ocsp.starfieldtech.com/
192.124.249.24 2.1 kB IP 192.124.249.24:0
Hash a6fb5dafe93e2d8fec489b8be676d566
761b012b4bb67cfb9fed41219f4ffea55018a12f
e66bab1fda38229d3a6948399ccacfec5b648c9cca0dbda43d09baa537c292a7
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 05 May 2024 02:49:32 GMT
Content-Type: application/ocsp-response
Content-Length: 2148
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 04 May 2024 19:55:28 GMT
Expires: Sun, 05 May 2024 19:55:28 GMT
ETag: "761b012b4bb67cfb9fed41219f4ffea55018a12f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.cookwithamber.com/wp-includes/pomo/fm.htm
192.124.249.11301 Moved Permanently 864 B URL User Request GET HTTP/1.1 www.cookwithamber.com/wp-includes/pomo/fm.htm
IP 192.124.249.11:80
File type HTML document, ASCII text
Hash 4e428049a315461fc7af591bc56b0df5
ba42596355ed4b32e624c402f67cab27854dae8f
240ffb4290c618ac72a84a4d6f602fbf4e40ee382cf80e203a10e1cf730a91d5
GET /wp-includes/pomo/fm.htm HTTP/1.1
Host: www.cookwithamber.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
date: Sun, 05 May 2024 02:49:33 GMT
content-type: text/html
content-length: 864
x-sucuri-id: 19011
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 05 Mar 2024 23:31:39 GMT
etag: "360-612f23e6d4cc0"
accept-ranges: bytes
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
www.cookwithamber.com/wp-includes/pomo/fm.htm
192.124.249.11301 Moved Permanently 162 B URL User Request GET HTTP/1.1 www.cookwithamber.com/wp-includes/pomo/fm.htm
IP 192.124.249.11:80
File type HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert urlquery phishing Phishing - PayPal
GET /wp-includes/pomo/fm.htm HTTP/1.1
Host: www.cookwithamber.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: Sucuri/Cloudproxy
Date: Sun, 05 May 2024 02:49:33 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
X-Sucuri-ID: 19011
Location: https://www.cookwithamber.com/wp-includes/pomo/fm.htm
www.cookwithamber.com/wp-includes/pomo/fm.htm
192.124.249.11301 Moved Permanently 864 B URL User Request GET HTTP/1.1 www.cookwithamber.com/wp-includes/pomo/fm.htm
IP 192.124.249.11:80
File type HTML document, ASCII text
Hash 4e428049a315461fc7af591bc56b0df5
ba42596355ed4b32e624c402f67cab27854dae8f
240ffb4290c618ac72a84a4d6f602fbf4e40ee382cf80e203a10e1cf730a91d5
GET /wp-includes/pomo/fm.htm HTTP/1.1
Host: www.cookwithamber.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 05 May 2024 02:49:33 GMT
content-type: text/html
content-length: 864
x-sucuri-id: 19011
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 05 Mar 2024 23:31:39 GMT
etag: "360-612f23e6d4cc0"
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
d1a6zytsvzb7ig.cloudfront.net/newpanel/css/singlepage.css
54.230.241.161200 OK 15 kB URL GET HTTP/2 d1a6zytsvzb7ig.cloudfront.net/newpanel/css/singlepage.css
IP 54.230.241.161:443
Requested by https://www.cookwithamber.com/wp-includes/pomo/fm.htm
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (617)
Hash f006ddbc5474b7781f0f88fe2cd1ef0b
03413b1e9259195e40fe77420c038377f3d68308
32c6e3121babd73977fa812efd32f390cfed80b2fdcac8f3c1d8d99139b0fe0c
GET /newpanel/css/singlepage.css HTTP/1.1
Host: d1a6zytsvzb7ig.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cookwithamber.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
content-length: 15405
last-modified: Fri, 03 May 2024 18:43:37 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 05 May 2024 02:34:12 GMT
etag: "f006ddbc5474b7781f0f88fe2cd1ef0b"
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AfrioypvmBVov4JF2Y9y1gaReuZ4YlV-kw3CtlAsgcABJq1fq4UtaQ==
age: 1700
X-Firefox-Spdy: h2
d1a6zytsvzb7ig.cloudfront.net/newpanel/css/singlepage.css
54.230.241.161200 OK 15 kB URL GET HTTP/2 d1a6zytsvzb7ig.cloudfront.net/newpanel/css/singlepage.css
IP 54.230.241.161:443
Requested by https://www.cookwithamber.com/wp-includes/pomo/fm.htm
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (617)
Hash f006ddbc5474b7781f0f88fe2cd1ef0b
03413b1e9259195e40fe77420c038377f3d68308
32c6e3121babd73977fa812efd32f390cfed80b2fdcac8f3c1d8d99139b0fe0c
GET /newpanel/css/singlepage.css HTTP/1.1
Host: d1a6zytsvzb7ig.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cookwithamber.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
content-length: 15405
last-modified: Fri, 03 May 2024 18:43:37 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 05 May 2024 02:34:12 GMT
etag: "f006ddbc5474b7781f0f88fe2cd1ef0b"
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uI30Y8mEbieqj1mvmCnUb250rhKOJtAnnxN-9ouA38dyuARF-nrVzg==
age: 1700
X-Firefox-Spdy: h2
d1a6zytsvzb7ig.cloudfront.net/newpanel/images/logo-a.svg
54.230.241.161200 OK 5.0 kB URL GET HTTP/2 d1a6zytsvzb7ig.cloudfront.net/newpanel/images/logo-a.svg
IP 54.230.241.161:443
Requested by https://www.cookwithamber.com/wp-includes/pomo/fm.htm
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image
Hash 3117989dbc0ea62d022a35078ed49ba6
3fb8cc5cbf210f8667be5d189b4e842b4f9cab93
e1c66adbbdebbdb18d3af668d62d93004c6b7b405a63be09e72f224bec9b45ea
GET /newpanel/images/logo-a.svg HTTP/1.1
Host: d1a6zytsvzb7ig.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d1a6zytsvzb7ig.cloudfront.net/newpanel/css/singlepage.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 4959
last-modified: Fri, 03 May 2024 18:43:43 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 05 May 2024 02:34:12 GMT
etag: "3117989dbc0ea62d022a35078ed49ba6"
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HRcCGJm3F6mHcHtU0CcSoSQ-HiFn9O8t5GFfqSZWaVRDBrnki7YSSA==
age: 1694
X-Firefox-Spdy: h2
d1a6zytsvzb7ig.cloudfront.net/newpanel/images/robot.sleeping.svg
54.230.241.161200 OK 25 kB URL GET HTTP/2 d1a6zytsvzb7ig.cloudfront.net/newpanel/images/robot.sleeping.svg
IP 54.230.241.161:443
Requested by https://www.cookwithamber.com/wp-includes/pomo/fm.htm
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image
Hash 495b8461a2deae4276ae7445a155f777
66ed87a4fd7e3331efbc24f8f2fecd17379e8db6
665e19f830575f1e868bf12748a001bbda26953fc054bffcea08a10814103096
GET /newpanel/images/robot.sleeping.svg HTTP/1.1
Host: d1a6zytsvzb7ig.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d1a6zytsvzb7ig.cloudfront.net/newpanel/css/singlepage.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 24670
last-modified: Fri, 03 May 2024 18:43:43 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 05 May 2024 02:34:14 GMT
etag: "495b8461a2deae4276ae7445a155f777"
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5_34Nfqg-iwlAqptQPFKU2E2kAxvDumXcsneGoSNEOpbyiztf-msiA==
age: 920
X-Firefox-Spdy: h2
d1a6zytsvzb7ig.cloudfront.net/newpanel/fonts/proxima-nova/proximanova-bold-webfont.woff2
54.230.241.161200 OK 21 kB URL GET HTTP/2 d1a6zytsvzb7ig.cloudfront.net/newpanel/fonts/proxima-nova/proximanova-bold-webfont.woff2
IP 54.230.241.161:443
Requested by https://www.cookwithamber.com/wp-includes/pomo/fm.htm
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 20896, version 1.0
Hash cc961c8e6f6e391e2959226726039312
894e58d1a6afdfc20368116454c0287a71d8519e
d6c13515ff2b46325da9c8a9fa41b53e6c94cf6690ece1a7e293f430fff196b2
GET /newpanel/fonts/proxima-nova/proximanova-bold-webfont.woff2 HTTP/1.1
Host: d1a6zytsvzb7ig.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cookwithamber.com
DNT: 1
Connection: keep-alive
Referer: https://d1a6zytsvzb7ig.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 20896
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Fri, 03 May 2024 18:43:38 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 05 May 2024 02:49:33 GMT
etag: "cc961c8e6f6e391e2959226726039312"
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dOfYm-oj9kKzK6dSJ1m2wNhwHKxwboke6IM8diNy9afFC0ZPuKMvhQ==
age: 785
X-Firefox-Spdy: h2
d1a6zytsvzb7ig.cloudfront.net/newpanel/fonts/proxima-nova/proximanova-reg-webfont.woff2
54.230.241.161200 OK 21 kB URL GET HTTP/2 d1a6zytsvzb7ig.cloudfront.net/newpanel/fonts/proxima-nova/proximanova-reg-webfont.woff2
IP 54.230.241.161:443
Requested by https://www.cookwithamber.com/wp-includes/pomo/fm.htm
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 20688, version 1.6554
Hash c0f320b8fe21e75c7d1f1e761f197ba5
1990ee7c919c40cb0c632a2bc2039f6bdeaf9117
47a9bfdb084997befeaf43d2b3558815d63a8923d24e0e56c1ee4764c31ac412
GET /newpanel/fonts/proxima-nova/proximanova-reg-webfont.woff2 HTTP/1.1
Host: d1a6zytsvzb7ig.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cookwithamber.com
DNT: 1
Connection: keep-alive
Referer: https://d1a6zytsvzb7ig.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 20688
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Fri, 03 May 2024 18:43:38 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 05 May 2024 02:49:33 GMT
etag: "c0f320b8fe21e75c7d1f1e761f197ba5"
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Vo2zbcmy124mZatYTeB8FDBNfl6yGn9rbixt0XtItxZtutLIap6qCg==
age: 785
X-Firefox-Spdy: h2
www.cookwithamber.com/favicon.ico
192.124.249.11404 Not Found 864 B URL GET HTTP/2 www.cookwithamber.com/favicon.ico
IP 192.124.249.11:443
Requested by https://www.cookwithamber.com/wp-includes/pomo/fm.htm
Certificate IssuerStarfield Technologies, Inc.
Subjectcookwithamber.com
FingerprintA8:9B:BF:49:F2:81:F1:3B:EC:58:31:2F:CC:EC:BF:48:A9:36:70:E1
ValiditySat, 17 Jun 2023 08:28:57 GMT - Mon, 17 Jun 2024 08:28:57 GMT
File type HTML document, ASCII text
Hash 4e428049a315461fc7af591bc56b0df5
ba42596355ed4b32e624c402f67cab27854dae8f
240ffb4290c618ac72a84a4d6f602fbf4e40ee382cf80e203a10e1cf730a91d5
GET /favicon.ico HTTP/1.1
Host: www.cookwithamber.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cookwithamber.com/wp-includes/pomo/fm.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 05 May 2024 02:49:33 GMT
content-type: text/html
content-length: 864
x-sucuri-id: 19011
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 05 Mar 2024 23:31:39 GMT
etag: "360-612f23e6d4cc0"
accept-ranges: bytes
x-sucuri-cache: MISS
X-Firefox-Spdy: h2