r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17026
Expires: Sun, 05 Feb 2023 14:59:18 GMT
Date: Sun, 05 Feb 2023 10:15:32 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8505
Expires: Sun, 05 Feb 2023 12:37:17 GMT
Date: Sun, 05 Feb 2023 10:15:32 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 09:36:17 GMT
content-type: application/json
age: 2355
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5245
Expires: Sun, 05 Feb 2023 11:42:57 GMT
Date: Sun, 05 Feb 2023 10:15:32 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: eNCjtkRXRdwYa7myiRBO0/ysWm2bL0QHAdxc3ZvtP91ZTGrBADleTMSxiY8xTB7U0i/8jpp318Y=
x-amz-request-id: Z3YYNWNS452N164V
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 09:53:13 GMT
age: 1339
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
162.0.229.222301 Moved Permanently 707 B URL HTTP/1.1 hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
IP 162.0.229.222:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
GET /advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sun, 05 Feb 2023 10:15:32 GMT
server: LiteSpeed
location: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
x-turbo-charged-by: LiteSpeed
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 10:15:32 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 10:07:20 GMT
age: 492
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 1bfa40dc667f253b517ba0171cc39a00
4178c2bc3a0f73f15bf550b996639721c2649318
e0d23221d8aa2dc054cebd0c8a65d7deb1a8e62b9ae2e75a69ded3116b71b270
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:15:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 03:26:20 GMT
Expires: Fri, 10 Feb 2023 03:26:19 GMT
Etag: "4178c2bc3a0f73f15bf550b996639721c2649318"
Cache-Control: max-age=406846,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794ae2ae6fd8b4f3-OSL
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14068
Expires: Sun, 05 Feb 2023 14:10:01 GMT
Date: Sun, 05 Feb 2023 10:15:33 GMT
Connection: keep-alive
push.services.mozilla.com/
52.43.228.5101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.228.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bUTrdraqbTk8pA72EZP2BA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GkxU+n1b8cq3ND055uXUoLwFmK4=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8386
Expires: Sun, 05 Feb 2023 12:35:20 GMT
Date: Sun, 05 Feb 2023 10:15:34 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8386
Expires: Sun, 05 Feb 2023 12:35:20 GMT
Date: Sun, 05 Feb 2023 10:15:34 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8386
Expires: Sun, 05 Feb 2023 12:35:20 GMT
Date: Sun, 05 Feb 2023 10:15:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b3e7140400336984afc6093c1246f863
59e0b21cdf4cfdac3f1ea05badd007727939ac42
4d927e74922159db5d07b9947fa1021cff74bb7b55759960cb3941d05c1e8f11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9579
x-amzn-requestid: 377c182d-43e8-4251-8731-6364d29fb955
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRFs0oAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-1ad3e68f50fc15707ec0406a;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sUtUjqOLpq42m22bLgmLggmPbtatZC01og_xzkVI1o8rJtAnvhvqHA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 14:15:26 GMT
age: 72008
etag: "59e0b21cdf4cfdac3f1ea05badd007727939ac42"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7fff69db25a1c7a3fbe154a3c80ac5aa
638e08807f73b70ab87b804816f9eb3e8dd2aa74
be96b347ba90dda9c39975077d963ff875831a14a4269e28edc0d2f80928bba6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: af4c4533-48b8-4b02-951a-3e61933fb126
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3fyFrMoAMFr_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c64-0346b30d0ded67912070f671;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:06:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IJBXK8DSlmaj48MVSTo-8A69jOe3x2cvnZYRLfyXZ7jZWqsMbTZsEg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:26 GMT
age: 45128
etag: "638e08807f73b70ab87b804816f9eb3e8dd2aa74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7a466d89c75ff3459b7328591db52cf
c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb
e73243be3d01d12a224c4e9826c4f52610cf7722eee69f62755278d7550705f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3474
x-amzn-requestid: 5846c080-9f25-4590-863c-8af2126cdbe1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WXEEbnoAMFRdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded0f9-1bd490125feadc14366e7ca0;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:41:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: d8aQmkW-aqLFpb79RynlJG2vY1GTDbjLNY0Qukgg_WIjdI6cmbVKFw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:51:26 GMT
age: 44648
etag: "c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5beaead015b2b4fb6d36009926ba0378
67e7c49ea7648fc6d1dffc22588862c993b785b7
6ae0cec9ade23fd53e9c1407b0324a8060892a65a6b675ccffa4a4c82b66f1ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 280f7003-2696-4a82-bd50-82b0a2b66faf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fsSpoEA0oAMFSBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db3170-35dcb9513c891af201b973d1;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 03:43:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IxfTibTq6T_wq9a5YCIBZLBb70BI7AOLEAYMYYuMZPhvVKjDbFfrvA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:52:08 GMT
etag: "67e7c49ea7648fc6d1dffc22588862c993b785b7"
content-type: image/jpeg
age: 44606
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8e0be7db14d930d6227443314bcd1747
4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d
baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12967
x-amzn-requestid: 013fa296-a431-410b-b3fb-7417b3e877eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpIQAFCMIAMF0Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9ed99-2e1daa8b75977de07c48b8fc;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 04:42:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UzQGDCYe_8AuYYLaLSAWzHQhwJMpzpXWbjE5AwukevW6G6SLDxDjmA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 03:42:59 GMT
age: 23555
etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b6c30ad03669b66bf2f63b3edd69882
e630bd132b52b965a5ade646ea8a165d1abf6d7b
f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 11:30:27 GMT
age: 81907
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:15:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:15:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-179584278-1
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-179584278-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (1759)
Hash a84ada58d22c0d668924a1e95cd38042
ce00403da2122e796a061ede112f170f6b179249
fc2a9c70a104ff63ab704082a899a48d3d06b5b7756402b679ce57f26871d4b1
GET /gtag/js?id=UA-179584278-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 Feb 2023 10:15:35 GMT
expires: Sun, 05 Feb 2023 10:15:35 GMT
cache-control: private, max-age=900
last-modified: Sun, 05 Feb 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43888
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
unpkg.com/leaflet@1.3.4/dist/leaflet.js?ver=1.3.4
104.16.123.175302 Found 42 kB URL HTTP/2 unpkg.com/leaflet@1.3.4/dist/leaflet.js?ver=1.3.4
IP 104.16.123.175:0
Hash 444f755361f08203e1df9794777a923a
303c910bf031fe7aa511836e7bafd603acb2f65a
58ddbcf283a7cc3a052b1cf271e5248702a848111391cec36937ecdf2de8c186
GET /leaflet@1.3.4/dist/leaflet.js?ver=1.3.4 HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 05 Feb 2023 10:15:35 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /leaflet@1.3.4/dist/leaflet.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GRGGWAX2T5ZV5MN3M9AXTM11-fra
cf-cache-status: HIT
age: 313
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794ae2bfb992b4eb-OSL
X-Firefox-Spdy: h2
hajjproperties.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
162.0.229.222200 OK 12 kB URL HTTP/2 hajjproperties.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 162.0.229.222:0
File type ASCII text, with very long lines (47826)
Hash c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: text/css
last-modified: Sun, 15 Jan 2023 22:39:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 11616
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-includes/css/classic-themes.min.css?ver=1
162.0.229.222200 OK 217 B URL HTTP/2 hajjproperties.com/wp-includes/css/classic-themes.min.css?ver=1
IP 162.0.229.222:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: text/css
last-modified: Sun, 15 Jan 2023 22:39:52 GMT
accept-ranges: bytes
content-length: 217
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:15:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hajjproperties.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.3
162.0.229.222200 OK 870 B URL HTTP/2 hajjproperties.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.3
IP 162.0.229.222:0
Hash db1891276028bf4b41d1e27e86517147
00b1fb3f26fd4b31d4ea0bf6ef5fb87e7a643d74
9351dbbea3e724e73cde04476a06a98a726c0b341c4cbe4a40354c4752494e5d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.3 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: text/css
last-modified: Thu, 26 Jan 2023 10:30:29 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 870
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/plugins/ultimate-social-media-icons/css/sfsi-style.css?ver=2.8.0
162.0.229.222200 OK 12 kB URL HTTP/2 hajjproperties.com/wp-content/plugins/ultimate-social-media-icons/css/sfsi-style.css?ver=2.8.0
IP 162.0.229.222:0
Hash 8984613f53a109cc01f6894ec1a4e934
629668fa02d3618bb28143538d2702213ad4f39b
f12987808aca5600c5f572bacfdc190cd554ed9655c18a8bfe5ee528a099e8a8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-social-media-icons/css/sfsi-style.css?ver=2.8.0 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: text/css
last-modified: Tue, 29 Nov 2022 00:18:15 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 12300
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/themes/realhomes/style.css?ver=4.0.0
162.0.229.222200 OK 484 B URL HTTP/2 hajjproperties.com/wp-content/themes/realhomes/style.css?ver=4.0.0
IP 162.0.229.222:0
File type ASCII text, with very long lines (307)
Hash 9f76db7fcd555509502141f52b87c963
8057febf58ec1e417f0c1efc37671a2e4d285785
e43e2e26692ad0acb2542c8c771a747081d7bb13f0104610207654dd79d44a86
GET /wp-content/themes/realhomes/style.css?ver=4.0.0 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: text/css
last-modified: Mon, 16 Jan 2023 14:33:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 484
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
162.0.229.222404 Not Found 33 kB URL HTTP/2 hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
IP 162.0.229.222:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (9612)
Hash 69b8d2d8b96f54a3a6ecb7b32e08c5ea
7699cdcaa06db0f673208ed46c1961f37317563b
8d83df865291338149888b2906386533142bada7d91baf4dc0413951c610df1c
Analyzer Verdict Alert fortinet Malware
GET /advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://hajjproperties.com/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/plugins/quick-and-easy-testimonials/public/css/quick-and-easy-testimonials-public.css?ver=1.1.0
162.0.229.222200 OK 333 B URL HTTP/2 hajjproperties.com/wp-content/plugins/quick-and-easy-testimonials/public/css/quick-and-easy-testimonials-public.css?ver=1.1.0
IP 162.0.229.222:0
Hash af593b50cac8b7a394207e00de314645
2d8e8db2df6ed7eebe3f6616002cb79eea24521f
f8141626a8673a223c79e4e882fcbfcbc53109a660a3a7f1a77a330ffac5659a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/quick-and-easy-testimonials/public/css/quick-and-easy-testimonials-public.css?ver=1.1.0 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: text/css
last-modified: Mon, 14 Mar 2022 18:13:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 333
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/themes/realhomes/assets/classic/styles/css/custom.css?ver=4.0.0
162.0.229.222200 OK 42 B URL HTTP/2 hajjproperties.com/wp-content/themes/realhomes/assets/classic/styles/css/custom.css?ver=4.0.0
IP 162.0.229.222:0
File type ASCII text, with no line terminators
Hash 67017eb865758cf939fd041a90e414bd
b9a874118971e226c677b198bec7db4605dc4bb1
6bf0f2ee7d917bb13b02fc401094be664db8d0653a1983558d7c3cec8dee9ebb
GET /wp-content/themes/realhomes/assets/classic/styles/css/custom.css?ver=4.0.0 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: text/css
last-modified: Mon, 16 Jan 2023 14:33:52 GMT
accept-ranges: bytes
content-length: 42
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/themes/realhomes/assets/classic/styles/css/main.min.css?ver=4.0.0
162.0.229.222200 OK 85 kB URL HTTP/2 hajjproperties.com/wp-content/themes/realhomes/assets/classic/styles/css/main.min.css?ver=4.0.0
IP 162.0.229.222:0
File type Unicode text, UTF-8 text, with very long lines (65364)
Hash 2c13e7c06ec4024bc00aa9b88fb8da2f
63ff5dc86bff8b9fc3722cbd89b31832a6d4b00a
4b586ae42815b535eec8252158f71f84e6d8a31e270fc8cea45c812390f9f06f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/realhomes/assets/classic/styles/css/main.min.css?ver=4.0.0 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: text/css
last-modified: Mon, 16 Jan 2023 14:33:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 85255
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/themes/realhomes/common/optimize/vendors.css?ver=4.0.0
162.0.229.222200 OK 23 kB URL HTTP/2 hajjproperties.com/wp-content/themes/realhomes/common/optimize/vendors.css?ver=4.0.0
IP 162.0.229.222:0
File type Unicode text, UTF-8 text, with very long lines (29115)
Hash 0cc22d042ab03c8ac0e8933094f62db8
f3423f82e4a261f37ed504021fc75149f6b6f1ed
f144be191a005374e6d726b19ac5d2db5e6224a1e21e17ffd242adab572c63ae
GET /wp-content/themes/realhomes/common/optimize/vendors.css?ver=4.0.0 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: text/css
last-modified: Mon, 16 Jan 2023 14:33:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 23029
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/themes/realhomes/common/css/frontend-styles.min.css?ver=4.0.0
162.0.229.222200 OK 9.8 kB URL HTTP/2 hajjproperties.com/wp-content/themes/realhomes/common/css/frontend-styles.min.css?ver=4.0.0
IP 162.0.229.222:0
File type Unicode text, UTF-8 text, with very long lines (65526), with no line terminators
Hash 0c7c7acfdebdda18d4b1733afd7c7fd8
6a51f0bc158deb7c6e98e9d807f0123088e3dd8d
259dc560f532a670c4afe305c87d90d99a17c31151879f0bd41842ec99ea6bca
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/realhomes/common/css/frontend-styles.min.css?ver=4.0.0 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: text/css
last-modified: Mon, 16 Jan 2023 14:33:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 9827
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/plugins/creame-whatsapp-me/public/css/joinchat-btn.min.css?ver=4.5.16
162.0.229.222200 OK 2.0 kB URL HTTP/2 hajjproperties.com/wp-content/plugins/creame-whatsapp-me/public/css/joinchat-btn.min.css?ver=4.5.16
IP 162.0.229.222:0
File type ASCII text, with very long lines (6087), with no line terminators
Hash 8f015f8adc478eaf54a2ee7155e13344
489ffbd9673e547c1f8d00b9ffd171d086d1555c
8d765644f78bb6d98f3d004cdb7ca1eae2490209839f1abb01e1e7569b9ba922
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/creame-whatsapp-me/public/css/joinchat-btn.min.css?ver=4.5.16 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: text/css
last-modified: Mon, 23 Jan 2023 10:25:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1965
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/plugins/cf7-conditional-fields/style.css?ver=2.3.3
162.0.229.222200 OK 458 B URL HTTP/2 hajjproperties.com/wp-content/plugins/cf7-conditional-fields/style.css?ver=2.3.3
IP 162.0.229.222:0
Hash 97c349e4fdd3a4a934d7129a4a8f96dd
1d69c633bad69396b1476a1456d7f9ccb273dd8d
96b65cb67b17a8f7e24e3e5dffc20f1c665db0d65b6813c23ffeb1c2d8160630
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/cf7-conditional-fields/style.css?ver=2.3.3 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: text/css
last-modified: Sun, 11 Dec 2022 20:17:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 458
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.12.1
162.0.229.222200 OK 3.0 kB URL HTTP/2 hajjproperties.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.12.1
IP 162.0.229.222:0
File type ASCII text, with very long lines (1577)
Hash f9bd58ff6ff8b6d519f6bedfd8466af2
058a2339d68391def5388ec52f38ab89ee06d877
7b854fbfa48aecfb3cbc79b884fb79385f08fbc994bf60269a68424c18e9958a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.12.1 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Sun, 15 Jan 2023 22:40:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3016
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
162.0.229.222200 OK 30 kB URL HTTP/2 hajjproperties.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 162.0.229.222:0
File type ASCII text, with very long lines (65447)
Hash 3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Sun, 15 Jan 2023 22:39:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 30324
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/flat/flat_facebook.png
162.0.229.222200 OK 375 B URL HTTP/2 hajjproperties.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/flat/flat_facebook.png
IP 162.0.229.222:0
File type PNG image data, 52 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash 1bfd6f4ef8043e4898c3092c707334b3
711ad6624b4121aba707897edc6317fc39753262
31fe30e25330874ce416a149d0419c6447d2f78c0ce9eee0bdea01f59a5ba8e7
GET /wp-content/plugins/ultimate-social-media-icons/images/icons_theme/flat/flat_facebook.png HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: image/png
last-modified: Tue, 29 Nov 2022 00:18:15 GMT
accept-ranges: bytes
content-length: 375
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/Visit_us_fb/icon_Visit_us_en_US.png
162.0.229.222200 OK 1.3 kB URL HTTP/2 hajjproperties.com/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/Visit_us_fb/icon_Visit_us_en_US.png
IP 162.0.229.222:0
File type PNG image data, 93 x 23, 8-bit/color RGBA, non-interlaced\012- data
Hash 548fa3151d19b56d39e6792f000f5975
3e703c35b76f4dceff1b1a0393cfd3cedb3cc763
15d91ab032211a3cfedf49470c5490ee1cc7ca322820fcfcdfa9ddcc1307549d
GET /wp-content/plugins/ultimate-social-media-icons/images/visit_icons/Visit_us_fb/icon_Visit_us_en_US.png HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: image/png
last-modified: Tue, 29 Nov 2022 00:18:15 GMT
accept-ranges: bytes
content-length: 1280
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/flat/flat_twitter.png
162.0.229.222200 OK 801 B URL HTTP/2 hajjproperties.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/flat/flat_twitter.png
IP 162.0.229.222:0
File type PNG image data, 52 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash c910c63341951ca64f4d140922a69570
322c37d324893184447617c5045197f750d72837
201dfb5889442f9b22f43a051285ce4a1d2b7504974604985b8b541e11595c3f
GET /wp-content/plugins/ultimate-social-media-icons/images/icons_theme/flat/flat_twitter.png HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: image/png
last-modified: Tue, 29 Nov 2022 00:18:15 GMT
accept-ranges: bytes
content-length: 801
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/flat/flat_instagram.png
162.0.229.222200 OK 1.1 kB URL HTTP/2 hajjproperties.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/flat/flat_instagram.png
IP 162.0.229.222:0
File type PNG image data, 52 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash bbc966a7bd88fa2604468d14f5f222eb
4c8e83164de65c511ff26a57e9ccfb0344b725de
7b4a144d970109d0e3127dd6f1cc0c146343de869870768f05398c9973301789
GET /wp-content/plugins/ultimate-social-media-icons/images/icons_theme/flat/flat_instagram.png HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: image/png
last-modified: Tue, 29 Nov 2022 00:18:15 GMT
accept-ranges: bytes
content-length: 1093
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/uploads/2021/05/HAJJ-Properties-logo.png
162.0.229.222200 OK 5.3 kB URL HTTP/2 hajjproperties.com/wp-content/uploads/2021/05/HAJJ-Properties-logo.png
IP 162.0.229.222:0
File type PNG image data, 200 x 50, 8-bit colormap, non-interlaced\012- data
Hash 2efa1aa14aae8ad49a7bc103dc813dcb
c0cd6f14759d779edd4a02aeee31bf0ee68681f9
18bbb6202a812c2dc9be7f8bbf70416adddd8b513400d767d3a2c5b01048dcb5
GET /wp-content/uploads/2021/05/HAJJ-Properties-logo.png HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: image/png
last-modified: Wed, 18 Aug 2021 13:13:42 GMT
accept-ranges: bytes
content-length: 5277
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3
162.0.229.222200 OK 2.9 kB URL HTTP/2 hajjproperties.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3
IP 162.0.229.222:0
File type ASCII text, with very long lines (10565), with no line terminators
Hash 70f3b9dd6a51a766210411d4ed0752de
5507f795072da10842897292e32c24b8cbf7827d
8ad70d44d761d4e24fdcdd496c7d529c52c68a7c7dce2471104d4efa2d01ca89
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 10:30:29 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2911
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0
162.0.229.222200 OK 5.7 kB URL HTTP/2 hajjproperties.com/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0
IP 162.0.229.222:0
File type ASCII text, with very long lines (15977), with no line terminators
Hash 071a1b0647ef601fe497ed94bb3c1e01
0b3bf87a22c50344b797f37550ed03c5e65edc55
8ebefdccc5e0b0939b14b0ca9405be3085d3c0d7e364262824870eb4eaf7fdfd
GET /wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Sun, 15 Jan 2023 22:39:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 5686
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/plugins/easy-real-estate/js/jquery.validate.min.js?ver=1.1.7
162.0.229.222200 OK 6.1 kB URL HTTP/2 hajjproperties.com/wp-content/plugins/easy-real-estate/js/jquery.validate.min.js?ver=1.1.7
IP 162.0.229.222:0
File type Unicode text, UTF-8 text, with very long lines (20914)
Hash 573d57185a98f701d4cfe9b2df0005ef
a1911fbeb114eb7ab9699f50edd6b2a8eec3dd4f
5267084c5ad143dd2d4527022c55a08295a315bd41e36a548571c552cae97d7f
GET /wp-content/plugins/easy-real-estate/js/jquery.validate.min.js?ver=1.1.7 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 00:17:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6116
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/plugins/easy-real-estate/js/ere-frontend.js?ver=1.1.7
162.0.229.222200 OK 1.3 kB URL HTTP/2 hajjproperties.com/wp-content/plugins/easy-real-estate/js/ere-frontend.js?ver=1.1.7
IP 162.0.229.222:0
Hash 52fcdd7cc43c4866017798d8da89dab2
a2d76ec3d6a035ad472167190d250ac9c20b8d9a
ad65aba5c850d23030aacb1a2b86c7d44c0a4c2ece2643c04e0a26b1036c59cd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/easy-real-estate/js/ere-frontend.js?ver=1.1.7 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 00:17:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1274
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
162.0.229.222200 OK 6.8 kB URL HTTP/2 hajjproperties.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 162.0.229.222:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 3d0ff0f6731d9cef860af9a5a0e3ce62
13aed444304d782039e261475c8b4450b83e743e
e8d05db77732c71843ced6f386ea82eb32243ac36e7ca3e071cb7f53e2ffbce5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Sun, 15 Jan 2023 22:39:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6800
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/modernizr.custom.min.js?ver=6.1.1
162.0.229.222200 OK 2.5 kB URL HTTP/2 hajjproperties.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/modernizr.custom.min.js?ver=6.1.1
IP 162.0.229.222:0
File type ASCII text, with very long lines (4318), with CRLF, CR line terminators
Hash 997a850c43cb46efa091e004256d57ec
ee1f2f7845b93bb255a2a9adbe5220f803ef4f7e
fe93eb227ea2999c9a5784a1f7a60e48467ea78c2ee197803d0d9c2a6ae65b6d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-social-media-icons/js/shuffle/modernizr.custom.min.js?ver=6.1.1 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 20:04:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2464
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js?ver=6.1.1
162.0.229.222200 OK 4.0 kB URL HTTP/2 hajjproperties.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js?ver=6.1.1
IP 162.0.229.222:0
File type ASCII text, with very long lines (11484), with no line terminators
Hash afba95e9d8b68de8a182844bf3d210c6
15ff42025d6279456ddcae01e40e518d18f56300
72df0c1220af2d9bc12439b1f788e797334059aa057e4c9ca94b8409ebc5782d
GET /wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js?ver=6.1.1 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 00:18:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3953
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/random-shuffle-min.js?ver=6.1.1
162.0.229.222200 OK 617 B URL HTTP/2 hajjproperties.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/random-shuffle-min.js?ver=6.1.1
IP 162.0.229.222:0
File type ASCII text, with very long lines (1472), with no line terminators
Hash a9417b08d84f6bbb29398e2020861d94
7e84b0c1e1f2ab8dbefc1cdcc73a378ceb8526b5
3ee491454e5c72568a37bb1f7837c88cf77ec8b9fefc2f5a77876c27c7f0304e
GET /wp-content/plugins/ultimate-social-media-icons/js/shuffle/random-shuffle-min.js?ver=6.1.1 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 00:18:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 617
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/plugins/ultimate-social-media-icons/js/custom.js?ver=2.8.0
162.0.229.222200 OK 5.8 kB URL HTTP/2 hajjproperties.com/wp-content/plugins/ultimate-social-media-icons/js/custom.js?ver=2.8.0
IP 162.0.229.222:0
File type Unicode text, UTF-8 text, with very long lines (827), with CRLF line terminators
Hash 3c36292ccabb06468e7d58184ea5d857
962404fc0867a0af8295a015229234a1ace74abe
7fab92180e5e433e10c5f010ab67694ba486c7a300fe5a17f268255fe71be6e4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-social-media-icons/js/custom.js?ver=2.8.0 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 00:18:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 5789
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-includes/js/jquery/ui/menu.min.js?ver=1.13.2
162.0.229.222200 OK 2.9 kB URL HTTP/2 hajjproperties.com/wp-includes/js/jquery/ui/menu.min.js?ver=1.13.2
IP 162.0.229.222:0
File type ASCII text, with very long lines (9937)
Hash 7151f5fec10c40b863dfb217d8f2bbfa
84adb4fadf1377461c226571d229d747108cdb8c
84e6e66db5154e09511e78fcaaf926d973eff55b1c4d2dcadf09520fa7906185
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/menu.min.js?ver=1.13.2 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Sun, 15 Jan 2023 22:39:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2881
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
162.0.229.222200 OK 2.4 kB URL HTTP/2 hajjproperties.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 162.0.229.222:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 4e773d7cec56bacab6d2db420be6f262
c95573d884c1caec0ec9c6f3e2a8c0fbf28d939a
5c8839d0b02f21e8d83d856bbf85a6b87fbedf9ba0b70711b11a1c378d5443e7
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Sun, 15 Jan 2023 22:39:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2354
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
162.0.229.222200 OK 6.3 kB URL HTTP/2 hajjproperties.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 162.0.229.222:0
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash fecbc00e8af71d8cfb678cd811c7cb2e
44e5dd77f62cb5c67271442b75cdff10d45f2f8d
d6f03fb4728d0c23251451df8d66b5107d3c87458dc624aacfbad437e99d01f1
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Sun, 15 Jan 2023 22:39:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6335
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
162.0.229.222200 OK 281 B URL HTTP/2 hajjproperties.com/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
IP 162.0.229.222:0
File type ASCII text, with very long lines (463)
Hash 2bd32222de02ec6631cc34c5a5e0d23a
870c0f56cd4535a5546d974ff3eb2e3e66c97cfd
234dabb9c00a28b9055c7409fb1bc88581dfd807959239e281dbd7ef85df6551
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Sun, 15 Jan 2023 22:39:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 281
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
162.0.229.222200 OK 1.6 kB URL HTTP/2 hajjproperties.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP 162.0.229.222:0
File type ASCII text, with very long lines (4875)
Hash 06a8ac0e71976bc143cfa7861a31169d
def6031fe13259bf17752661832d815e37068bf2
e6f42d97e7299522bbb002364128fdf72cd22263ca72c5edc41dcd8f4672cd33
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Sun, 15 Jan 2023 22:39:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1575
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
162.0.229.222200 OK 3.7 kB URL HTTP/2 hajjproperties.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP 162.0.229.222:0
Hash f7acc55c5b34188d3e66c5f2ecf3ba80
802270f7a221e406af63d622d364b119d912c15b
826c4e13764f5bf1bd0a17f2e693d943f8605df1024815f67f43694f4338b713
GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Sun, 15 Jan 2023 22:39:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3717
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-includes/js/dist/a11y.min.js?ver=ecce20f002eda4c19664
162.0.229.222200 OK 858 B URL HTTP/2 hajjproperties.com/wp-includes/js/dist/a11y.min.js?ver=ecce20f002eda4c19664
IP 162.0.229.222:0
File type Unicode text, UTF-8 text, with very long lines (2472)
Hash be2374eabf981621988021fc2425df91
96272e603964f155600a1e8aa3835fe2fe95756f
2db40c016bc0a8cb0361a98a69c29e9043a42467198035460dc4604035729eff
GET /wp-includes/js/dist/a11y.min.js?ver=ecce20f002eda4c19664 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Sun, 15 Jan 2023 22:39:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 858
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.2
162.0.229.222200 OK 2.7 kB URL HTTP/2 hajjproperties.com/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.2
IP 162.0.229.222:0
File type ASCII text, with very long lines (8281)
Hash bcfd84d4f06f766dad4215d59d3a9306
bc5406a7f528a2fa36c82c80d55b426282875363
1c1be274389ed99a773acf0ada6ee1198bb319fb68c708383e5f0ea21738f1d6
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.2 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Sun, 15 Jan 2023 22:39:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2679
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/themes/realhomes/assets/classic/scripts/vendors/vendors.min.js?ver=4.0.0
162.0.229.222200 OK 9.5 kB URL HTTP/2 hajjproperties.com/wp-content/themes/realhomes/assets/classic/scripts/vendors/vendors.min.js?ver=4.0.0
IP 162.0.229.222:0
File type ASCII text, with very long lines (15549)
Hash 32ae4a2581d0fa076ed0ee025886f8b3
81fc13b66d17cc2ad1d39ae6f07982f5c648c364
8e922b4d223e9b7e54291f47b17349ff06f7ebda12c138e3670f4de5bcb38248
GET /wp-content/themes/realhomes/assets/classic/scripts/vendors/vendors.min.js?ver=4.0.0 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Mon, 16 Jan 2023 14:34:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 9479
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/themes/realhomes/assets/classic/scripts/js/inspiry-search-form.js?ver=4.0.0
162.0.229.222200 OK 1.4 kB URL HTTP/2 hajjproperties.com/wp-content/themes/realhomes/assets/classic/scripts/js/inspiry-search-form.js?ver=4.0.0
IP 162.0.229.222:0
Hash b4cfd00e3efe5bbec017747c4e216ed5
d22ba96302f55609a7a6af8b14f6865b3e5367dd
a52082f381d762a2d6e3a69b90daffce190c9f38e7001815ff3c8234db5325f8
GET /wp-content/themes/realhomes/assets/classic/scripts/js/inspiry-search-form.js?ver=4.0.0 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Mon, 16 Jan 2023 14:33:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1359
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/themes/realhomes/assets/classic/scripts/js/custom.js?ver=4.0.0
162.0.229.222200 OK 7.9 kB URL HTTP/2 hajjproperties.com/wp-content/themes/realhomes/assets/classic/scripts/js/custom.js?ver=4.0.0
IP 162.0.229.222:0
Hash 46d101bffc0a4dd1b763dc1ec093a539
61ed6f9cd73f43af9954c0e93c9bd861a8018b30
b66656329b6fbaea5fb2f520a99cf9f804bdfaa173b387b2a359ffa0feed3814
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/realhomes/assets/classic/scripts/js/custom.js?ver=4.0.0 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Mon, 16 Jan 2023 14:33:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 7939
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-includes/js/jquery/ui/tooltip.min.js?ver=1.13.2
162.0.229.222200 OK 2.0 kB URL HTTP/2 hajjproperties.com/wp-includes/js/jquery/ui/tooltip.min.js?ver=1.13.2
IP 162.0.229.222:0
File type ASCII text, with very long lines (6004)
Hash f7f420dfa01867debb55574132b259a8
f49655122431d300ca6e1e2d41de925f97c57fdf
5a560e3f034d04b4be3cd1d9b415245b2e7a2a94f5a5919f75eae1be6ae1adc3
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/tooltip.min.js?ver=1.13.2 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Sun, 15 Jan 2023 22:39:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1990
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/themes/realhomes/common/js/inspiry-login.js?ver=4.0.0
162.0.229.222200 OK 1.9 kB URL HTTP/2 hajjproperties.com/wp-content/themes/realhomes/common/js/inspiry-login.js?ver=4.0.0
IP 162.0.229.222:0
Hash 9e4029fd2286ed69f0902ef11293d55d
f7389b00bb8ec2a41ae801bf9e173310665a5629
3e826373ff1b91d4f2d4a0a55c532409ce1c35dce0ee020b531704f4c315697b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/realhomes/common/js/inspiry-login.js?ver=4.0.0 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Mon, 16 Jan 2023 14:33:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1880
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/themes/realhomes/common/js/locations.js?ver=4.0.0
162.0.229.222200 OK 3.6 kB URL HTTP/2 hajjproperties.com/wp-content/themes/realhomes/common/js/locations.js?ver=4.0.0
IP 162.0.229.222:0
Hash 728f9ea5597721dd7beaa8fd1178428d
e1d1aca615f8ef8a5622c8eff211afd5bbff99d3
5179f4ebb3d1f78daac73f09d21965f0e8a059e870f1fe59f1a93ab21810f641
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/realhomes/common/js/locations.js?ver=4.0.0 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Mon, 16 Jan 2023 14:33:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3583
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/themes/realhomes/common/js/common-custom.js?ver=4.0.0
162.0.229.222200 OK 9.3 kB URL HTTP/2 hajjproperties.com/wp-content/themes/realhomes/common/js/common-custom.js?ver=4.0.0
IP 162.0.229.222:0
Hash 5c411d19fc1810df4167621035b62ff7
677e776904897cdd7015bc635b8a83c492a64159
98017ba35e18e26506f726864425ad9b41971a8c16df98614c7d09c80f1614ba
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/realhomes/common/js/common-custom.js?ver=4.0.0 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Mon, 16 Jan 2023 14:33:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 9274
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/themes/realhomes/common/js/cfos.js?ver=4.0.0
162.0.229.222200 OK 523 B URL HTTP/2 hajjproperties.com/wp-content/themes/realhomes/common/js/cfos.js?ver=4.0.0
IP 162.0.229.222:0
Hash d927337aacb4fa2640af1bace4a5072a
63b11c7cdce5172f84db9aa68454732d053c5c9f
1bb9f5f4f8e80e1ec9d4c0045274a748b1a58d0901fbc58378b0b6ed8f104897
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/realhomes/common/js/cfos.js?ver=4.0.0 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Mon, 16 Jan 2023 14:33:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 523
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.16
162.0.229.222200 OK 2.6 kB URL HTTP/2 hajjproperties.com/wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.16
IP 162.0.229.222:0
File type ASCII text, with very long lines (8183), with no line terminators
Hash dd9f80be12465f5947a4092e7281a4f6
33eb8ea448e4907593f7c298a170a27ffb8b4f41
0c7145959da577724a50b2d350cc2ce3c53465901ed3ce3c47e4978577df3984
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.16 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Mon, 23 Jan 2023 10:25:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2574
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/plugins/google-analytics-for-wordpress/assets/images/monsterinsights-badge-light.svg
162.0.229.222200 OK 3.8 kB URL HTTP/2 hajjproperties.com/wp-content/plugins/google-analytics-for-wordpress/assets/images/monsterinsights-badge-light.svg
IP 162.0.229.222:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash dc0fa6baed544c618f7674ea384b8cfe
5b915c8f7f09d848011b6c334ce5b049c4d03be7
2af524f999e9d0445e5a27e5240e5401c831838192e73b412773cb015144e989
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/google-analytics-for-wordpress/assets/images/monsterinsights-badge-light.svg HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: image/svg+xml
last-modified: Sun, 15 Jan 2023 22:40:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3841
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
162.0.229.222200 OK 4.6 kB URL HTTP/2 hajjproperties.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 162.0.229.222:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Sun, 15 Jan 2023 22:39:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4619
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/plugins/cf7-conditional-fields/js/scripts.js?ver=2.3.3
162.0.229.222200 OK 31 kB URL HTTP/2 hajjproperties.com/wp-content/plugins/cf7-conditional-fields/js/scripts.js?ver=2.3.3
IP 162.0.229.222:0
File type Unicode text, UTF-8 text, with very long lines (595)
Hash 7af5367271a56e4aa67cf8d227fe8fb3
5750eb1d210ac1aa333d4cea61be68ecfc1a2cf4
65660d938ddd008735781984f4fad78be401540f0dade3b20fcf78bf0f74b92b
GET /wp-content/plugins/cf7-conditional-fields/js/scripts.js?ver=2.3.3 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 23:39:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 31323
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/uploads/2013/08/news-03-2.jpg
162.0.229.222200 OK 36 kB URL HTTP/2 hajjproperties.com/wp-content/uploads/2013/08/news-03-2.jpg
IP 162.0.229.222:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 830x323, components 3\012- data
Hash dbf3b943afc7bc0290a0c7fd3c72e31e
f60636949d758a6fd35c5b3b542afd5de2b43acf
526382f36a30783f3de2547fce11b92a3a6d7726639459345acf18c5aa53273a
GET /wp-content/uploads/2013/08/news-03-2.jpg HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Cookie: _ga_0L63DX5JQT=GS1.1.1675592175.1.0.1675592175.0.0.0; _ga=GA1.1.858269306.1675592176
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:36 GMT
content-type: image/jpeg
last-modified: Wed, 18 Aug 2021 13:13:34 GMT
accept-ranges: bytes
content-length: 35633
date: Sun, 05 Feb 2023 10:15:36 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-0L63DX5JQT>m=45je3210&_p=702687422&gdid=dZGIzZG&cid=858269306.1675592176&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675592175&sct=1&seg=0&dl=https%3A%2F%2Fhajjproperties.com%2Fadvert%2Fdragon-naturallyspeaking-premium-13-keygen-142-exclusive&dt=Page%20not%20found%20-%20Hajj%20Properties&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true&ep.page_path=%2F404.html%3Fpage%3D%2Fadvert%2Fdragon-naturallyspeaking-premium-13-keygen-142-exclusive%26from%3D
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-0L63DX5JQT>m=45je3210&_p=702687422&gdid=dZGIzZG&cid=858269306.1675592176&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675592175&sct=1&seg=0&dl=https%3A%2F%2Fhajjproperties.com%2Fadvert%2Fdragon-naturallyspeaking-premium-13-keygen-142-exclusive&dt=Page%20not%20found%20-%20Hajj%20Properties&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true&ep.page_path=%2F404.html%3Fpage%3D%2Fadvert%2Fdragon-naturallyspeaking-premium-13-keygen-142-exclusive%26from%3D
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-0L63DX5JQT>m=45je3210&_p=702687422&gdid=dZGIzZG&cid=858269306.1675592176&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675592175&sct=1&seg=0&dl=https%3A%2F%2Fhajjproperties.com%2Fadvert%2Fdragon-naturallyspeaking-premium-13-keygen-142-exclusive&dt=Page%20not%20found%20-%20Hajj%20Properties&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true&ep.page_path=%2F404.html%3Fpage%3D%2Fadvert%2Fdragon-naturallyspeaking-premium-13-keygen-142-exclusive%26from%3D HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hajjproperties.com
Connection: keep-alive
Referer: https://hajjproperties.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://hajjproperties.com
date: Sun, 05 Feb 2023 10:15:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/themes/realhomes/common/font-awesome/webfonts/fa-brands-400.woff2
162.0.229.222200 OK 77 kB URL HTTP/2 hajjproperties.com/wp-content/themes/realhomes/common/font-awesome/webfonts/fa-brands-400.woff2
IP 162.0.229.222:0
File type Web Open Font Format (Version 2), TrueType, length 77444, version 331.589\012- data
Hash 91a23e8bf2b4b84c39311cb5eb23aaa0
992e28bfb17bebc55d628d1b743d4c7d20082c19
e98ae3ff936b4723cd8a2377d2c549a667ce87e81201ec4995cc01bd374c1288
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/realhomes/common/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://hajjproperties.com/wp-content/themes/realhomes/common/font-awesome/css/all.min.css?ver=5.13.1
Cookie: _ga_0L63DX5JQT=GS1.1.1675592175.1.0.1675592175.0.0.0; _ga=GA1.1.858269306.1675592176
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:36 GMT
content-type: font/woff2
last-modified: Mon, 16 Jan 2023 14:33:53 GMT
accept-ranges: bytes
content-length: 77444
date: Sun, 05 Feb 2023 10:15:36 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:15:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:15:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/acme/v21/RrQfboBx-C5_XxrBbg.woff2
142.250.74.35200 OK 8.2 kB URL HTTP/2 fonts.gstatic.com/s/acme/v21/RrQfboBx-C5_XxrBbg.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 8236, version 1.0\012- data
Hash 06efd00b7f74385c105f230dffa6cca0
1ddd4e5f12e2efb9dc91fd179c39809e1567ca9b
bb814ac86e7f409154ced702b9f3543761d09410e837ec728242e6b980a26aa0
GET /s/acme/v21/RrQfboBx-C5_XxrBbg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hajjproperties.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 00:24:35 GMT
expires: Tue, 30 Jan 2024 00:24:35 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Dec 2022 17:50:27 GMT
content-type: font/woff2
age: 553861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/fresca/v18/6ae94K--SKgCzbMGHbcX.woff2
142.250.74.35200 OK 8.9 kB URL HTTP/2 fonts.gstatic.com/s/fresca/v18/6ae94K--SKgCzbMGHbcX.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 8860, version 1.0\012- data
Hash e3d122c4ed0e01e7cdd87df3e70574dd
623ee634d1a84f20232acd0ac2b564598b0b67c1
c4c1a89d8348f83efca1b66fb7f6df5ab0af9c95913c2c48bea67010e09025e0
GET /s/fresca/v18/6ae94K--SKgCzbMGHbcX.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hajjproperties.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 02:40:21 GMT
expires: Sat, 03 Feb 2024 02:40:21 GMT
cache-control: public, max-age=31536000
age: 200115
last-modified: Thu, 21 Apr 2022 16:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/themes/realhomes/common/font-awesome/webfonts/fa-solid-900.woff2
162.0.229.222200 OK 80 kB URL HTTP/2 hajjproperties.com/wp-content/themes/realhomes/common/font-awesome/webfonts/fa-solid-900.woff2
IP 162.0.229.222:0
File type Web Open Font Format (Version 2), TrueType, length 80328, version 331.589\012- data
Hash 412a43d6840addd683665ec12c30f810
f3be6605dbff23cf22ec3abddd1141a81a99e3aa
0bf1b8d8ac1b4ef0caea0db8cbe1b6a35f8a84a2f5fffa2421936cc11a1a91fc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/realhomes/common/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://hajjproperties.com/wp-content/themes/realhomes/common/font-awesome/css/all.min.css?ver=5.13.1
Cookie: _ga_0L63DX5JQT=GS1.1.1675592175.1.0.1675592175.0.0.0; _ga=GA1.1.858269306.1675592176
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:36 GMT
content-type: font/woff2
last-modified: Mon, 16 Jan 2023 14:33:53 GMT
accept-ranges: bytes
content-length: 80328
date: Sun, 05 Feb 2023 10:15:36 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:15:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hajjproperties.com/wp-content/themes/realhomes/common/optimize/vendors.js?ver=4.0.0
162.0.229.222200 OK 5.6 kB URL HTTP/2 hajjproperties.com/wp-content/themes/realhomes/common/optimize/vendors.js?ver=4.0.0
IP 162.0.229.222:0
Hash eb753c0211c472c1abb7c46e9b052639
d919e4500ce7529094890b00a06107de4cdf79dc
5bd62c4421568e5a4639533de726bfd4fd9a1e2d7fcfcd8bc50a69b18697043e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/realhomes/common/optimize/vendors.js?ver=4.0.0 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Mon, 16 Jan 2023 14:33:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 97805
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
216.58.207.206200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.58.207.206:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 05 Feb 2023 09:44:08 GMT
expires: Sun, 05 Feb 2023 11:44:08 GMT
cache-control: public, max-age=7200
age: 1889
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ac85d3e0a8ec2827b2e3f0eca3336919
4b630e134dcb05e77c44e313f22f2214b51841a2
d1747dfa46c4ca2dcc3239bd1376ae7401b4b3e7b8d260dc4162b9b8208cd6f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5470
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:15:37 GMT
Last-Modified: Sun, 05 Feb 2023 08:44:27 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js
157.240.221.16200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 157.240.221.16:0
File type ASCII text, with very long lines (1957)
Hash 17f6172d70f0742738d68954b8a7e164
9f27414c13ee6f7e306cadc505948b2bca321877
1d19a01baf94a3b6b679181135f4d63d03e1ff7a3d2d3e6a6932df3eac150845
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 94e26aea7245c4b93b275f4675c50239
etag: "ac05501651cb979451a5dd24155283b4"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 05 Feb 2023 10:32:57 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: F/YXLXDwdCc41olUuKfhZA==
x-fb-debug: FR4UTT3YVvN0zC+4tMuFBLzkzK5ffL48j3bxXif1hVeHMTHKfoYgAEBboTwHDnAeWvSD17fFXMT0zRXcXQXbAA==
content-length: 1686
x-fb-trip-id: 1679558926
date: Sun, 05 Feb 2023 10:15:37 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ac85d3e0a8ec2827b2e3f0eca3336919
4b630e134dcb05e77c44e313f22f2214b51841a2
d1747dfa46c4ca2dcc3239bd1376ae7401b4b3e7b8d260dc4162b9b8208cd6f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5470
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:15:37 GMT
Last-Modified: Sun, 05 Feb 2023 08:44:27 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
hajjproperties.com/wp-content/uploads/2021/05/cropped-Hajj-Propties-Favicon-32x32.png
162.0.229.222200 OK 1.3 kB URL HTTP/2 hajjproperties.com/wp-content/uploads/2021/05/cropped-Hajj-Propties-Favicon-32x32.png
IP 162.0.229.222:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 8ace9dcd15b59f13d13c1c6bb0d3dfd6
211dd262763f30f6135850d9e5ea46be3a7278ae
d602c7396ea02e0d5c4426dfca9ebd2ab0f78e94b4fd7993c8917d9f0cabc841
GET /wp-content/uploads/2021/05/cropped-Hajj-Propties-Favicon-32x32.png HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Cookie: _ga_0L63DX5JQT=GS1.1.1675592175.1.0.1675592175.0.0.0; _ga=GA1.1.858269306.1675592176
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:37 GMT
content-type: image/png
last-modified: Wed, 18 Aug 2021 13:13:43 GMT
accept-ranges: bytes
content-length: 1315
date: Sun, 05 Feb 2023 10:15:37 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/uploads/2021/05/cropped-Hajj-Propties-Favicon-192x192.png
162.0.229.222200 OK 5.3 kB URL HTTP/2 hajjproperties.com/wp-content/uploads/2021/05/cropped-Hajj-Propties-Favicon-192x192.png
IP 162.0.229.222:0
File type PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Hash fdddc09752b1b4a77d51148339e58f7a
a8f65b4f054e573d7b45b3c6d913327f46646fa3
e774881001d68f287ca50ac6651ffd8c9e8b7c9f3e68b4505e6a86b264559652
GET /wp-content/uploads/2021/05/cropped-Hajj-Propties-Favicon-192x192.png HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Cookie: _ga_0L63DX5JQT=GS1.1.1675592175.1.0.1675592175.0.0.0; _ga=GA1.1.858269306.1675592176
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:37 GMT
content-type: image/png
last-modified: Wed, 18 Aug 2021 13:13:42 GMT
accept-ranges: bytes
content-length: 5325
date: Sun, 05 Feb 2023 10:15:37 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js?hash=bdf3908301b8df6fe953509ae4bc5fe7
157.240.221.16200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=bdf3908301b8df6fe953509ae4bc5fe7
IP 157.240.221.16:0
File type ASCII text, with very long lines (18530)
Hash 09efc90df11d81e462a318b3625fcd2d
c213d9df006cd2f38e0956f07e442a0b232cce99
08a04878237f916b64d297a3ec9fb36dd6e816a26fb8d3625e54e1d3008ac70c
GET /en_US/sdk.js?hash=bdf3908301b8df6fe953509ae4bc5fe7 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hajjproperties.com
Connection: keep-alive
Referer: https://hajjproperties.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 44925c0f5a503d1f9e46f436d000af6b
etag: "ddc706513b89e2fca2bd0746b91339f6"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 05 Feb 2024 09:28:32 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: Ce/JDfEdgeRioxizYl/NLQ==
x-fb-debug: ugdgP6NOa0Y/qCNol/V5jIetbEL8sz/bcQ4UhU0XBmBUwvETlyRP20pPlbwZqZS4bICr/9MIQtGSxB2ArXYfJg==
content-length: 88450
x-fb-trip-id: 1679558926
date: Sun, 05 Feb 2023 10:15:37 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/v2.5/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3aad020f5f9c96%26domain%3Dhajjproperties.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhajjproperties.com%252Ff2c1d8ca5ea6662%26relation%3Dparent.parent&container_width=64&href=https%3A%2F%2Fhajjproperties.com%2Fadvert%2Fdragon-naturallyspeaking-premium-13-keygen-142-exclusive&layout=button&locale=en_US&sdk=joey&share=true&show_faces=false
157.240.221.35200 OK 0 B URL HTTP/2 www.facebook.com/v2.5/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3aad020f5f9c96%26domain%3Dhajjproperties.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhajjproperties.com%252Ff2c1d8ca5ea6662%26relation%3Dparent.parent&container_width=64&href=https%3A%2F%2Fhajjproperties.com%2Fadvert%2Fdragon-naturallyspeaking-premium-13-keygen-142-exclusive&layout=button&locale=en_US&sdk=joey&share=true&show_faces=false
IP 157.240.221.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2.5/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3aad020f5f9c96%26domain%3Dhajjproperties.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhajjproperties.com%252Ff2c1d8ca5ea6662%26relation%3Dparent.parent&container_width=64&href=https%3A%2F%2Fhajjproperties.com%2Fadvert%2Fdragon-naturallyspeaking-premium-13-keygen-142-exclusive&layout=button&locale=en_US&sdk=joey&share=true&show_faces=false HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: U8XeWEXgFqJhXe7LFBsDSkxuITsqjJXIqNhKpJhj9HWfka7X37Q4gRJkeN5bVzKaOGlEtyKDw9li90OoVx/OQQ==
content-length: 0
date: Sun, 05 Feb 2023 10:15:37 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5a6a3d54a1791afd5a5bd81e322fc75e
e88472d37d537f56497323b57a0a44fa9c280265
4735bf4fc73eb2d124304613e1d20be407f2869654e3d1f5b0996f0fbac53b23
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:15:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 09:39:34 GMT
Expires: Sat, 11 Feb 2023 09:39:33 GMT
Etag: "e88472d37d537f56497323b57a0a44fa9c280265"
Cache-Control: max-age=515634,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794ae2ce19edb527-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5a6a3d54a1791afd5a5bd81e322fc75e
e88472d37d537f56497323b57a0a44fa9c280265
4735bf4fc73eb2d124304613e1d20be407f2869654e3d1f5b0996f0fbac53b23
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:15:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 09:39:34 GMT
Expires: Sat, 11 Feb 2023 09:39:33 GMT
Etag: "e88472d37d537f56497323b57a0a44fa9c280265"
Cache-Control: max-age=515634,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794ae2ccbf6eb4f3-OSL
aws-wwcloud.net/async/?id=4b87dkn8df17e3z8ez7911ahzna28nbd
5.34.176.223200 OK 177 B URL HTTP/1.1 aws-wwcloud.net/async/?id=4b87dkn8df17e3z8ez7911ahzna28nbd
IP 5.34.176.223:0
ASN #204957 Green Floid LLC
File type PNG image data, 1 x 1, 4-bit colormap, non-interlaced\012- data
Hash a9428714a3fc96dda46bf3dcb266266a
ccdf71be456f9f753967364b9b0ef38c1159d5ed
4f078541628ddaeeb2c66ef06b22c95df4ff9deb16a68554d4ad2f78380c42c2
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /async/?id=4b87dkn8df17e3z8ez7911ahzna28nbd HTTP/1.1
Host: aws-wwcloud.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hajjproperties.com
Connection: keep-alive
Referer: https://hajjproperties.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.1
Date: Sun, 05 Feb 2023 10:15:39 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.29
Access-Control-Allow-Origin: *
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=e372098ff49a3f898b0d9a3636f32d0b; path=/
_subid=3fk8c9q1pdlbe; expires=Mon, 06-Feb-2023 10:15:39 GMT; Max-Age=86400; path=/; domain=.aws-wwcloud.net
54cc2=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2NVwiOjE2NzU1OTIxMzl9LFwiY2FtcGFpZ25zXCI6e1wiMVwiOjE2NzU1OTIxMzl9LFwidGltZVwiOjE2NzU1OTIxMzl9In0.-rsFc7jGo9iyFxyPLOhs4Pe_cG8eQisVLAiFKgglQmE; expires=Mon, 06-Feb-2023 10:15:39 GMT; Max-Age=86400; path=/; domain=.aws-wwcloud.net
Strict-Transport-Security: max-age=31536000;
hajjproperties.com/wp-admin/admin-ajax.php?action=inspiry_get_location_options&query=
162.0.229.222200 OK 224 B URL HTTP/2 hajjproperties.com/wp-admin/admin-ajax.php?action=inspiry_get_location_options&query=
IP 162.0.229.222:0
File type JSON data\012- , ASCII text, with very long lines (454), with no line terminators
Hash 498e83ba9424ac897669165e5f9c1355
d34f13433e18820bc3ba3d12eba54a23b17b6289
7a2f0bb561a2dcfb2ee830b23066595f85a5774239f1a58280077437bd5e545c
GET /wp-admin/admin-ajax.php?action=inspiry_get_location_options&query= HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Cookie: _ga_0L63DX5JQT=GS1.1.1675592175.1.0.1675592175.0.0.0; _ga=GA1.1.858269306.1675592176
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
x-robots-tag: noindex
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
content-length: 224
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Sun, 05 Feb 2023 10:15:39 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
hajjproperties.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
162.0.229.222200 OK 0 B URL HTTP/2 hajjproperties.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 162.0.229.222:0
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Sun, 15 Jan 2023 22:39:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3995
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
unpkg.com/leaflet@1.3.4/dist/leaflet.css?ver=1.3.4
104.16.123.175302 Found 0 B URL HTTP/2 unpkg.com/leaflet@1.3.4/dist/leaflet.css?ver=1.3.4
IP 104.16.123.175:0
GET /leaflet@1.3.4/dist/leaflet.css?ver=1.3.4 HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 05 Feb 2023 10:15:35 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /leaflet@1.3.4/dist/leaflet.css
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GRGGAGTMNWJQV2SEFDZSS75N-fra
cf-cache-status: HIT
age: 897
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794ae2bfb990b4eb-OSL
X-Firefox-Spdy: h2
hajjproperties.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.3
162.0.229.222200 OK 0 B URL HTTP/2 hajjproperties.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.3
IP 162.0.229.222:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.3 HTTP/1.1
Host: hajjproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/advert/dragon-naturallyspeaking-premium-13-keygen-142-exclusive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:15:35 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 10:30:29 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3876
date: Sun, 05 Feb 2023 10:15:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
unpkg.com/leaflet@1.3.4/dist/leaflet.css
104.16.123.175200 OK 0 B URL HTTP/2 unpkg.com/leaflet@1.3.4/dist/leaflet.css
IP 104.16.123.175:0
GET /leaflet@1.3.4/dist/leaflet.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hajjproperties.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:15:35 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Tue, 21 Aug 2018 17:03:25 GMT
etag: W/"371a-BHwra6tEHm/m0+qAT9uCUksxKCk"
via: 1.1 fly.io
fly-request-id: 01GHHKBH5VWAEW08NEFH2ZJVG2-ams
cf-cache-status: HIT
age: 7480356
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794ae2bff9f9b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Acme%3A400%7CFresca%3A400&subset=latin%2Clatin-ext&display=fallback&ver=4.0.0
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Acme%3A400%7CFresca%3A400&subset=latin%2Clatin-ext&display=fallback&ver=4.0.0
IP 142.250.74.106:0
GET /css?family=Acme%3A400%7CFresca%3A400&subset=latin%2Clatin-ext&display=fallback&ver=4.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hajjproperties.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 Feb 2023 10:15:35 GMT
date: Sun, 05 Feb 2023 10:15:35 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2