www.hemayass.ae/
205.209.120.173301 Moved Permanently 707 B IP 205.209.120.173:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 12 Jan 2023 14:02:13 GMT
server: LiteSpeed
location: https://www.hemayass.ae/
vary: User-Agent
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a8b4f1afb0e830b797238d34ab9254aa
e011acef3d05c959a65205d53b651ecd18a889fe
f7ceff5b4fda083c7449b7298c232224cf48a632dcb87233b646790de207d49c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7CEFF5B4FDA083C7449B7298C232224CF48A632DCB87233B646790DE207D49C"
Last-Modified: Thu, 12 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10078
Expires: Thu, 12 Jan 2023 16:50:11 GMT
Date: Thu, 12 Jan 2023 14:02:13 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cab5b63e128895128726181aff42e42e
d39c36237554fcd41addec0664d7fe7f7d157c06
18e82a5b82eb8f2d8b49df824c336015f19367c5a05467ad139a56db59f88852
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E82A5B82EB8F2D8B49DF824C336015F19367C5A05467AD139A56DB59F88852"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8023
Expires: Thu, 12 Jan 2023 16:15:56 GMT
Date: Thu, 12 Jan 2023 14:02:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 12 Jan 2023 13:48:44 GMT
content-type: application/json
age: 809
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 718fc486cd6a70fcacc1653759703fae
bf60ba7a37d2deef1b7000e91cc88da586bb75ca
398d02e16da466ffe87b64ac34b007615951cca14d43610b4acd58bc2a5fadff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "398D02E16DA466FFE87B64AC34B007615951CCA14D43610B4ACD58BC2A5FADFF"
Last-Modified: Tue, 10 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10668
Expires: Thu, 12 Jan 2023 17:00:01 GMT
Date: Thu, 12 Jan 2023 14:02:13 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: A+HM99wFMbPSPMUUQrPNWAsijV0iCktOmJ59C+Itmh6M60D8G8wTIGc4xBUbP8yA+ajcOpC4S2k=
x-amz-request-id: 4C0NFG7TA94ZSF62
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 12 Jan 2023 13:02:30 GMT
age: 3583
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 12 Jan 2023 14:02:13 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3c9181805c5f044ddba620a04feb8290
255f6b960dced20407671acb01d06bb77310b844
578c9433d900b9ce7d47714241968d7aa68f102fa548199a531ac1fc358c230b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "578C9433D900B9CE7D47714241968D7AA68F102FA548199A531AC1FC358C230B"
Last-Modified: Wed, 11 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 12 Jan 2023 20:02:14 GMT
Date: Thu, 12 Jan 2023 14:02:14 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 12 Jan 2023 13:33:45 GMT
age: 1709
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1362750c01a8e1a2db32aa73ae46a48d
a423b43f2bd52bd4ec38b760a674866a1294c5ad
f0f57e27c4ec8f1cd8e05f530edc37fb1e4a94ffe92e5729939998346f2e204f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1062
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 14:02:14 GMT
Last-Modified: Thu, 12 Jan 2023 13:44:32 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.211.60.137101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.211.60.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: psL8hJwTb7YS7f/hi00fmw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: edT/YMTVAlFCyE0G1Whf5ysAdJw=
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash b1f465f2178efe2786ee28d13fb5e76d
777860d696be5da2a3e844ff1d29e8589cafe5a9
27d9f7abe75dd3a91116324e0f0769191432f1425ebdc17ffa67085e7c747deb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 14:02:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash b1f465f2178efe2786ee28d13fb5e76d
777860d696be5da2a3e844ff1d29e8589cafe5a9
27d9f7abe75dd3a91116324e0f0769191432f1425ebdc17ffa67085e7c747deb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 14:02:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.hemayass.ae/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
205.209.120.173200 OK 12 kB URL HTTP/2 www.hemayass.ae/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 205.209.120.173:0
File type ASCII text, with very long lines (47826)
Hash c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: text/css
last-modified: Tue, 15 Nov 2022 20:21:24 GMT
etag: "172a9-6373f4c4-a7214a00f90466f2;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 11616
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.0.0
205.209.120.173200 OK 1.1 kB URL HTTP/2 www.hemayass.ae/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.0.0
IP 205.209.120.173:0
File type ASCII text, with very long lines (4933), with no line terminators
Hash 8f2da34c6f082c7bec00f9cca661fd59
d0de5b6b29a9788a64826b833465a9d08f7c2ab7
d461fea6636b26aab698f636b2518709cb79416c7d3916d6b03497c4d75befdd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.0.0 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: text/css
last-modified: Sat, 03 Sep 2022 07:55:31 GMT
etag: "1345-63130873-26bb65443b702a57;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1109
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3c9181805c5f044ddba620a04feb8290
255f6b960dced20407671acb01d06bb77310b844
578c9433d900b9ce7d47714241968d7aa68f102fa548199a531ac1fc358c230b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "578C9433D900B9CE7D47714241968D7AA68F102FA548199A531AC1FC358C230B"
Last-Modified: Wed, 11 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 12 Jan 2023 20:02:14 GMT
Date: Thu, 12 Jan 2023 14:02:14 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash b1f465f2178efe2786ee28d13fb5e76d
777860d696be5da2a3e844ff1d29e8589cafe5a9
27d9f7abe75dd3a91116324e0f0769191432f1425ebdc17ffa67085e7c747deb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 14:02:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.hemayass.ae/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.0.0
205.209.120.173200 OK 21 kB URL HTTP/2 www.hemayass.ae/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.0.0
IP 205.209.120.173:0
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash 844842439ba060ee255a40ec00e69ff5
a37c3b78aeea3c7d58a6e59bfa99ff3d81ec5b8c
169af0ea951379b0d2a47976e8e76c6684fb2c92146e23c31e57079b9cacdba2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.0.0 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: text/css
last-modified: Sat, 03 Sep 2022 07:55:31 GMT
etag: "333cb-63130873-333b534b0381e8d7;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 20786
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-includes/css/classic-themes.min.css?ver=1
205.209.120.173200 OK 144 B URL HTTP/2 www.hemayass.ae/wp-includes/css/classic-themes.min.css?ver=1
IP 205.209.120.173:0
Hash fcbd239f30d9a6dd1f3637f291143d37
2871bf7d98af3f43e42f7fa32808048e7134fabf
c2f98e9d71f782b7a3266cd337c61ae6c8dcbb7203669c07852aa2ab65ab6144
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 20:27:02 GMT
etag: "d9-6362d296-21c74c46432307bb;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 144
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
205.209.120.173200 OK 848 B URL HTTP/2 www.hemayass.ae/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP 205.209.120.173:0
Hash c962ba8e7d42ff9da18392b41dad5151
7b89bc5e6ad161df2e6d7f7fb3ad894aa04b827f
322a4949c5bdd82eb80c13bbbd407ce30a7ad226685c54270d246cb6960e524e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: text/css
last-modified: Sat, 03 Sep 2022 07:55:20 GMT
etag: "aab-63130868-b44c56b44855c414;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 848
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/panthar-core/assets/css/icomoon.css?ver=1.0.0
205.209.120.173200 OK 869 B URL HTTP/2 www.hemayass.ae/wp-content/plugins/panthar-core/assets/css/icomoon.css?ver=1.0.0
IP 205.209.120.173:0
Hash 17c2b5c84fe349a10e4f54708edb31ad
b54f8ee57739d0f65c46ad536682f9082b8a54c6
bb859ad60d5ef28e67c568486ab6f2e87ee52599c66c51a0cbc033575c343640
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/panthar-core/assets/css/icomoon.css?ver=1.0.0 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: text/css
last-modified: Sat, 03 Sep 2022 07:55:20 GMT
etag: "137c-63130868-a38a8fde4901238d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 869
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/panthar-core/assets/css/owl.carousel.min.css?ver=1.0.0
205.209.120.173200 OK 1.0 kB URL HTTP/2 www.hemayass.ae/wp-content/plugins/panthar-core/assets/css/owl.carousel.min.css?ver=1.0.0
IP 205.209.120.173:0
Hash e8049e4a8a97b552ee59bd917f996641
814465c710f8824123d0528b1558a208b2fce825
d4a61b2530477c829af156b99a5da0bb6869a36c360369122519718b913a184b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/panthar-core/assets/css/owl.carousel.min.css?ver=1.0.0 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: text/css
last-modified: Sat, 03 Sep 2022 07:55:20 GMT
etag: "1322-63130868-4ea77bcb3f2412d6;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1004
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/panthar-core/assets/css/slick.css?ver=1.0.0
205.209.120.173200 OK 448 B URL HTTP/2 www.hemayass.ae/wp-content/plugins/panthar-core/assets/css/slick.css?ver=1.0.0
IP 205.209.120.173:0
Hash 0fbbd54a13196db4129a25a8e6ceb18c
40735de1def019b55f2620c49375fec0a026dcd8
ed1f2e79af0f4b5e96dbbc9af48b7ed7413cbe8b9d844c93b11c4c3ae79b7316
GET /wp-content/plugins/panthar-core/assets/css/slick.css?ver=1.0.0 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: text/css
last-modified: Sat, 03 Sep 2022 07:55:20 GMT
etag: "6b1-63130868-33c343b462456d2f;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 448
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/panthar-core/assets/css/font-awesome.min.css?ver=5.12.0
205.209.120.173200 OK 12 kB URL HTTP/2 www.hemayass.ae/wp-content/plugins/panthar-core/assets/css/font-awesome.min.css?ver=5.12.0
IP 205.209.120.173:0
File type ASCII text, with very long lines (56589)
Hash 0b6a5aef76a9b68b1a5935b872d1e9de
508c0bcae39dee7387697e46c2fc8ecfc433d5b3
b2c43cc10ba734b5ab8847582cb7ed6a2cfe5723ea97f0002a26953ff3b3e8d0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/panthar-core/assets/css/font-awesome.min.css?ver=5.12.0 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: text/css
last-modified: Sat, 03 Sep 2022 07:55:20 GMT
etag: "ddc3-63130868-ceb3fbf00767148c;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 11849
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/panthar-core/assets/css/main-style-ltr.css?ver=1.0.0
205.209.120.173200 OK 31 kB URL HTTP/2 www.hemayass.ae/wp-content/plugins/panthar-core/assets/css/main-style-ltr.css?ver=1.0.0
IP 205.209.120.173:0
File type Unicode text, UTF-8 text, with very long lines (552)
Hash 271cc8bc4c7c051e15adde1b0108a3a8
07e9376065778f357e5d681fe5861de5000a3ac4
6517a3a1757ebd32923dfe019d8e746f54b8966c8b7a6973049165083eafcd49
GET /wp-content/plugins/panthar-core/assets/css/main-style-ltr.css?ver=1.0.0 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: text/css
last-modified: Sat, 03 Sep 2022 07:55:20 GMT
etag: "3ae84-63130868-d0879cdd6018f0c4;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 31197
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.8.2
205.209.120.173200 OK 2.3 kB URL HTTP/2 www.hemayass.ae/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.8.2
IP 205.209.120.173:0
File type ASCII text, with very long lines (17809), with no line terminators
Hash 09d93f4de720fc11a2944fea38fcafcd
e46cf6a8d3373c7fa5feba0b30cd9b9983f719b2
cf900721be13309b96cf6c6f56b1c0a40194e8aea1b0a0361739219c9c0f9998
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.8.2 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: text/css
last-modified: Sat, 03 Sep 2022 07:55:29 GMT
etag: "4591-63130871-f75c422c8226b2cd;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2329
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.8.2
205.209.120.173200 OK 8.4 kB URL HTTP/2 www.hemayass.ae/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.8.2
IP 205.209.120.173:0
File type Unicode text, UTF-8 text, with very long lines (62753), with no line terminators
Hash 60aea8fe062ea93aa6dfa342ea23b7fd
bf9a4843acf8f1f116ef2cae7fb40a9a2f37253a
7db430ef3124de87a8a33cf0ffe134a86bff67de803eea16f4b3ed4d2d569d4f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.8.2 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: text/css
last-modified: Sat, 03 Sep 2022 07:55:29 GMT
etag: "f523-63130871-f577e29748071a08;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 8432
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/themes/panthar/assets/css/animate.css?ver=1673532134
205.209.120.173200 OK 4.0 kB URL HTTP/2 www.hemayass.ae/wp-content/themes/panthar/assets/css/animate.css?ver=1673532134
IP 205.209.120.173:0
File type ASCII text, with very long lines (57919)
Hash 73de5cf3445f71ea0229ecbe2157def0
61b53251e7f155d8ca19cb236f3a573e0de675e7
29086512a559143cfb63a5082f3e8f4873b5c0d542854cfab3ef72776a43da5c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/panthar/assets/css/animate.css?ver=1673532134 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: text/css
last-modified: Sat, 03 Sep 2022 07:55:08 GMT
etag: "e311-6313085c-21b43034e1c4b8d2;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4011
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/themes/panthar/assets/css/icomoon.css?ver=1673532134
205.209.120.173200 OK 869 B URL HTTP/2 www.hemayass.ae/wp-content/themes/panthar/assets/css/icomoon.css?ver=1673532134
IP 205.209.120.173:0
Hash faa5f73150685a9c897660c2942ce251
8c9a780b9f71d338ed8952753e46b2fff35e7f6d
05837fcf16f93955f61402b18625eb5b8ea871876f760f4d176990ef988bcb6d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/panthar/assets/css/icomoon.css?ver=1673532134 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: text/css
last-modified: Sat, 03 Sep 2022 07:55:08 GMT
etag: "137b-6313085c-ac5f414fca39d7d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 869
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
205.209.120.173200 OK 6.7 kB URL HTTP/2 www.hemayass.ae/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 205.209.120.173:0
File type ASCII text, with very long lines (30837)
Hash 5dbbe85d6a3308dceb97d91b740b0f11
3f70abf9963371962665167f98ba52365481496d
751d4fdd16bd33cc9c93bcaadcd316922ca9bbd74cb6a9e1705c8bef4330dabf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: text/css
last-modified: Sat, 03 Sep 2022 07:55:23 GMT
etag: "7917-6313086b-a6b2d5ef18e8fa44;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6657
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/themes/panthar/assets/css/magnific-popup.css?ver=1673532134
205.209.120.173200 OK 1.4 kB URL HTTP/2 www.hemayass.ae/wp-content/themes/panthar/assets/css/magnific-popup.css?ver=1673532134
IP 205.209.120.173:0
File type ASCII text, with very long lines (5235), with no line terminators
Hash 30f96dcedb12942dbda36a64348cabeb
5662ec6ab79f0607b9f002419d449606589f4217
ef087a2d2ea20356ff3ed660e2b79b735784e1f0a13fc7f212fc602f36c5adfd
GET /wp-content/themes/panthar/assets/css/magnific-popup.css?ver=1673532134 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: text/css
last-modified: Sat, 03 Sep 2022 07:55:08 GMT
etag: "1473-6313085c-2c396c09d24c8201;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1401
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/themes/panthar/assets/css/responsive.css?ver=1673532134
205.209.120.173200 OK 3.9 kB URL HTTP/2 www.hemayass.ae/wp-content/themes/panthar/assets/css/responsive.css?ver=1673532134
IP 205.209.120.173:0
Hash e80c18bc4a262c3ec9da5da9da41fb1c
b6a317d3b45787da513c9dd127431d6c028f7675
c7553d024180d2c1bfc6070c2f94e05a10ebb4bdbbca5f6c47963b55165b8419
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/panthar/assets/css/responsive.css?ver=1673532134 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: text/css
last-modified: Sat, 03 Sep 2022 07:55:08 GMT
etag: "57bc-6313085c-3eda5f15a3cc92;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3906
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/themes/panthar/assets/css/woocommerce-style.css?ver=1673532134
205.209.120.173200 OK 7.8 kB URL HTTP/2 www.hemayass.ae/wp-content/themes/panthar/assets/css/woocommerce-style.css?ver=1673532134
IP 205.209.120.173:0
Hash 4d700e2d6a3ff23e5a97bd670281d646
3c56a201e667e89fa7ab139d792a579a307ce6ed
3337ef0cff93f87a85a2603ba013d67d941ae6572089cb937782dd9f290a8b7a
GET /wp-content/themes/panthar/assets/css/woocommerce-style.css?ver=1673532134 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: text/css
last-modified: Sat, 03 Sep 2022 07:55:08 GMT
etag: "eec0-6313085c-c983c8786ecafdee;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 7797
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/themes/panthar/style.css?ver=6.1.1
205.209.120.173200 OK 822 B URL HTTP/2 www.hemayass.ae/wp-content/themes/panthar/style.css?ver=6.1.1
IP 205.209.120.173:0
File type Unicode text, UTF-8 text, with very long lines (708)
Hash 1ae1219a8816e25f01cd9685cd4c09aa
31c7c71f387635937511e276af9e7db7cc94fa1c
5d297ab21601396c2dca0a2f8107a876e8f88f83110e27fdfdcba0853ff822aa
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/panthar/style.css?ver=6.1.1 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: text/css
last-modified: Tue, 06 Sep 2022 14:15:14 GMT
etag: "6db-631755f2-a46c32e0392cce4c;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 822
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
205.209.120.173200 OK 3.6 kB URL HTTP/2 www.hemayass.ae/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP 205.209.120.173:0
File type ASCII text, with very long lines (19233)
Hash af3bdf44d09914e8adb51fec560d8816
84bb225e096bab405868dd504e62133ba75cf1c1
4325dab21d3eb9efb8e285a0926be743f27e46446ccf5f9be65bb4b60c024152
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: text/css
last-modified: Sat, 03 Sep 2022 07:55:23 GMT
etag: "4b4f-6313086b-c12e9c136574bf38;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3629
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.4
205.209.120.173200 OK 13 kB URL HTTP/2 www.hemayass.ae/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.4
IP 205.209.120.173:0
File type ASCII text, with very long lines (65497)
Hash c8d9969fa74f0f79b42e7fa4a7662eb3
68aaaa10eae6e5fb7f54f7fabbd94250e7f2d298
60f71732839a0168dcacfd2284394a566501417d6f69f46c39c5dd0808cfd8a1
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.4 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: text/css
last-modified: Sat, 03 Sep 2022 07:55:23 GMT
etag: "1a788-6313086b-76c770a06edc21d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 12987
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/uploads/elementor/css/post-6.css?ver=1662196146
205.209.120.173200 OK 305 B URL HTTP/2 www.hemayass.ae/wp-content/uploads/elementor/css/post-6.css?ver=1662196146
IP 205.209.120.173:0
File type ASCII text, with very long lines (1117), with no line terminators
Hash bd4f73d4498f633bfa143151881ab1fe
b58084f88b4d3cd6dfd338e00ff2c1e9a0def207
d7d05c524dd575f7b49ee9bfd6593256c23f38810af32610aa440c0a9e83eea9
GET /wp-content/uploads/elementor/css/post-6.css?ver=1662196146 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: text/css
last-modified: Sat, 03 Sep 2022 09:09:06 GMT
etag: "45d-631319b2-99ea8d27779589a4;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 305
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/uploads/elementor/css/global.css?ver=1662196146
205.209.120.173200 OK 778 B URL HTTP/2 www.hemayass.ae/wp-content/uploads/elementor/css/global.css?ver=1662196146
IP 205.209.120.173:0
File type ASCII text, with very long lines (6697)
Hash b02024ddcc232eb08d1538fdd154c40c
6b0b30c62554ae7412ff5979569111708c93a0ba
a8cb4f4a5c8cb9e53438af9440ccbc925957a779e6ce54efd5f0d0338db7d05d
GET /wp-content/uploads/elementor/css/global.css?ver=1662196146 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: text/css
last-modified: Sat, 03 Sep 2022 09:09:06 GMT
etag: "25f8-631319b2-7b2c473354af364e;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 778
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/uploads/elementor/css/post-6364.css?ver=1670515714
205.209.120.173200 OK 513 B URL HTTP/2 www.hemayass.ae/wp-content/uploads/elementor/css/post-6364.css?ver=1670515714
IP 205.209.120.173:0
File type ASCII text, with very long lines (2511), with no line terminators
Hash a8aacaa264d7b31f04821757d65c2d4c
a593304f20acf9d3aa4bec4e59c99461fbb7a4d6
990ae91bf6996b7f2d5bf4b0d7dd7fa2f44afedb4696dc98b6ae4543b4e0e65f
GET /wp-content/uploads/elementor/css/post-6364.css?ver=1670515714 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: text/css
last-modified: Thu, 08 Dec 2022 16:08:34 GMT
etag: "9cf-63920c02-7ed672705e20f36a;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 513
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
205.209.120.173200 OK 30 kB URL HTTP/2 www.hemayass.ae/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 205.209.120.173:0
File type ASCII text, with very long lines (65447)
Hash 3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 20:27:01 GMT
etag: "15e54-6362d295-cef5b96b9a6d53dc;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 30324
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
205.209.120.173200 OK 4.0 kB URL HTTP/2 www.hemayass.ae/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 205.209.120.173:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
etag: "2bd8-5fb577a6-559484b1744ea015;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3995
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
205.209.120.173200 OK 3.7 kB URL HTTP/2 www.hemayass.ae/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
IP 205.209.120.173:0
File type HTML document, ASCII text, with very long lines (12211), with no line terminators
Hash b3777786fbf0ac18aa59c687154a9db8
3f24b0cfae49dc3e70f149edaf203a661cd59c88
8e3993f3b5eb33611a7c40d80d1cb048b4329ebb9ad0d9e8eb583e48fda70bb5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: application/javascript
last-modified: Sat, 03 Sep 2022 07:55:20 GMT
etag: "2fb3-63130868-819e7e4bca2ad842;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3689
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/panthar-core/assets/js/wow.min.js?ver=1.0.0
205.209.120.173200 OK 2.6 kB URL HTTP/2 www.hemayass.ae/wp-content/plugins/panthar-core/assets/js/wow.min.js?ver=1.0.0
IP 205.209.120.173:0
File type ASCII text, with very long lines (8385), with CRLF line terminators
Hash f101be151d34fc6aa063c15fca9424c7
e07274f12af2ebac7e04cd43c406054b041da795
769d7bb6f79a961d1292584985c450a0bbe1c2e3f8bb2cca160e4d66222dae3b
GET /wp-content/plugins/panthar-core/assets/js/wow.min.js?ver=1.0.0 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: application/javascript
last-modified: Sat, 03 Sep 2022 07:55:20 GMT
etag: "20e0-63130868-9f9fbb070b74083b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2576
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/panthar-core/assets/js/waypoints.min.js?ver=1.0.0
205.209.120.173200 OK 2.5 kB URL HTTP/2 www.hemayass.ae/wp-content/plugins/panthar-core/assets/js/waypoints.min.js?ver=1.0.0
IP 205.209.120.173:0
File type ASCII text, with very long lines (7808)
Hash c5caa8567f12989b5b77097e164196ac
a983cdf44314a6a2ab08b8c34290cc8861c0d8d8
5344e700c28cf98a8442240bf1f51a6de71b697369ab729ce1c90cfb42b3dea8
GET /wp-content/plugins/panthar-core/assets/js/waypoints.min.js?ver=1.0.0 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: application/javascript
last-modified: Sat, 03 Sep 2022 07:55:20 GMT
etag: "1f6c-63130868-c6ab0710b51cbdf3;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2461
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/panthar-core/assets/js/pie-chart.js?ver=1.0.0
205.209.120.173200 OK 3.1 kB URL HTTP/2 www.hemayass.ae/wp-content/plugins/panthar-core/assets/js/pie-chart.js?ver=1.0.0
IP 205.209.120.173:0
File type ASCII text, with CRLF line terminators
Hash b3cf9e342cbce86cb9f8a75423e19b39
bd24aeea3f9f606cdde3e2542c56d6fa9f455cab
65ce3603a686f11ea79880f26a9a2317196d67c8cb316ac79836ee9aed91a280
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/panthar-core/assets/js/pie-chart.js?ver=1.0.0 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: application/javascript
last-modified: Sat, 03 Sep 2022 07:55:20 GMT
etag: "30fb-63130868-e9d4bad53232e557;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3085
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/panthar-core/assets/js/jquery.counterup.min.js?ver=1.0.0
205.209.120.173200 OK 496 B URL HTTP/2 www.hemayass.ae/wp-content/plugins/panthar-core/assets/js/jquery.counterup.min.js?ver=1.0.0
IP 205.209.120.173:0
File type ASCII text, with very long lines (917)
Hash 2232520d40c725142b8050168dc2f6cb
7cfcb359e148c475a6bc291058376798827de022
c958cb4dad52ed8fac81b75ea4ef6e900bbbf084487470d6c95daa4a0c0b56ea
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/panthar-core/assets/js/jquery.counterup.min.js?ver=1.0.0 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: application/javascript
last-modified: Sat, 03 Sep 2022 07:55:20 GMT
etag: "42b-63130868-9698453aa0552493;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 496
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/themes/panthar/assets/css/bootstrap.min.css?ver=1673532134
205.209.120.173200 OK 18 kB URL HTTP/2 www.hemayass.ae/wp-content/themes/panthar/assets/css/bootstrap.min.css?ver=1673532134
IP 205.209.120.173:0
File type ASCII text, with very long lines (65325)
Hash b177c7cad2a586f51618809048501772
3922c1342ecc127d7ca1de813cdf9fe43ec92148
45c3158fae349bb66e3de939b201d25ba1f081d9d032a862ca7db8c4a6cc88c3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/panthar/assets/css/bootstrap.min.css?ver=1673532134 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: text/css
last-modified: Sat, 03 Sep 2022 07:55:08 GMT
etag: "235bf-6313085c-d0c9222894a5fb88;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 18543
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/themes/panthar/assets/css/main-style-ltr.css?ver=1673532134
205.209.120.173200 OK 31 kB URL HTTP/2 www.hemayass.ae/wp-content/themes/panthar/assets/css/main-style-ltr.css?ver=1673532134
IP 205.209.120.173:0
File type Unicode text, UTF-8 text, with very long lines (552)
Hash 98757fc819c78a4e3591fe05c72218f5
7537d27ecd59fd5c925e43326c26ca10a0e717a0
49f26428475e108bee9e79840d4efe3e26acdd7e7424448f1362f4fc1317dd08
GET /wp-content/themes/panthar/assets/css/main-style-ltr.css?ver=1673532134 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: text/css
last-modified: Sat, 03 Sep 2022 07:55:08 GMT
etag: "3afc3-6313085c-e04bb40e98a7ecd5;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 31248
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/panthar-core/assets/js/jQuery.rProgressbar.min.js?ver=1.0.0
205.209.120.173200 OK 22 kB URL HTTP/2 www.hemayass.ae/wp-content/plugins/panthar-core/assets/js/jQuery.rProgressbar.min.js?ver=1.0.0
IP 205.209.120.173:0
File type ASCII text, with CRLF line terminators
Hash 6012a45af40b8ccd23e3484888d4a3f3
46421cb2aad6898436cd02112ee795ad96720acc
96855680f9440c9ec6469a6e8c6927cbb45e8f035e343d291923f7aecab612ee
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/panthar-core/assets/js/jQuery.rProgressbar.min.js?ver=1.0.0 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: application/javascript
last-modified: Sat, 03 Sep 2022 07:55:20 GMT
etag: "17865-63130868-6814903bc5d6a34b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 21667
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/panthar-core/assets/js/owl.carousel.min.js?ver=1.0.0
205.209.120.173200 OK 11 kB URL HTTP/2 www.hemayass.ae/wp-content/plugins/panthar-core/assets/js/owl.carousel.min.js?ver=1.0.0
IP 205.209.120.173:0
File type ASCII text, with very long lines (35949)
Hash c898d78b781a70d9e834d198a70e9f57
64e919c761fbc2d1d21b74108fd45af7c577211c
dcb5ad2ed4ff7ca10232382e17a63e6a7fc38ace6b018d47c340e448fc20f96f
GET /wp-content/plugins/panthar-core/assets/js/owl.carousel.min.js?ver=1.0.0 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:15 GMT
content-type: application/javascript
last-modified: Sat, 03 Sep 2022 07:55:20 GMT
etag: "b196-63130868-adc2fb03b528d3bc;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 10798
date: Thu, 12 Jan 2023 14:02:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/panthar-core/assets/js/slick.min.js?ver=1.0.0
205.209.120.173200 OK 10 kB URL HTTP/2 www.hemayass.ae/wp-content/plugins/panthar-core/assets/js/slick.min.js?ver=1.0.0
IP 205.209.120.173:0
File type ASCII text, with very long lines (42862), with no line terminators
Hash fe1ce28bf28ca69f2e544b957d4d5e31
26e9b60bcabf34865c8966abdb7fce4850ee8cab
f94d70bca2cffef87f0e45382f17eb2e44456e755178c93b79425fd646bab773
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/panthar-core/assets/js/slick.min.js?ver=1.0.0 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:15 GMT
content-type: application/javascript
last-modified: Sat, 03 Sep 2022 07:55:20 GMT
etag: "a76e-63130868-3fb4f1944cff3316;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 10093
date: Thu, 12 Jan 2023 14:02:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/panthar-core/assets/js/main.js?ver=1.0.0
205.209.120.173200 OK 2.5 kB URL HTTP/2 www.hemayass.ae/wp-content/plugins/panthar-core/assets/js/main.js?ver=1.0.0
IP 205.209.120.173:0
Hash 242baa6acfab1b972f0e987e692e4d78
1949586703aeabc1f59571b81bb97a3a9eca58f6
4d91f056430f81834e1ddd4ddd9f9e99adf7341d8dc4f71be61eac4a6e37dbb9
GET /wp-content/plugins/panthar-core/assets/js/main.js?ver=1.0.0 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:15 GMT
content-type: application/javascript
last-modified: Sat, 03 Sep 2022 07:55:20 GMT
etag: "6f14-63130868-88ca37ebad8429e3;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2512
date: Thu, 12 Jan 2023 14:02:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.2
205.209.120.173200 OK 3.2 kB URL HTTP/2 www.hemayass.ae/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.2
IP 205.209.120.173:0
File type ASCII text, with very long lines (9115)
Hash 66c388e07cfb57895688b3347ab7290b
f23bd7a31995b3b19924575f2afa297a29257856
3971f3ab5179d1f4f91d2c102f27c2bf1dac2c04e2f62ff3eae3ebfa8c28494e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.2 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:15 GMT
content-type: application/javascript
last-modified: Sat, 03 Sep 2022 07:55:29 GMT
etag: "2525-63130871-3a6e9f782ff401b9;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3245
date: Thu, 12 Jan 2023 14:02:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.8.2
205.209.120.173200 OK 974 B URL HTTP/2 www.hemayass.ae/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.8.2
IP 205.209.120.173:0
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash fd8b126d3265cc6afc5b672273f78531
5058e579885cccf36c44bdeb5b7318bd75952af9
72da6709db061566cb5f67322f674a77f68acb69ac6181d37f9ca4a1bb7287b7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.8.2 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:15 GMT
content-type: application/javascript
last-modified: Sat, 03 Sep 2022 07:55:29 GMT
etag: "bdd-63130871-9f2e8c262e72d60b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 974
date: Thu, 12 Jan 2023 14:02:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.2
205.209.120.173200 OK 899 B URL HTTP/2 www.hemayass.ae/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.2
IP 205.209.120.173:0
File type ASCII text, with very long lines (1668)
Hash 22d65ba38528349e705d912ce26bf8ac
c89ba006009043d93b88ff155b4fec8797330550
6253bcb85e4267ad3ba843145534e729ee2c1d7e85e5b4ab5b2e074ae636bca3
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.2 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:15 GMT
content-type: application/javascript
last-modified: Sat, 03 Sep 2022 07:55:29 GMT
etag: "72a-63130871-14430216b9319c19;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 899
date: Thu, 12 Jan 2023 14:02:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.8.2
205.209.120.173200 OK 677 B URL HTTP/2 www.hemayass.ae/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.8.2
IP 205.209.120.173:0
File type ASCII text, with very long lines (2139), with no line terminators
Hash a43fc0dde8fdd69656ad0957e62849c7
4b07cf702ac8a770c8cbffc22b9a788b6e5389ba
1ce3d0493424870c81deec0ec41de0592d2af9f91cd8081cd40a1d7ea89b614f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.8.2 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:15 GMT
content-type: application/javascript
last-modified: Sat, 03 Sep 2022 07:55:29 GMT
etag: "85b-63130871-24ab85de8832e5ae;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 677
date: Thu, 12 Jan 2023 14:02:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.2
205.209.120.173200 OK 934 B URL HTTP/2 www.hemayass.ae/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.2
IP 205.209.120.173:0
File type ASCII text, with very long lines (2938), with no line terminators
Hash cf25dd071a208312bdc07f34d2cee027
76119563119eaae392ecc8903c989d98d0b93002
8635ba2cad8f887e72779bd526f8738ff6343c74cba715caf2eddea383ba7ce6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.2 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:15 GMT
content-type: application/javascript
last-modified: Sat, 03 Sep 2022 07:55:29 GMT
etag: "b7a-63130871-13fcbbd6550c3a43;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 934
date: Thu, 12 Jan 2023 14:02:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/themes/panthar/assets/js/bootstrap.min.js?ver=1.0.2
205.209.120.173200 OK 12 kB URL HTTP/2 www.hemayass.ae/wp-content/themes/panthar/assets/js/bootstrap.min.js?ver=1.0.2
IP 205.209.120.173:0
File type ASCII text, with very long lines (48664)
Hash 92c9b235ca0871c86ea515a508d7cc97
5121bdb0438bd527ee033c235d2403b2e3802c9d
e5625580435454bae6b8317b9ce58db9597e568793a1ad4156440c75ca24c7cf
GET /wp-content/themes/panthar/assets/js/bootstrap.min.js?ver=1.0.2 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:15 GMT
content-type: application/javascript
last-modified: Sat, 03 Sep 2022 07:55:08 GMT
etag: "bf07-6313085c-9150d27d8a067dd4;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 12514
date: Thu, 12 Jan 2023 14:02:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/themes/panthar/assets/js/jquery.magnific-popup.js?ver=1.0.2
205.209.120.173200 OK 7.0 kB URL HTTP/2 www.hemayass.ae/wp-content/themes/panthar/assets/js/jquery.magnific-popup.js?ver=1.0.2
IP 205.209.120.173:0
File type ASCII text, with very long lines (20087)
Hash f5e275bd34668dca4972a4cceccd7907
cba188e35681cd77cfcbd026aac16315747fab12
7874f3927ffd30d189723404d3fb9699e728955b083abeccc9a988890b4b2ede
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/panthar/assets/js/jquery.magnific-popup.js?ver=1.0.2 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:15 GMT
content-type: application/javascript
last-modified: Sat, 03 Sep 2022 07:55:08 GMT
etag: "4ef8-6313085c-178798850d972584;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 7043
date: Thu, 12 Jan 2023 14:02:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/themes/panthar/assets/js/main.js?ver=1.0.2
205.209.120.173200 OK 950 B URL HTTP/2 www.hemayass.ae/wp-content/themes/panthar/assets/js/main.js?ver=1.0.2
IP 205.209.120.173:0
Hash 431763e2a0b1ba7fab10c48035460ec7
e4e6224cbd954f693d77c374d8a7ec9b6934befc
e5d24cf42fb9468fce322ed9903983e40731e9a6c817ca97a01491d64e031e7e
GET /wp-content/themes/panthar/assets/js/main.js?ver=1.0.2 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:15 GMT
content-type: application/javascript
last-modified: Sat, 03 Sep 2022 07:55:08 GMT
etag: "1298-6313085c-ec675afc9398f74e;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 950
date: Thu, 12 Jan 2023 14:02:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.4
205.209.120.173200 OK 2.0 kB URL HTTP/2 www.hemayass.ae/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.4
IP 205.209.120.173:0
File type ASCII text, with very long lines (4918)
Hash 5bdb04863f888d472d03a3205f7f7a8b
3758dcce12cf8c4f294cc9951aa6f38e6b15a282
ca27a8bc03b726be34834cf353304800de7ce76097903c592416e3be851acf74
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.4 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:15 GMT
content-type: application/javascript
last-modified: Sat, 03 Sep 2022 07:55:22 GMT
etag: "135d-6313086a-2a0863a12a61fa94;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2044
date: Thu, 12 Jan 2023 14:02:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.4
205.209.120.173200 OK 10 kB URL HTTP/2 www.hemayass.ae/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.4
IP 205.209.120.173:0
File type Unicode text, UTF-8 text, with very long lines (32889)
Hash 1eddddd51b158817a86a3e7620f6abd1
590d7ed0319e6741695ddc7437839025aca96fc8
41ccbee929188c2d9549655cc19dd14842d2dff45cb7238914587ab0a10704a1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.4 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:15 GMT
content-type: application/javascript
last-modified: Sat, 03 Sep 2022 07:55:22 GMT
etag: "80a1-6313086a-1df98f6d90b5fdc4;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 10420
date: Thu, 12 Jan 2023 14:02:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
205.209.120.173200 OK 2.9 kB URL HTTP/2 www.hemayass.ae/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 205.209.120.173:0
File type ASCII text, with very long lines (12198), with no line terminators
Hash 869caa171b68cbec9fee5abbfb944ee8
f237e485e41f88b77384cfdb880f9d5a8f46eac8
25c2896e2790fb0e52f6b6ba1ce97bd87eb40463b4bb65ba16ad434c1d7a36dc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:15 GMT
content-type: application/javascript
last-modified: Sat, 03 Sep 2022 07:55:23 GMT
etag: "2fa6-6313086b-e9eaa534fe2e392d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2867
date: Thu, 12 Jan 2023 14:02:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
205.209.120.173200 OK 6.8 kB URL HTTP/2 www.hemayass.ae/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 205.209.120.173:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 3d0ff0f6731d9cef860af9a5a0e3ce62
13aed444304d782039e261475c8b4450b83e743e
e8d05db77732c71843ced6f386ea82eb32243ac36e7ca3e071cb7f53e2ffbce5
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:15 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 20:27:01 GMT
etag: "53c0-6362d295-a2854fb23c7fe5c7;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6800
date: Thu, 12 Jan 2023 14:02:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.4
205.209.120.173200 OK 12 kB URL HTTP/2 www.hemayass.ae/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.4
IP 205.209.120.173:0
File type ASCII text, with very long lines (40474)
Hash bed5294545a08ab8e398f51ac23dd0c0
deb2da328e73d56c09672e6af5c6050ca696b459
39da421b4afc6cb3ca1be876f9668d0f60ee560a6cd43a9a25b507f6c1c1fbd3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.4 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:15 GMT
content-type: application/javascript
last-modified: Sat, 03 Sep 2022 07:55:22 GMT
etag: "9e41-6313086a-e0067a3f43ac1342;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 11703
date: Thu, 12 Jan 2023 14:02:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
205.209.120.173200 OK 4.6 kB URL HTTP/2 www.hemayass.ae/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 205.209.120.173:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:15 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 15:26:24 GMT
etag: "48b9-62559a20-9fcb3aa302f4e2c2;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4619
date: Thu, 12 Jan 2023 14:02:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 71e87185e70f595e12a3613f1ac35c67
f1818783717cc0cb399a0bcddb8a9029cf7166d1
dff5f1029a06d6f1ed59e1f3e33af77d2ac550553d9fc69be48c2a81093dc2db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 14:02:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.227200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hemayass.ae
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 13:33:11 GMT
expires: Sat, 06 Jan 2024 13:33:11 GMT
cache-control: public, max-age=31536000
age: 520144
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 71e87185e70f595e12a3613f1ac35c67
f1818783717cc0cb399a0bcddb8a9029cf7166d1
dff5f1029a06d6f1ed59e1f3e33af77d2ac550553d9fc69be48c2a81093dc2db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 14:02:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13878
Expires: Thu, 12 Jan 2023 17:53:33 GMT
Date: Thu, 12 Jan 2023 14:02:15 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13878
Expires: Thu, 12 Jan 2023 17:53:33 GMT
Date: Thu, 12 Jan 2023 14:02:15 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13878
Expires: Thu, 12 Jan 2023 17:53:33 GMT
Date: Thu, 12 Jan 2023 14:02:15 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13878
Expires: Thu, 12 Jan 2023 17:53:33 GMT
Date: Thu, 12 Jan 2023 14:02:15 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13878
Expires: Thu, 12 Jan 2023 17:53:33 GMT
Date: Thu, 12 Jan 2023 14:02:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a23d61d610c7b55d943fcb2636a01b65
82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065
28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: 9f388939-cfb7-432e-a921-e9188736bb45
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eTw5QGZ6oAMFxQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7c83b-4f9d5bfc30e5ee126333d54e;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 07:05:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hYVWaQnzP-UnHWvrvXDoy_0YErGDaS7hVjDTVHWVoSKqAEjDIdG1Tg==
via: 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 15:14:23 GMT
age: 82072
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a708649e0d6b128eb599b221445a8e06
59f9b06ee8e4c9608e29e7b19832fb925789f373
b4e17cfdee53b56ac33cb5a86253e4839ed7bd9bb1604209834bb22d881472f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7140
x-amzn-requestid: 96450c55-6068-4946-9e5f-650c19d2772a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ei739GoJIAMF0lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bdd9cc-2bf965d47a10fd61619d945f;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 21:34:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t5mK-tl3WskwkQLUXPKR2ljEW32-Yo6_BHwqP2dNVUr09WoMyxYeZw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 21:43:26 GMT
age: 58729
etag: "59f9b06ee8e4c9608e29e7b19832fb925789f373"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52f112f6-2553-4ba2-971f-71e30bee1d9c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52f112f6-2553-4ba2-971f-71e30bee1d9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fb89a11a1dca9a2924adf7e3712c6405
a881a7d88f08035b9e045f2bf73a4d9fabc640a0
8a0c9f295dd30123847eaed0ba8d4e7c2c6dea8b9c645fc70cdcb4fa8c082ee4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52f112f6-2553-4ba2-971f-71e30bee1d9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10579
x-amzn-requestid: 8760acae-f770-45e2-9639-53967ef1cdb2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emPDWET4oAMFo-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf2bae-153ebb3e4ec7d5045529ce0a;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 21:35:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FC9xd9brDeAOtHjXnkpSO0IOX1rLjGRVkuBguuwJ2xFDTq0x9-QtaQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 21:55:02 GMT
age: 58033
etag: "a881a7d88f08035b9e045f2bf73a4d9fabc640a0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f7ca4e6-30ce-4176-bdc0-c1c768327a5a.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f7ca4e6-30ce-4176-bdc0-c1c768327a5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f5be19dbab0e6de72252ad1d0a918d14
dcaad5032b156502921ee6dd453ad9d6b94eceb7
cc359e0142be054d7fc5af545b0368e44a3f8f257aa8306cac903cc3ff7a3f64
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f7ca4e6-30ce-4176-bdc0-c1c768327a5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7572
x-amzn-requestid: e59fc954-0f07-43fd-bc9e-be0a6dbe0055
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emPMAHpSIAMFc4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf2be6-23038d0606616ad81dbd2de5;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 21:36:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K2UG8x2jCqfne8ZL7KyAvZf9eR33ye8BYSIevjQmu3c_Y_a19f3sgA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 21:51:55 GMT
age: 58220
etag: "dcaad5032b156502921ee6dd453ad9d6b94eceb7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e59b65e-133d-4564-94e3-e913d5a394ac.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e59b65e-133d-4564-94e3-e913d5a394ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c49e1d8385d23251cbd4ac2574545982
f283baf033327519c05c725f2319b9465f29b1d6
dc91b181ea0e78ff27bbac3e80f3f937fe9f067ef417f02fe0095ef10fdcd1d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e59b65e-133d-4564-94e3-e913d5a394ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10382
x-amzn-requestid: a9fc1c50-7606-46cb-b49e-62e765d0c88f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emPC9GLfIAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf2bac-3cbf968a6447542b6c931ac0;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 21:35:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XCcge2Ruz-j01PJpHpnOuCiaH8OQYiQjh-IQaQ18e875_qfgqzXzGw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 21:55:02 GMT
age: 58033
etag: "f283baf033327519c05c725f2319b9465f29b1d6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fbbc90d-c4c5-45db-ac55-16077e5b0d1d.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fbbc90d-c4c5-45db-ac55-16077e5b0d1d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 94f1c1490ac711097f5eef5e6adab49d
bb41e2958d267cc2d5b24457a6048f484c8cd429
94f854077e6008b97f63419a283f70327ebc8a05794a9dd9fa0518f0f5b00e14
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fbbc90d-c4c5-45db-ac55-16077e5b0d1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8689
x-amzn-requestid: c88866a0-e22b-4f8c-b423-1d970ebde318
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: egZ9sHuuoAMFzvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bcd6bd-063dab1f2c6aaab03e5fdb9a;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 03:08:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R_7dfck1JpoBljLhEqdVOXQQxz4HERkMcGbN0-V0Q3hqNdNA9-_jrA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 03:29:07 GMT
age: 37988
etag: "bb41e2958d267cc2d5b24457a6048f484c8cd429"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.hemayass.ae/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
205.209.120.173200 OK 0 B URL HTTP/2 www.hemayass.ae/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP 205.209.120.173:0
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 14:02:14 GMT
content-type: application/javascript
last-modified: Sat, 03 Sep 2022 07:55:20 GMT
etag: "25d0-63130868-3d7b0c1c2fcb252c;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2799
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.hemayass.ae/
205.209.120.173200 OK 0 B IP 205.209.120.173:0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.hemayass.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
link: <https://www.hemayass.ae/index.php?rest_route=/>; rel="https://api.w.org/", <https://www.hemayass.ae/index.php?rest_route=/wp/v2/pages/6364>; rel="alternate"; type="application/json", <https://www.hemayass.ae/>; rel=shortlink
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Thu, 12 Jan 2023 14:02:14 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins%3A400%7CPoppins%3A500%7CPoppins%3A600%7CPoppins%3A700%7COswald%3A400%7COswald%3A500%7COswald%3A600%7COswald%3A700
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins%3A400%7CPoppins%3A500%7CPoppins%3A600%7CPoppins%3A700%7COswald%3A400%7COswald%3A500%7COswald%3A600%7COswald%3A700
IP 142.250.74.106:0
GET /css?family=Poppins%3A400%7CPoppins%3A500%7CPoppins%3A600%7CPoppins%3A700%7COswald%3A400%7COswald%3A500%7COswald%3A600%7COswald%3A700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 12 Jan 2023 14:02:14 GMT
date: Thu, 12 Jan 2023 14:02:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP 142.250.74.106:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hemayass.ae/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 12 Jan 2023 14:02:14 GMT
date: Thu, 12 Jan 2023 14:02:14 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2