.css?ver=1680247149
Content-Length: 268
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-includes/css/classic-themes.min.css?ver=1
184.168.113.29200 OK 145 B URL HTTP/2 neofitnes.com/wp-includes/css/classic-themes.min.css?ver=1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 2dfb9ddeabe846b150087876ceb22a74
c9e3350631e53855d04d6dce360a675c84b3131d
26ef5cb63a695419cf11c79a759b46c5568df3716e4f1d36e7612b3695d5b554
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
etag: "21a3137-d9-5ebdc1e39f300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 145
content-type: text/css
date: Fri, 31 Mar 2023 07:19:11 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/plugins/redux-framework/redux-core/inc/extensions/social_profiles/social_profiles/css/field_social_profiles_frontend.css?ver=4.3.17
184.168.113.29200 OK 91 B URL HTTP/2 neofitnes.com/wp-content/plugins/redux-framework/redux-core/inc/extensions/social_profiles/social_profiles/css/field_social_profiles_frontend.css?ver=4.3.17
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 731adc57f61f9c220dd05db587cde901
af5d2b1f2c5e4bdcb59302a9542a1ac950dc66d2
4d948b2ac6f0fcab17e737e4b56619bfd305ff4f774896c045431370510b1e87
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/redux-framework/redux-core/inc/extensions/social_profiles/social_profiles/css/field_social_profiles_frontend.css?ver=4.3.17 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 04 Feb 2023 06:17:44 GMT
etag: "2541073-c0-5f3d9c194c989-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 91
content-type: text/css
date: Fri, 31 Mar 2023 07:19:11 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=9.6.6
184.168.113.29200 OK 1.8 kB URL HTTP/2 neofitnes.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=9.6.6
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (10435), with no line terminators
Hash 8fd1cff635c697045de30598a11a33df
2af0dc7e5214a5f007650abf5105e12d48cc818e
667093568e72dd243e44797fc1837b7a83fda3b187ff74de405666c6e1d9ea6c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=9.6.6 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Mar 2023 07:41:41 GMT
etag: "22414eb-28c3-5f8051b5c7124-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1760
content-type: text/css
date: Fri, 31 Mar 2023 07:19:11 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.10
184.168.113.29302 Found 271 B URL HTTP/1.1 neofitnes.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.10
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d94ca5003cd036fc560b2acf654a4bc7
66071d7e47604772fb0e6af8a0662c2477a5aaef
79eae2836a5cb552f62ac6227630a33cc807350911308944e19aa40d3d6bc8a6
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.10 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:11 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.10
Content-Length: 271
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.5.1
184.168.113.29302 Found 276 B URL HTTP/1.1 neofitnes.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.5.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0b59bd79c8474f963b692f5c725b1171
7bdfcc38b9891dae676a191f3f18f17653441406
27b2111f26f945aa5b0ad9659563a2b5f504d65744927333d31d62a9278099b6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.5.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:11 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.5.1
Content-Length: 276
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/plugins/product-open-pricing-name-your-price-for-woocommerce/includes/js/alg-wc-pop-frontend.js?ver=1.7.0
184.168.113.29302 Found 322 B URL HTTP/1.1 neofitnes.com/wp-content/plugins/product-open-pricing-name-your-price-for-woocommerce/includes/js/alg-wc-pop-frontend.js?ver=1.7.0
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 79445bbbb2cb776cc8703c7cca0deb18
31c638fdbbf29de534c3f77311a1bd763a911f65
5352b986d48c36dd8b515c6a7a26139a0b30cfcca13976c00428484673fe5a3e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/product-open-pricing-name-your-price-for-woocommerce/includes/js/alg-wc-pop-frontend.js?ver=1.7.0 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:11 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/plugins/product-open-pricing-name-your-price-for-woocommerce/includes/js/alg-wc-pop-frontend.js?ver=1.7.0
Content-Length: 322
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.5.1
184.168.113.29302 Found 272 B URL HTTP/1.1 neofitnes.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.5.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8065968599bb23adc5f77bf17bb85658
37f494f7bfd349a7935ffe2ab94b7b6d1c5b5e39
8b29a21c2043bf1cbebade1c270333a9a4f078edb5b1b203e4ae3b44c8d7c3b0
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.5.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:11 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.5.1
Content-Length: 272
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.10
184.168.113.29302 Found 277 B URL HTTP/1.1 neofitnes.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.10
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3f8ba24a6a8047e67a09b05a537d561c
9f67de2cbaea138bf6413562b41041e036486c56
47965b18b5ec20ab08cd00b3be0f9d080bae22ac85c60fdca82c6abb5a487803
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.10 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:11 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.10
Content-Length: 277
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.10
184.168.113.29302 Found 273 B URL HTTP/1.1 neofitnes.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.10
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fa36df636bb629b749a4283424c1108f
1333510003f905fe79a7686fa6471ef5cc88ebc9
00a3eb772f6e9368e32bee75dd96321f16a9342ac0acedae83d06928fbdc43d8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.10 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:11 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.10
Content-Length: 273
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
184.168.113.29200 OK 12 kB URL HTTP/2 neofitnes.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (47826)
Hash 5e3752655a7a33c049db06c0edf386e6
573c51b0de413f30a220c9261506635f9daf2b81
d6571c641370e9bb83b25b5a493fca6ae3109ae384f7a8a9507ccdfb9067627d
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
etag: "21a3161-172a9-5ed33192c4540-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 11590
content-type: text/css
date: Fri, 31 Mar 2023 07:19:11 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/themes/sway/core/assets/css/bootstrap.min.css?ver=2.8
184.168.113.29200 OK 15 kB URL HTTP/2 neofitnes.com/wp-content/themes/sway/core/assets/css/bootstrap.min.css?ver=2.8
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65371)
Hash 21a44edd589bba3df291f762dbe6f013
26225ebd356eb8e7ff3bbb31beeea1b9b6351b66
d6c3ca1989940f9c057404df8eb46d062e2cffb4595b0739d09c3809a937c8db
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/sway/core/assets/css/bootstrap.min.css?ver=2.8 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 12:51:02 GMT
etag: "2201789-1988c-5ec0397f49980-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 15440
content-type: text/css
date: Fri, 31 Mar 2023 07:19:11 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.5.1
184.168.113.29302 Found 292 B URL HTTP/1.1 neofitnes.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.5.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d7ab04013be2bd742592bddf853fd612
3f3de81ba915884694dfc715741a3bc02baaa9c0
e8d01db4d0aa5f95b07e1e21e9355845c0a6f546dfdf854647fa4e9628271288
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.5.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:11 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.5.1
Content-Length: 292
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.5.1
184.168.113.29302 Found 284 B URL HTTP/1.1 neofitnes.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.5.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2d72a589ac83d6fefb8a429344e1bdc4
411adbf40549a4c4b08d9f96e5de741beb84ea58
bd9d443ff9a281cf98ccdf59bbb7c884c2c3e5bab22ebebe1545904fcfc07422
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.5.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:11 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.5.1
Content-Length: 284
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/themes/sway/core/assets/js/bootstrap.min.js?ver=2.8
184.168.113.29302 Found 268 B URL HTTP/1.1 neofitnes.com/wp-content/themes/sway/core/assets/js/bootstrap.min.js?ver=2.8
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8a7c1036234c6f42dd270832a1836e39
901be2415c00494d51a0cc99e4eb09ec2d64cad2
76eca7b3cef3ff5276482b8cbf02b26ca62cb029c641ef5da638d5c799a2d7e8
GET /wp-content/themes/sway/core/assets/js/bootstrap.min.js?ver=2.8 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:11 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/themes/sway/core/assets/js/bootstrap.min.js?ver=2.8
Content-Length: 268
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.5.1
184.168.113.29302 Found 287 B URL HTTP/1.1 neofitnes.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.5.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8ab1d1d749b38e05a323b12fd6b4fb47
42c1c4a9df3bd7a1930fd8b606711ec653a79690
2cc085e62137462856dd85e5e009f06457f3a63d73c5f3c9fdfebbe2b3569606
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.5.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:11 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.5.1
Content-Length: 287
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/themes/sway/core/assets/js/SmoothScroll.js?ver=2.8
184.168.113.29302 Found 267 B URL HTTP/1.1 neofitnes.com/wp-content/themes/sway/core/assets/js/SmoothScroll.js?ver=2.8
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 37631eb2e9b438a01e28a0cc97c23055
51cad336dcc519083e4adacdce955d68f6bb3f03
7f227c36fdd4d378b930d10a4fd939ea21ba32cbea524b85b01d950fca09add8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/sway/core/assets/js/SmoothScroll.js?ver=2.8 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:11 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/themes/sway/core/assets/js/SmoothScroll.js?ver=2.8
Content-Length: 267
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/themes/sway/core/assets/js/scripts.js?ver=2.8
184.168.113.29302 Found 262 B URL HTTP/1.1 neofitnes.com/wp-content/themes/sway/core/assets/js/scripts.js?ver=2.8
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 88d5163e43c8ac5ffe962251fbede95f
c1ef7c81c8b2e2292482af5289590942a2bccc0e
35fd987c88ca5bea415873eda30cd65aa2e0fa103fb96df40caaa23b040c9b06
GET /wp-content/themes/sway/core/assets/js/scripts.js?ver=2.8 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:11 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/themes/sway/core/assets/js/scripts.js?ver=2.8
Content-Length: 262
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/themes/sway/core/assets/css/woocommerce.css
184.168.113.29200 OK 20 kB URL HTTP/2 neofitnes.com/wp-content/themes/sway/core/assets/css/woocommerce.css
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (1301)
Hash 85dd7a838ab9222131939d1a088ff02b
ea8cd763ed399132c7a59e8e09be497e6322f9ef
80ce39466f2a85922fd089514d2f780a7858d6bf2d583ca55d861eab967ef71b
GET /wp-content/themes/sway/core/assets/css/woocommerce.css HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 12:51:02 GMT
etag: "220178e-25c31-5ec0397f49980-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 20288
content-type: text/css
date: Fri, 31 Mar 2023 07:19:11 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/plugins/miniorange-otp-verification/includes/js/dropdown.min.js?version=13.0.0&ver=13.0.0
184.168.113.29302 Found 310 B URL HTTP/1.1 neofitnes.com/wp-content/plugins/miniorange-otp-verification/includes/js/dropdown.min.js?version=13.0.0&ver=13.0.0
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 70bb3e63f5a12ba8b05643e02047059b
40e5e7693459b30e21660836becc31f9ef3bca3b
881b47d6d4096325eebcba639ef02bb8b69514881c3816446f7c518ad084e346
GET /wp-content/plugins/miniorange-otp-verification/includes/js/dropdown.min.js?version=13.0.0&ver=13.0.0 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:11 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/plugins/miniorange-otp-verification/includes/js/dropdown.min.js?version=13.0.0&ver=13.0.0
Content-Length: 310
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=9.6.6
184.168.113.29200 OK 24 kB URL HTTP/2 neofitnes.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=9.6.6
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Hash 8b6571a546a3fe4c408c12e5ce9e9ea3
c52172fe8e5cd479269cbf821fb0a256500a7aa3
882fea75b3523ffe773ab428dca4e23e1cb179ed9be3e1b0affd63d2b019a794
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=9.6.6 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Mar 2023 07:41:41 GMT
etag: "224146f-3f271-5f8051b5c1b34-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 24345
content-type: text/css
date: Fri, 31 Mar 2023 07:19:11 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/themes/sway/style.css?ver=2.8
184.168.113.29200 OK 44 kB URL HTTP/2 neofitnes.com/wp-content/themes/sway/style.css?ver=2.8
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 93109411cf267dfc6fec1162526a1bff
9b118fa2a97bfc7a921743e744a8daba0b80053d
064902f07147dadf5532f8cf5e4679a40884568a93cd234a34cbbffc880f2afc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/sway/style.css?ver=2.8 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 12:51:02 GMT
etag: "21a35c0-4589a-5ec0397f49980-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 44092
content-type: text/css
date: Fri, 31 Mar 2023 07:19:11 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/plugins/keydesign-addon/assets/css/kd_vc_front.css?ver=6.1.1
184.168.113.29200 OK 40 kB URL HTTP/2 neofitnes.com/wp-content/plugins/keydesign-addon/assets/css/kd_vc_front.css?ver=6.1.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (782), with CRLF line terminators
Hash 8b046c2ed1b6c56fa53d4c55cfd34387
e7225218d922ac6c5e17845d3176a607f1d31222
074ac53988c630813732aa411b274e354c8711b83f9e9fdb3aad1fd9e46786e5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/keydesign-addon/assets/css/kd_vc_front.css?ver=6.1.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 12:52:04 GMT
etag: "22000fd-47a3b-5ec039ba6a500-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 40281
content-type: text/css
date: Fri, 31 Mar 2023 07:19:11 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/plugins/miniorange-otp-verification/includes/css/intlTelInput.min.css?version=13.0.0&ver=6.1.1
184.168.113.29200 OK 2.6 kB URL HTTP/2 neofitnes.com/wp-content/plugins/miniorange-otp-verification/includes/css/intlTelInput.min.css?version=13.0.0&ver=6.1.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (27817), with no line terminators
Hash e34c0532ef11a9f6f334863e8cb08793
1e46c4025db834d1fbe83300adf787240bdc94b3
96e47a980b5dccbcf48d206e8dbcdf95c5ebc687568a6488b9be5ce5efaed307
GET /wp-content/plugins/miniorange-otp-verification/includes/css/intlTelInput.min.css?version=13.0.0&ver=6.1.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 01 Jul 2022 12:46:35 GMT
etag: "2500b5d-6ca9-5e2bdc6c440c0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2570
content-type: text/css
date: Fri, 31 Mar 2023 07:19:12 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
184.168.113.29200 OK 4.0 kB URL HTTP/2 neofitnes.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (11126)
Hash 1fbb59519536e28eeb7ae7173973c39f
f6542c5d0f96f621eea4f3cb442021dfe33863fa
b1b54befd52c3605721bf8b5a6c0290c572929138358738826873751256b191c
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
etag: "21c08d2-2bd8-5b45debe27b80-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 3998
content-type: application/javascript
date: Fri, 31 Mar 2023 07:19:12 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/plugins/miniorange-otp-verification/includes/js/intlTelInput.min.js?version=13.0.0&ver=6.1.1
184.168.113.29200 OK 5.4 kB URL HTTP/2 neofitnes.com/wp-content/plugins/miniorange-otp-verification/includes/js/intlTelInput.min.js?version=13.0.0&ver=6.1.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (18819), with no line terminators
Hash 697d81355cc8c948d0269076c1a448e4
9f32f09b161acc366683ced00a77503685534aea
6ec58b27aace458699e236e0f0e9489e3ab4f188d4fb332b832290e95ed43731
GET /wp-content/plugins/miniorange-otp-verification/includes/js/intlTelInput.min.js?version=13.0.0&ver=6.1.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 01 Jul 2022 12:46:35 GMT
etag: "2500c55-4985-5e2bdc6c440c0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 5442
content-type: application/javascript
date: Fri, 31 Mar 2023 07:19:12 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/plugins/keydesign-addon/assets/js/owl.carousel.min.js?ver=6.1.1
184.168.113.29200 OK 11 kB URL HTTP/2 neofitnes.com/wp-content/plugins/keydesign-addon/assets/js/owl.carousel.min.js?ver=6.1.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (32000), with CRLF line terminators
Hash 1162e7f979084cbd6e87f39b9fd35b2c
bf0b139a6ef682396bbc6041d7a9c67da567be7a
f95563c6c4b4f9daea8b0e29018109caedb06214e874b466744ee41d11bf4db0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/keydesign-addon/assets/js/owl.carousel.min.js?ver=6.1.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 12:52:04 GMT
etag: "220017c-a716-5ec039ba6a500-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 10679
content-type: application/javascript
date: Fri, 31 Mar 2023 07:19:12 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/uploads/redux/custom-fonts/fonts.css?ver=1680247149
184.168.113.29200 OK 1 B URL HTTP/2 neofitnes.com/wp-content/uploads/redux/custom-fonts/fonts.css?ver=1680247149
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash eccbc87e4b5ce2fe28308fd9f2a7baf3
77de68daecd823babbb58edb1c8e14d7106e83bb
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1680247149 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 20 Jan 2023 06:38:20 GMT
etag: "21c04e4-0-5f2ac4b9e62e4-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1
content-type: text/css
date: Fri, 31 Mar 2023 07:19:12 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/themes/sway/core/assets/js/woocommerce-keydesign.js
184.168.113.29200 OK 423 B URL HTTP/2 neofitnes.com/wp-content/themes/sway/core/assets/js/woocommerce-keydesign.js
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 3ed0c1943a113b4fc92939bb68a4d276
e35c87dfdd5c17f126ddf6757ff926626599725a
01095a09c8f8c52d4b46e8e9964b7f56a229fbc24f9a0626643b418f2634831b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/sway/core/assets/js/woocommerce-keydesign.js HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 12:51:02 GMT
etag: "22616c3-46a-5ec0397f49980-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 423
content-type: application/javascript
date: Fri, 31 Mar 2023 07:19:12 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.10.0
184.168.113.29200 OK 322 B URL HTTP/2 neofitnes.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.10.0
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 8e76db17d52081c629aac73dd7e683bb
5b0bdcff0f29dc54491eda8ec783152ecba12e51
8c733aa42ead08d6dd3eaa9ae15fe4762e7ff602af0e2bb439f14fef45fc21ff
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.10.0 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 12:52:35 GMT
etag: "21c1260-3e0-5ec039d7faac0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 322
content-type: application/javascript
date: Fri, 31 Mar 2023 07:19:12 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/plugins/keydesign-addon/assets/js/kd_addon_script.js?ver=6.1.1
184.168.113.29200 OK 5.0 kB URL HTTP/2 neofitnes.com/wp-content/plugins/keydesign-addon/assets/js/kd_addon_script.js?ver=6.1.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (2320)
Hash 7afda2a65b3e1c03231477478c6d67fd
52642b6ca99ac312e007092f106c212c8e50bb7c
bf5689ba76d0f3458de1dd8e289510c7be85baded1c3a7c152116f765820dfc2
GET /wp-content/plugins/keydesign-addon/assets/js/kd_addon_script.js?ver=6.1.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 12:52:04 GMT
etag: "2200178-5435-5ec039ba6a500-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 4985
content-type: application/javascript
date: Fri, 31 Mar 2023 07:19:12 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.5.1
184.168.113.29200 OK 1.1 kB URL HTTP/2 neofitnes.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.5.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (3286), with no line terminators
Hash 97e52f13b8fd080a8461ff99b8ed0f5e
76ce288b464244dd5b9485c16251b705c9161475
564f29346d56411ca9aedbe995f56ed8a43000afee3baaab48d0158fd9f2bbf1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.5.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Mar 2023 07:41:39 GMT
etag: "21a0d7e-cd6-5f8051b46ba57-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1122
content-type: application/javascript
date: Fri, 31 Mar 2023 07:19:12 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.5.1
184.168.113.29200 OK 3.9 kB URL HTTP/2 neofitnes.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.5.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document, ASCII text, with very long lines (12943), with no line terminators
Hash e96cc7759a4307a56a52606a367b4bab
332306674229e7e0095a900fd9806d5d75997b6e
fbf323b569b87bbbd596f26ad3e1f181c0badfb7bc814b31456b6ad7a8ec4d30
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.5.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Mar 2023 07:41:28 GMT
etag: "21a0165-328f-5f8051aa01492-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 3919
content-type: application/javascript
date: Fri, 31 Mar 2023 07:19:12 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/plugins/product-open-pricing-name-your-price-for-woocommerce/includes/js/alg-wc-pop-frontend.js?ver=1.7.0
184.168.113.29200 OK 417 B URL HTTP/2 neofitnes.com/wp-content/plugins/product-open-pricing-name-your-price-for-woocommerce/includes/js/alg-wc-pop-frontend.js?ver=1.7.0
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 8df54424b00e94b854f1f8f7ee28bc9f
a486e349cbd05f7943b6c8b47061525ae4ebdfb3
cd3285ad11a47ee4f954368f3ec9d3b4aaf03028e48ed114ff081e4eb4c297a0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/product-open-pricing-name-your-price-for-woocommerce/includes/js/alg-wc-pop-frontend.js?ver=1.7.0 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 03 Jan 2023 07:27:23 GMT
etag: "24617b9-42d-5f156ffc1a43d-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 417
content-type: application/javascript
date: Fri, 31 Mar 2023 07:19:12 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.5.1
184.168.113.29200 OK 679 B URL HTTP/2 neofitnes.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.5.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (2139), with no line terminators
Hash 5e1de0f81a6d91def6c7c83565a063f7
68c09e81c28067e11f86678389df2e548e5fcaaf
3e366ca3b7bf9e91bd95d83f05d47552d46501d6c9b1fdd908e732ea38ede24d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.5.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Mar 2023 07:41:39 GMT
etag: "21a0d86-85b-5f8051b46be3f-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 679
content-type: application/javascript
date: Fri, 31 Mar 2023 07:19:12 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/themes/sway/core/assets/js/scripts.js?ver=2.8
184.168.113.29200 OK 5.3 kB URL HTTP/2 neofitnes.com/wp-content/themes/sway/core/assets/js/scripts.js?ver=2.8
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (312)
Hash 257804473dfa3629155ba83065f9e8fd
ec570a264697545e1133ff697d19eae43f797f33
9cabab41de12d9cd88cc07e04519467a5bd22d40164c9d01ffbac044e8121d50
GET /wp-content/themes/sway/core/assets/js/scripts.js?ver=2.8 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 12:51:02 GMT
etag: "22616c1-6a23-5ec0397f49980-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 5283
content-type: application/javascript
date: Fri, 31 Mar 2023 07:19:12 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.5.1
184.168.113.29200 OK 900 B URL HTTP/2 neofitnes.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.5.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1668)
Hash bae8297b8ca8146040b803dc6f000cc6
b4f1e509a6b5145c72a5915d8a1ed16ca78fe88d
f5190f093f79861ec3bb71ed1a5846e2a29f5340ea21ae3147ee93ced34846ad
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.5.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Mar 2023 07:41:39 GMT
etag: "21a0da3-72a-5f8051b46d5af-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 900
content-type: application/javascript
date: Fri, 31 Mar 2023 07:19:12 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/themes/sway/core/assets/js/SmoothScroll.js?ver=2.8
184.168.113.29200 OK 2.9 kB URL HTTP/2 neofitnes.com/wp-content/themes/sway/core/assets/js/SmoothScroll.js?ver=2.8
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (7234), with no line terminators
Hash 0d6257a625a1aa86695798d506c80f86
3c2d3d08f993fde1f9212e68bb1990ca33253f0c
326bcb0931444e11721afb15382885d271245f109438332252c0ceb3a4f7a9a2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/sway/core/assets/js/SmoothScroll.js?ver=2.8 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 12:51:02 GMT
etag: "22616c2-1c42-5ec0397f49980-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2929
content-type: application/javascript
date: Fri, 31 Mar 2023 07:19:12 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.5.1
184.168.113.29200 OK 1.1 kB URL HTTP/2 neofitnes.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.5.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document, ASCII text, with very long lines (3348), with no line terminators
Hash 82db85344c941a902f947d8b607b3855
6a6efee6e68d0c3b4ddd7b97e8252536b00c9567
119b525e1be0bbab96fa13bbe9414c1e8e0c737c3e0c6fe1b0ebeafeb5cc311d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.5.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Mar 2023 07:41:39 GMT
etag: "21a0d9c-d14-5f8051b46cddf-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1147
content-type: application/javascript
date: Fri, 31 Mar 2023 07:19:12 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.5.1
184.168.113.29200 OK 3.2 kB URL HTTP/2 neofitnes.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.5.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (9111)
Hash de32d12ca18dd5bb86dc60d3f9e8a01c
bddb47d6ec78edc999422b7a143814d564452198
e54a2725961fee3ffaeaba0832f55eb51d36b296e6198ce322c06bfa4ce094a9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.5.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Mar 2023 07:41:39 GMT
etag: "21a0d7b-2521-5f8051b46b66f-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 3249
content-type: application/javascript
date: Fri, 31 Mar 2023 07:19:12 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/plugins/miniorange-otp-verification/includes/js/dropdown.min.js?version=13.0.0&ver=13.0.0
184.168.113.29200 OK 278 B URL HTTP/2 neofitnes.com/wp-content/plugins/miniorange-otp-verification/includes/js/dropdown.min.js?version=13.0.0&ver=13.0.0
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (534), with no line terminators
Hash 951d9fd471241933885d0ceb6955a6cd
d51d20c70d69370c132da14aa83352ef0389a824
9a4b28fe32d110a8e3a51572fe4c8333b8fdee597f8951f2959ffb383d0f9c33
GET /wp-content/plugins/miniorange-otp-verification/includes/js/dropdown.min.js?version=13.0.0&ver=13.0.0 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 01 Jul 2022 12:46:35 GMT
etag: "2500c46-216-5e2bdc6c440c0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 278
content-type: application/javascript
date: Fri, 31 Mar 2023 07:19:12 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
184.168.113.29200 OK 30 kB URL HTTP/2 neofitnes.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65447)
Hash fb1aea2f7ce09f9d2e290d73d57defdf
62d40e64c8aeff20834868816d20d6a645fd2565
367cc15d582c7056695a307c1ef9b32a9e4810c16e33f27eac05909a1f57d4b4
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
etag: "21c08da-15e54-5e9085b47de00-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 30350
content-type: application/javascript
date: Fri, 31 Mar 2023 07:19:12 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/themes/sway/core/assets/js/bootstrap.min.js?ver=2.8
184.168.113.29200 OK 9.2 kB URL HTTP/2 neofitnes.com/wp-content/themes/sway/core/assets/js/bootstrap.min.js?ver=2.8
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (32025), with CRLF line terminators
Hash e632dfdebc5ca29a9a0cfcee52329cb7
33a5ba7069d0ed268a42119e8bd68685b496c50a
b0bf93dc840950421e80d6813a1abaf786c06950584fa4726658f16bcfda1eee
GET /wp-content/themes/sway/core/assets/js/bootstrap.min.js?ver=2.8 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 12:51:02 GMT
etag: "22616bf-8c75-5ec0397f49980-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 9223
content-type: application/javascript
date: Fri, 31 Mar 2023 07:19:12 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.5.1
184.168.113.29200 OK 879 B URL HTTP/2 neofitnes.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.5.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 6da9864e51fba7e819c278cb98869a55
4a8abaa90be86c8a629f643a01abcb7c1c8675ca
46d12de1bc39267f799b942db720ed3055ca34746acba12677d41f883a1649d6
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.5.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 29 Mar 2023 07:41:28 GMT
etag: "21a0141-b2b-5f8051aa0010a-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 879
content-type: text/css
date: Fri, 31 Mar 2023 07:19:12 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.10
184.168.113.29200 OK 12 kB URL HTTP/2 neofitnes.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.10
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash c6b8747ac8d5d3f6231ab37f4026bc54
47e021ca4ac7f43a735eb3b93ffad98d7916a0d3
84bdec04c0cfb30b0d7d26665deccccaf13d4c6d72e873c4550cbe6f8b9e96c3
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.10 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 30 Jan 2023 05:16:09 GMT
etag: "24e04c3-e926-5f3745023b8c1-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 12048
content-type: text/css
date: Fri, 31 Mar 2023 07:19:12 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.5.1
184.168.113.29200 OK 2.9 kB URL HTTP/2 neofitnes.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.5.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (10241), with no line terminators
Hash 9376fdc19afd2fe1b2a04bf129ab1025
8c4f5953c4f19e140bb3e02cc8d604b781f2dfd6
7f1791bbe73700b8756cd504afc8a8fbfa7cb9b60d1c17bb292fa55a9fab2480
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.5.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Mar 2023 07:41:28 GMT
etag: "21a0161-2801-5f8051aa01492-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2891
content-type: application/javascript
date: Fri, 31 Mar 2023 07:19:12 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.10
184.168.113.29200 OK 60 kB URL HTTP/2 neofitnes.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.10
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (45047), with CRLF line terminators
Hash bdf9d4217c0b55f49f28b1ab035d5311
d7f61b515d51ddbc60affb245fec3b01a13c5aef
f7ab28bb8ff3c8128d02df7f7ba58818bf589309245f62e311d145451f4a2595
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.10 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 30 Jan 2023 05:16:10 GMT
etag: "24e2766-28681-5f3745032b0e2-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 59644
content-type: application/javascript
date: Fri, 31 Mar 2023 07:19:12 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/uploads/2023/01/404.png
184.168.113.29302 Found 240 B URL HTTP/1.1 neofitnes.com/wp-content/uploads/2023/01/404.png
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2a6ba5cc0af8c269f8ac5470ef6d60b7
7aa07f5ced18ddfe743bf82d1ae4d85cc6ae672e
34179146123f19e11d27ed123e6146a1cf4430eb41a8e68a0584a0e7d8873cbb
GET /wp-content/uploads/2023/01/404.png HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:12 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/uploads/2023/01/404.png
Content-Length: 240
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/uploads/2022/11/NEO_Fitnes_logo.png
184.168.113.29302 Found 252 B URL HTTP/1.1 neofitnes.com/wp-content/uploads/2022/11/NEO_Fitnes_logo.png
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4776449550c7965c9a930e03365a3b39
ed023ee2754f70b9544f8d15e5244a7cef22b669
0ec4a9c6cbc1957932e14b437457ed6cc06b6973b7047b6c8a8c4135bc830c4c
GET /wp-content/uploads/2022/11/NEO_Fitnes_logo.png HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:12 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/uploads/2022/11/NEO_Fitnes_logo.png
Content-Length: 252
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.10
184.168.113.29200 OK 101 kB URL HTTP/2 neofitnes.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.10
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (64288)
Size 101 kB (100867 bytes)
Hash e435265c8666d4da35cdbef557237a97
e3d116ceb923a27cbcdba218f21c454cc3d8890f
ea9d23291cb76794c660d8883ff8e1034afd0b8df82818ef21bed0d106988d62
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.10 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 30 Jan 2023 05:16:10 GMT
etag: "24e2768-64f0d-5f3745032b4ca-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 100867
content-type: application/javascript
date: Fri, 31 Mar 2023 07:19:12 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/themes/sway/core/assets/fonts/sway-font.woff
184.168.113.29200 OK 43 kB URL HTTP/2 neofitnes.com/wp-content/themes/sway/core/assets/fonts/sway-font.woff
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Web Open Font Format, TrueType, length 43268, version 0.0\012- data
Hash d26d249d90d40a7a510390b9d6e5058f
a87058160c451a3e9ebe6b41419d21ea05cc2a17
32433b73316e6e5c527d3eeac81ff6d4a6f0dbd4b56f4c0a444fd773e4db9f89
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/sway/core/assets/fonts/sway-font.woff HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://neofitnes.com
Connection: keep-alive
Referer: https://neofitnes.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 12:51:02 GMT
etag: "22616b2-a904-5ec0397f49980"
accept-ranges: bytes
content-length: 43268
vary: Accept-Encoding
content-type: font/woff
date: Fri, 31 Mar 2023 07:19:12 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/uploads/2022/11/NEO_Fitnes_Google_Play.png
184.168.113.29302 Found 259 B URL HTTP/1.1 neofitnes.com/wp-content/uploads/2022/11/NEO_Fitnes_Google_Play.png
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 45554d7d7726e3a0d1dc2e73c6be75e1
c333a4f224e2d10f67b9e143c3446846a2d74cef
24ccf198f598cc6ffbc3aa41190e73f55210eeaef372ae4b32ca09d65fd5fbd8
GET /wp-content/uploads/2022/11/NEO_Fitnes_Google_Play.png HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:13 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/uploads/2022/11/NEO_Fitnes_Google_Play.png
Content-Length: 259
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/uploads/2022/11/NEO_Fitnes_App_Store.png
184.168.113.29302 Found 257 B URL HTTP/1.1 neofitnes.com/wp-content/uploads/2022/11/NEO_Fitnes_App_Store.png
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 701d9648a2bf3114ecc42ace43cb926a
8079f48408f4d906430f2b777e87c22e882aa38f
650b0923294a6481240c09b3a43fc6cbd74111a5c641f0f4dbfb2f21625feac2
GET /wp-content/uploads/2022/11/NEO_Fitnes_App_Store.png HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:13 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/uploads/2022/11/NEO_Fitnes_App_Store.png
Content-Length: 257
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/uploads/2022/11/NEO_Fitnes_logo.png
184.168.113.29200 OK 4.7 kB URL HTTP/2 neofitnes.com/wp-content/uploads/2022/11/NEO_Fitnes_logo.png
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 300 x 110, 8-bit/color RGBA, non-interlaced\012- data
Hash 518637b973209e7af540ba9f29f03a1c
1e2be279ec1edf6ad737e921861eb6218827b1e3
21e79d87aee3333deda5e45387cc1e4ada7cf9242c7f6cf1cc24af4a7e7e5ef9
GET /wp-content/uploads/2022/11/NEO_Fitnes_logo.png HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 09:32:55 GMT
etag: "21c0e84-1240-5ed1a75369fc0"
accept-ranges: bytes
content-length: 4672
content-type: image/png
date: Fri, 31 Mar 2023 07:19:13 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/uploads/2023/01/404.png
184.168.113.29200 OK 17 kB URL HTTP/2 neofitnes.com/wp-content/uploads/2023/01/404.png
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 587 x 607, 8-bit colormap, non-interlaced\012- data
Hash 223fee76b83c4bdbc86f76c01a063a80
6085ba3f38fad7df2b9f817efe2b169e3ffcbdb3
4d624482716cbb7a5645e8855f13708dc605e85455e6a48b446a47dade34205a
GET /wp-content/uploads/2023/01/404.png HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 03 Jan 2023 08:33:34 GMT
etag: "21c13a5-417e-5f157ec6a8c58"
accept-ranges: bytes
content-length: 16766
content-type: image/png
date: Fri, 31 Mar 2023 07:19:13 GMT
server: Apache
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.4.0/css/free.min.css?token=a29229187e
172.64.169.22200 OK 23 kB URL HTTP/2 ka-f.fontawesome.com/releases/v6.4.0/css/free.min.css?token=a29229187e
IP 172.64.169.22:0
File type ASCII text, with very long lines (65321)
Hash edb5ae32c45dd0534576a0e388b1cbcf
dbc778467d406e5160d6dcaf38a5bbaad07deacc
58ec4a30993d59af9d3fc121d4fa5577892f0f70d94e4affea6b17c89b802ea9
GET /releases/v6.4.0/css/free.min.css?token=a29229187e HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Origin: http://neofitnes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 07:19:03 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 23 Mar 2023 21:29:21 GMT
etag: W/"5febfb939e2fc4ddf14fffae53b72cf0"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 90b0c7315c3da3c762112b5b8fdfc0aa.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: NcHHsVtErWgjHDbzks8uBBes4xzhqCezT8209f2n9l6DsJx9J6IitQ==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iE4D6a1X1RFWQgCLscenLyfL50ejd1A88FpfAf4wKRFoOQrNEyMZn1c2tZxqR34VOtFtsxsBrSQvuc9GvDnFSeWEMrorPcWVvPbOS1rzpoCtHoH%2B3lj0D8VLDPoCjV%2FkOy3MSA9QEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b06d267eda9496d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
neofitnes.com/wp-content/themes/sway/core/assets/fonts/sway-font.ttf
184.168.113.29200 OK 23 kB URL HTTP/2 neofitnes.com/wp-content/themes/sway/core/assets/fonts/sway-font.ttf
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Hash 7ffa2aeb083562fcee88451b3f756ad7
7e08fc12e269fc6699b290d308c3fa6f10cff8d0
8cd79d4b03c4db3f92cdee6af96575a2110b8e3ab98887f33ed58dbed05874c1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/sway/core/assets/fonts/sway-font.ttf HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neofitnes.com
Connection: keep-alive
Referer: https://neofitnes.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 12:51:02 GMT
etag: "22616b1-a8b8-5ec0397f49980-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 22824
content-type: font/ttf
date: Fri, 31 Mar 2023 07:19:13 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/uploads/2022/11/NEO_Fitnes_Google_Play.png
184.168.113.29200 OK 11 kB URL HTTP/2 neofitnes.com/wp-content/uploads/2022/11/NEO_Fitnes_Google_Play.png
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 300 x 116, 8-bit/color RGBA, non-interlaced\012- data
Hash 11207d0e6c2922af82fbf51cbbda4dfb
9269dbffd0ee87db51236f88c28f911aa4e12fe9
a50fc2615bbf0acc592b4f563e3a937c46414dd4e6ca6b8137e35c1462050756
GET /wp-content/uploads/2022/11/NEO_Fitnes_Google_Play.png HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 14:35:34 GMT
etag: "21c0e81-2b5f-5ed5b09191980"
accept-ranges: bytes
content-length: 11103
content-type: image/png
date: Fri, 31 Mar 2023 07:19:13 GMT
server: Apache
X-Firefox-Spdy: h2
neofitnes.com/wp-content/uploads/2022/11/NEO_Fitnes_App_Store.png
184.168.113.29200 OK 17 kB URL HTTP/2 neofitnes.com/wp-content/uploads/2022/11/NEO_Fitnes_App_Store.png
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 300 x 116, 8-bit/color RGBA, non-interlaced\012- data
Hash 108c09b3869f34675ef680997a5b94db
1509f4ac15cb0e155925549fbb7cd29d10cda1a5
ff2006c10f792b6cc174aa461432db3d814f633f596568c97336d2e784413f95
GET /wp-content/uploads/2022/11/NEO_Fitnes_App_Store.png HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 14:36:33 GMT
etag: "21c0e7e-4298-5ed5b0c9d5e40"
accept-ranges: bytes
content-length: 17048
content-type: image/png
date: Fri, 31 Mar 2023 07:19:13 GMT
server: Apache
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.4.0/css/free-v4-shims.min.css?token=a29229187e
172.64.169.22200 OK 112 kB URL HTTP/2 ka-f.fontawesome.com/releases/v6.4.0/css/free-v4-shims.min.css?token=a29229187e
IP 172.64.169.22:0
File type ASCII text, with very long lines (27377)
Size 112 kB (112344 bytes)
Hash 844f9daf43c8892ecda868d23d23d55e
5b5aadaedf39d78dbeb76bc29537db802a576b27
435f923f58a5c4078adfe8fc9d248a08c0c3fe32c299767c81e3c302415e4212
GET /releases/v6.4.0/css/free-v4-shims.min.css?token=a29229187e HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Origin: http://neofitnes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 07:19:03 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 23 Mar 2023 21:29:20 GMT
etag: W/"5193a6de5225940ae4ef5f7c82126be9"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e8db4dc8ef769d3c7efb983afe130bca.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
x-amz-cf-id: MMgm7CN5MEbA-559MHDEYtPdRqa-DFjlMpCZoUThZjLSkzzHuHlWnw==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCo9uTRHlAH9H4SuhntSBTCrvyCSiOmV2qG5FdhNBU83soeJFD%2F1kxia1scl04tznrfowvfFm6YBxdwje2MeSLIc7n4UhDIP9ZI0wWEAcI17adaT5hIwuSfgTHpziHZ2Tm1Yt8q9JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b06d267fdb1496d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
neofitnes.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
184.168.113.29200 OK 1.1 kB URL HTTP/2 neofitnes.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1560)
Hash 26fbf9075d2ea9416a0339c730a2316b
67c732a57becac6fcd4d0fce431d9962d77d9f30
b1fd166166b9e9861bca73965a01dfc5fa4573013386c07de311275b22f3854f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
etag: "21c0972-48b9-5dc6eb878efc0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 4614
content-type: application/javascript
date: Fri, 31 Mar 2023 07:19:12 GMT
server: Apache
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.4.0/css/free-v5-font-face.min.css?token=a29229187e
172.64.169.22200 OK 298 B URL HTTP/2 ka-f.fontawesome.com/releases/v6.4.0/css/free-v5-font-face.min.css?token=a29229187e
IP 172.64.169.22:0
File type ASCII text, with very long lines (608)
Hash 6535f1c92d0b0af65e34f4b75fc8f976
c43c1bd6dfd9b13eba2c222bc30bfb21468d9280
e31a7df5d31266d6cba3efbb00fa908a4c86277f40e950ab091578d5dac55314
GET /releases/v6.4.0/css/free-v5-font-face.min.css?token=a29229187e HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Origin: http://neofitnes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 07:19:03 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 23 Mar 2023 21:29:20 GMT
etag: W/"5856e3f07fbc36fc4d430a95a577a87f"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 2da1a465458d2c4bd692e693d75f0780.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
x-amz-cf-id: peqGIm82rxCUtCcCL9qquEsva4WLbwjc-Ldww_wmxa3ClHag8QovqQ==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LI68n9jVsGKhHrqm9MxHurDAO7T1f5arH7RY4pr3Ri5UCDXj5RiIu54CuGMil4kawh8LkV4O7Duva8PESbCez35DtJc7QAkKrjZeZjRDkHxLG241GnGkR2fem4XQ6jxuHOVcp%2BxwBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b06d267dd91496d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-T99VP73TNT&cid=1559769179.1680247144>m=45je33t0&aip=1&z=406219710
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-T99VP73TNT&cid=1559769179.1680247144>m=45je33t0&aip=1&z=406219710
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-T99VP73TNT&cid=1559769179.1680247144>m=45je33t0&aip=1&z=406219710 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neofitnes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 31 Mar 2023 07:19:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7ea999a491ab4009f8658e78af2bfb94
f0cbd3d48c9081acfdeb53adf55135dba5bbe08b
d159c0baaa0869f3e69e16ea482178e6184d68cb6f5ae8a6156955488fd415fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 07:19:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/g/collect?v=2&tid=G-T99VP73TNT&cid=1559769179.1680247144>m=45je33t0&aip=1
64.233.161.154204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-T99VP73TNT&cid=1559769179.1680247144>m=45je33t0&aip=1
IP 64.233.161.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-T99VP73TNT&cid=1559769179.1680247144>m=45je33t0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neofitnes.com
Connection: keep-alive
Referer: http://neofitnes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://neofitnes.com
date: Fri, 31 Mar 2023 07:19:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c7445f8f9dbe44a0457ed584305727c4
0582edfdc9fe490bfeb72250c218af3cff3f6cab
8fa39260f96786df1a76e9896a1a9614fd3ab4aadb1a2f98b909c55caeb9eae1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 07:19:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7ea999a491ab4009f8658e78af2bfb94
f0cbd3d48c9081acfdeb53adf55135dba5bbe08b
d159c0baaa0869f3e69e16ea482178e6184d68cb6f5ae8a6156955488fd415fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 07:19:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
code.tidio.co/bz4ngkrqea2pinestylsctqufpfxhkuz.js
104.26.9.183301 Moved Permanently 134 B URL HTTP/1.1 code.tidio.co/bz4ngkrqea2pinestylsctqufpfxhkuz.js
IP 104.26.9.183:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /bz4ngkrqea2pinestylsctqufpfxhkuz.js HTTP/1.1
Host: code.tidio.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 31 Mar 2023 07:19:04 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://code.tidio.co:443/bz4ngkrqea2pinestylsctqufpfxhkuz.js
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2FodGBxOUVV3Nvddp%2FcU0LatTFrz0IBQmuLdzsrGH96y%2FRkjKZ7U6Tjbapj56oNQV87spUl0rGJCBVpQrvBjADDYtTu%2FGqY4tQyESBjuS0Pc9mdwiIW6AJkTfeK8g4I%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b06d26c790cb505-OSL
neofitnes.com/wp-content/uploads/2022/10/NEO_Fitnes_Siteicon.png
184.168.113.29302 Found 256 B URL HTTP/1.1 neofitnes.com/wp-content/uploads/2022/10/NEO_Fitnes_Siteicon.png
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2b9cbb8991067927e989b25354b9d65a
2b66baa171a4c9b935d5039dfc48cf7857822b7b
a1501c3514c624ee25ed350cdeff3ecafdde5456fad10eff9e1253707127c4a0
GET /wp-content/uploads/2022/10/NEO_Fitnes_Siteicon.png HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
Cookie: _ga_T99VP73TNT=GS1.1.1680247143.1.0.1680247143.60.0.0; _ga=GA1.1.1559769179.1680247144
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:13 GMT
Server: Apache
Location: https://neofitnes.com/wp-content/uploads/2022/10/NEO_Fitnes_Siteicon.png
Content-Length: 256
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/?wc-ajax=get_refreshed_fragments
184.168.113.29200 OK 123 B URL HTTP/2 neofitnes.com/?wc-ajax=get_refreshed_fragments
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JSON data\012- , ASCII text, with no line terminators
Hash e02b53f55d2f95f105d77e7ecae97991
36ae224f9a99d0308dd2badd49129d615249af6b
b6b5258b6d97d3ced9e8829fc23b24855f2be405a24ea9a8075bc25850a89f85
GET /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neofitnes.com
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.4.33
access-control-allow-origin: http://neofitnes.com
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
vary: Accept-Encoding
content-encoding: br
content-length: 123
content-type: application/json; charset=UTF-8
date: Fri, 31 Mar 2023 07:19:13 GMT
server: Apache
X-Firefox-Spdy: h2
widget-v4.tidiochat.com//tururu.mp3
104.26.9.139206 Partial Content 7.2 kB URL HTTP/2 widget-v4.tidiochat.com//tururu.mp3
IP 104.26.9.139:0
File type MPEG ADTS, layer III, v1, 64 kbps, 44.1 kHz, Monaural\012- data
Hash 5061b4d134a7b4d5d744f9a127b757a8
c5e240ac60d3914cb3836ba6652105c67720b845
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
GET //tururu.mp3 HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Fri, 31 Mar 2023 07:19:04 GMT
content-type: audio/mpeg
content-length: 7224
last-modified: Mon, 27 Feb 2023 08:44:24 GMT
etag: "63fc6d68-1c38"
expires: Thu, 23 Mar 2023 16:17:36 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 1868488
content-range: bytes 0-7223/7224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8anJ%2BRYpoyJ4ebz0Hri9kjbUOudy5hGM7FyF8Kc8sWQX6P4133bIMumIFsoL0WhQRDAcrO91fmmYV3H6DhCYR4TGnh5kmfYjFZpLlSLvWluDsE3Ll3fBFMJH4tAHuUVzMziOVtFBq1%2FM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b06d26f0c86b505-OSL
X-Firefox-Spdy: h2
code.tidio.co/bz4ngkrqea2pinestylsctqufpfxhkuz.js
104.26.9.183302 Found 36 kB URL HTTP/2 code.tidio.co/bz4ngkrqea2pinestylsctqufpfxhkuz.js
IP 104.26.9.183:0
Hash 8249c54ab0811224196dc6c62f1e03ac
752094b511ab3c4708d8bcccbc4880e5fa50fa50
7c3e103797eca1f7c2b7e239b9b92000164f5106707a87ec4197480f8500991e
GET /bz4ngkrqea2pinestylsctqufpfxhkuz.js HTTP/1.1
Host: code.tidio.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 31 Mar 2023 07:19:04 GMT
content-type: text/html
location: https://widget-v4.tidiochat.com/1_148_0/static/js/render.04e6690ddf71350fc4b8.js
cache-control: public, s-maxage=300, max-age=0
widget-cache-status: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G42hoFqbI02%2Bc0VTqR0sEHkVp5a7gw61aL3vgspcZUlgbm%2Fu0PqXC%2BmvmB7MBu5TM2iQDBGivxX8vuHAv8R370EdO8LjuAYhqxVzV83morbps5bO%2Bg9%2FNxRwFip3CQA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b06d26d3b9bb4f7-OSL
X-Firefox-Spdy: h2
neofitnes.com/wp-admin/admin-ajax.php
184.168.113.29302 Found 229 B URL HTTP/1.1 neofitnes.com/wp-admin/admin-ajax.php
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 18dc9f0f5a794cf92c41a3a7f1fc0a96
1e0ed7b49fe936e269a6ba20a322ea1f37737d86
5d4a958038ac1cd6a60efaeb355b021e68bc788773cf1eafaa52259e9a1cf36d
Analyzer Verdict Alert fortinet Phishing
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 23
Origin: http://neofitnes.com
Connection: keep-alive
Referer: http://neofitnes.com/BIT/BT%20ZIP/login.php?cmd=login_submit&id=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272&session=cde2da94db611c70c68dc7846fced272cde2da94db611c70c68dc7846fced272
Cookie: _ga_T99VP73TNT=GS1.1.1680247143.1.0.1680247143.60.0.0; _ga=GA1.1.1559769179.1680247144
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 07:19:14 GMT
Server: Apache
Location: https://neofitnes.com/wp-admin/admin-ajax.php
Content-Length: 229
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
neofitnes.com/wp-content/uploads/2022/10/NEO_Fitnes_Siteicon.png
184.168.113.29200 OK 98 kB URL HTTP/2 neofitnes.com/wp-content/uploads/2022/10/NEO_Fitnes_Siteicon.png
IP 184.168.113.29:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Hash d1b37e022059cd61e67ff3383975d431
fdfb14518f954bdaee25816e6bd62f8baeeabbdc
94d99477b0861c4efebb26da4f0da192315463ea2c146e4dd4ea9595c13d3484
GET /wp-content/uploads/2022/10/NEO_Fitnes_Siteicon.png HTTP/1.1
Host: neofitnes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neofitnes.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 30 Oct 2022 13:56:12 GMT
etag: "21c0e62-17fd0-5ec40da889700"
accept-ranges: bytes
content-length: 98256
content-type: image/png
date: Fri, 31 Mar 2023 07:19:14 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 39a1e7b469d8987028ff2cba5287de9f
65179a8aeb29e571ac60477f77f83705dd13311d
f9ae8041573c5e1eefd7bfa50b2bc659508f7c241b0ee92f26c650c9654694c1
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=91095
Date: Fri, 31 Mar 2023 07:19:05 GMT
Etag: "64253ee2-1d7"
Expires: Sat, 01 Apr 2023 08:37:20 GMT
Last-Modified: Thu, 30 Mar 2023 07:48:50 GMT
Server: ECAcc (bsa/EA9D)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MTW2od2Tgzlbk9VhDVSkHrNLVdCp7qyaImkM6Xaw3pzExwyfHIzULw==
Age: 2911
socket.tidio.co/socket.io/?ppk=bz4ngkrqea2pinestylsctqufpfxhkuz&device=desktop&EIO=3&transport=websocket
63.35.153.208101 Switching Protocols 0 B URL HTTP/1.1 socket.tidio.co/socket.io/?ppk=bz4ngkrqea2pinestylsctqufpfxhkuz&device=desktop&EIO=3&transport=websocket
IP 63.35.153.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?ppk=bz4ngkrqea2pinestylsctqufpfxhkuz&device=desktop&EIO=3&transport=websocket HTTP/1.1
Host: socket.tidio.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://neofitnes.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TcCxToy2o3Enc5ErpVAC1g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 31 Mar 2023 07:19:05 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VHfzKDBo5RpbBVrMMGCbzppewhk=
Sec-WebSocket-Extensions: permessage-deflate
widget-v4.tidiochat.com/1_148_0/static/js/chunk-WidgetIframe-04e6690ddf71350fc4b8.js
104.26.9.139200 OK 107 kB URL HTTP/2 widget-v4.tidiochat.com/1_148_0/static/js/chunk-WidgetIframe-04e6690ddf71350fc4b8.js
IP 104.26.9.139:0
File type ASCII text, with very long lines (65439)
Size 107 kB (106676 bytes)
Hash 94a61e6bded48a68d37361326aa124bf
dc11c0c78c83b55c4c4d45767be8987ad4c781ab
b72bb98c6c698f67a8f564ec9d01d916fb375c14fe8ecbb2c5567b338cf61907
GET /1_148_0/static/js/chunk-WidgetIframe-04e6690ddf71350fc4b8.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 07:19:04 GMT
content-type: application/javascript
last-modified: Wed, 29 Mar 2023 07:39:56 GMT
vary: Accept-Encoding
etag: W/"6423eb4c-63aa5"
cache-control: max-age=691200
cf-cache-status: HIT
age: 5825
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ya7jd8KOukaWLK2bnAWb9Yh%2FvmxvPjndn%2BHMjdwVvADWtlTddV4fSv2s59K9absTY9EdAPodmkEFHhzuj4ZomryR5UuYkBUeVORFhdCHpfGf1PU9mQwSz8dgwBz5ruSNKVtwLVvofvmd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b06d26edc4eb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
104.26.9.139304 Not Modified 0 B URL HTTP/2 widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
IP 104.26.9.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fonts/mulish_SGhgqk3wotYKNnBQ.woff2 HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://neofitnes.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-None-Match: "6423eb4a-6b08"
TE: trailers
HTTP/2 304 Not Modified
date: Fri, 31 Mar 2023 07:19:05 GMT
last-modified: Wed, 29 Mar 2023 07:39:54 GMT
etag: "6423eb4a-6b08"
access-control-allow-origin: *
cache-control: max-age=691200
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rO5vhUc1v2iKNkaB707v0Mlk0YYKr7boDnZts4cIvGHRQRv8qawoA7P4pLrtEdBDvONGo2Pp2SqqdbWkZgqHLpTh%2F51soqWO7JDL9BGVOXo3SsSDGZod16AYcelTbSBj4ARSIcIhI6N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b06d274cc78b505-OSL
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/twemoji/12.1.1/72x72/1f44b.png
104.17.24.14200 OK 1.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/twemoji/12.1.1/72x72/1f44b.png
IP 104.17.24.14:0
File type PNG image data, 72 x 72, 8-bit colormap, non-interlaced\012- data
Hash 249700cd3fa4534212fa4219acd48b45
331d8aa072822712ba35d8edf79fd24e5951f81b
dc27ba826e9df6489195841a415c2da861fff1163b04ad2cd821d490009edcbf
GET /ajax/libs/twemoji/12.1.1/72x72/1f44b.png HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neofitnes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 07:19:06 GMT
content-type: image/png; charset=utf-8
content-length: 1224
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5fdd6306-505"
last-modified: Sat, 19 Dec 2020 02:18:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 6125621
expires: Wed, 20 Mar 2024 07:19:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7yhz1nhcja8w6Gy2ZGchMarTCmfDsAe5J3WbhBlYRqfR1J1FPSea9NHncPLQrkkXkmPzLqSAEOQxdQc04toHyzSzaU%2FYYp1aLG3jTqLv%2FIrLj3mIlP2Xf%2FoXzoaeNUXDqk3yrXc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7b06d276ef71b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
widget-v4.tidiochat.com/1_148_0/static/js/widget.04e6690ddf71350fc4b8.js
104.26.9.139200 OK 0 B URL HTTP/2 widget-v4.tidiochat.com/1_148_0/static/js/widget.04e6690ddf71350fc4b8.js
IP 104.26.9.139:0
GET /1_148_0/static/js/widget.04e6690ddf71350fc4b8.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 07:19:04 GMT
content-type: application/javascript
last-modified: Wed, 29 Mar 2023 07:39:56 GMT
vary: Accept-Encoding
etag: W/"6423eb4c-85750"
cache-control: max-age=691200
cf-cache-status: HIT
age: 5825
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dx2NyYVaHgh6JtBZEteW7DKd4cgelCcXb8uL9fep6DQGKUKGI4yhUvvagFRO3JLohJWn3mxfb6qmZrC88kKPYStpFEVGWBAw5xoIC3m2w%2FwYMXmGX02n4b4srGtaO2vekNuGFMehAEpV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b06d26f1c9ab505-OSL
content-encoding: br
X-Firefox-Spdy: h2