r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20365
Expires: Sun, 29 Jan 2023 04:16:54 GMT
Date: Sat, 28 Jan 2023 22:37:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5739
Expires: Sun, 29 Jan 2023 00:13:08 GMT
Date: Sat, 28 Jan 2023 22:37:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4535
Expires: Sat, 28 Jan 2023 23:53:04 GMT
Date: Sat, 28 Jan 2023 22:37:29 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 21:43:06 GMT
content-type: application/json
age: 3263
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 2Gw17uo9UKqLRM4WCVZ4Psaiy1SUhW3+GdqJBJ/chTKHO3tKp10MsVkJrYVxSvyy/gJnSeLgi/w=
x-amz-request-id: 2Z9S057K2391PPBF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 22:21:08 GMT
age: 981
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 22:37:29 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
agrofarmacia.net/Bammmlk/Bofa/verify.php
185.2.4.42301 Moved Permanently 0 B URL HTTP/1.1 agrofarmacia.net/Bammmlk/Bofa/verify.php
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /Bammmlk/Bofa/verify.php HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 28 Jan 2023 22:37:29 GMT
Server: Apache
X-Powered-By: PHP/7.3.33
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Vary: User-Agent
Content-Length: 0
Keep-Alive: timeout=5, max=150
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 21:41:40 GMT
age: 3350
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6f313feab58c1667c9c68d86fa993a8e
952e4a2306e0b4df864987e030a0c544ff307027
2620f0ce8a520372b43b453572d8650112faa1b3d0de99a386ec97e5b7af5543
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2620F0CE8A520372B43B453572D8650112FAA1B3D0DE99A386EC97E5B7AF5543"
Last-Modified: Thu, 26 Jan 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21588
Expires: Sun, 29 Jan 2023 04:37:18 GMT
Date: Sat, 28 Jan 2023 22:37:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19102
Expires: Sun, 29 Jan 2023 03:55:52 GMT
Date: Sat, 28 Jan 2023 22:37:30 GMT
Connection: keep-alive
push.services.mozilla.com/
34.217.157.108101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.217.157.108:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Xl+eA+qouHQvRhTR1jzQ8Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mYkEWh2WKA6Cc1fumEsS5jlf8CY=
agrofarmacia.net/Bammmlk/Bofa/verify.php
185.2.4.42404 Not Found 7.3 kB URL HTTP/1.1 agrofarmacia.net/Bammmlk/Bofa/verify.php
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2996), with CRLF, LF line terminators
Hash d4a78a395f55ae8ed656f00bdb15d248
8ed1f8daac0784a30a4b44eb1596c9a02c74d862
b66d96fae9fcfb46a8257045df9cf96ddb12c7a2de9d3fdfe438015702ae44dc
Analyzer Verdict Alert fortinet Phishing
GET /Bammmlk/Bofa/verify.php HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Date: Sat, 28 Jan 2023 22:37:30 GMT
Server: Apache
X-Powered-By: PHP/7.3.33
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://agrofarmacia.net/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7308
Keep-Alive: timeout=5, max=150
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
agrofarmacia.net/wp-includes/css/dist/block-library/style.min.css?ver=2d8c3b76a3b75c26abcd680221d75268
185.2.4.42200 OK 4.3 kB URL HTTP/1.1 agrofarmacia.net/wp-includes/css/dist/block-library/style.min.css?ver=2d8c3b76a3b75c26abcd680221d75268
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
File type ASCII text, with very long lines (25242), with no line terminators
Hash 5e71e1a3c3df9c07f16076e1372016b8
6d054f2291f0999a1fc673bec8fdadf0cbbd9458
fc12dab9d762325806c12d1fb3c6c4f839ae3be5dba4554acc338b6a275f219b
GET /wp-includes/css/dist/block-library/style.min.css?ver=2d8c3b76a3b75c26abcd680221d75268 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:05:09 GMT
ETag: "41e24e0-629a-5eda88ffddbef-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4258
Keep-Alive: timeout=5, max=149
Connection: Keep-Alive
Content-Type: text/css
agrofarmacia.net/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8
185.2.4.42200 OK 9.5 kB URL HTTP/1.1 agrofarmacia.net/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
File type Unicode text, UTF-8 text, with very long lines (5178)
Hash 2e23a7f758f5874b18b33609587dba87
ed5ac5ed1f56e27e889dabe78bf42a74159952ea
1a2595768612243d5c078586b0efc23a8d8669737235da43f010f7a61592de12
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:19:12 GMT
ETag: "4260fe0-9623-5eda8c238b973-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 9480
Keep-Alive: timeout=5, max=148
Connection: Keep-Alive
Content-Type: text/css
agrofarmacia.net/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=2d8c3b76a3b75c26abcd680221d75268
185.2.4.42200 OK 651 B URL HTTP/1.1 agrofarmacia.net/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=2d8c3b76a3b75c26abcd680221d75268
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
Hash f026e73e8b072cc3ae1491702b9c491a
5cf262adbd7a8a0d067230081688c0f8fe6c36f8
c2340e9fff602440a6a9daadf0e90fc5eb265bd6fbd495d77d7891a303575b29
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=2d8c3b76a3b75c26abcd680221d75268 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:05:54 GMT
ETag: "4242454-695-5eda892ab1573-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 651
Keep-Alive: timeout=5, max=150
Connection: Keep-Alive
Content-Type: text/css
agrofarmacia.net/wp-content/themes/stockholm/css/elegant-icons/style.min.css?ver=2d8c3b76a3b75c26abcd680221d75268
185.2.4.42200 OK 4.2 kB URL HTTP/1.1 agrofarmacia.net/wp-content/themes/stockholm/css/elegant-icons/style.min.css?ver=2d8c3b76a3b75c26abcd680221d75268
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
File type ASCII text, with very long lines (21769), with no line terminators
Hash f3a17950a8e7faa7352af4b55d655c4b
492ddab7dfd9e14e7334d92ecedafc5c1940a2cc
d645008ee7f2e849c441b8de7e09a40ec0585095fe201dc87b29408ae1593cac
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/stockholm/css/elegant-icons/style.min.css?ver=2d8c3b76a3b75c26abcd680221d75268 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:09:29 GMT
ETag: "4242dc1-5509-5eda89f7ea43a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4166
Keep-Alive: timeout=5, max=147
Connection: Keep-Alive
Content-Type: text/css
agrofarmacia.net/wp-content/themes/stockholm/style.css?ver=2d8c3b76a3b75c26abcd680221d75268
185.2.4.42200 OK 335 B URL HTTP/1.1 agrofarmacia.net/wp-content/themes/stockholm/style.css?ver=2d8c3b76a3b75c26abcd680221d75268
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
Hash 6d0bac9d0538dcba4b601e50d3021860
ae63ca6051d3094ca762cd9b090533fe08d1f846
c8d75a22feb6cfe33a73183dbf645444a3a3705c1b48fb71c3c42578cabde002
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/stockholm/style.css?ver=2d8c3b76a3b75c26abcd680221d75268 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 10:59:20 GMT
ETag: "41e30cc-204-5eda87b2c1a6e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 335
Keep-Alive: timeout=5, max=150
Connection: Keep-Alive
Content-Type: text/css
agrofarmacia.net/wp-content/themes/stockholm/css/style_dynamic.css?ver=1668683023
185.2.4.42200 OK 4.3 kB URL HTTP/1.1 agrofarmacia.net/wp-content/themes/stockholm/css/style_dynamic.css?ver=1668683023
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
File type ASCII text, with very long lines (1292)
Hash ee7d287fe53c2f39df8fc1f512157699
bd55667242c5237630f463c04473793dd5d32465
215e8ab867fc347b119d763a6fef8ebd3ac00c9863fa4eaf18b23280a7460af3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/stockholm/css/style_dynamic.css?ver=1668683023 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:03:43 GMT
ETag: "4222405-6120-5eda88adb0f45-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4282
Keep-Alive: timeout=5, max=150
Connection: Keep-Alive
Content-Type: text/css
agrofarmacia.net/wp-content/themes/stockholm/css/font-awesome/css/font-awesome.min.css?ver=2d8c3b76a3b75c26abcd680221d75268
185.2.4.42200 OK 7.1 kB URL HTTP/1.1 agrofarmacia.net/wp-content/themes/stockholm/css/font-awesome/css/font-awesome.min.css?ver=2d8c3b76a3b75c26abcd680221d75268
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
File type ASCII text, with very long lines (30837)
Hash 52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6
GET /wp-content/themes/stockholm/css/font-awesome/css/font-awesome.min.css?ver=2d8c3b76a3b75c26abcd680221d75268 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:19:37 GMT
ETag: "4261151-7918-5eda8c3c041e4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7053
Keep-Alive: timeout=5, max=150
Connection: Keep-Alive
Content-Type: text/css
agrofarmacia.net/wp-content/themes/stockholm/css/linear-icons/style.css?ver=2d8c3b76a3b75c26abcd680221d75268
185.2.4.42200 OK 1.7 kB URL HTTP/1.1 agrofarmacia.net/wp-content/themes/stockholm/css/linear-icons/style.css?ver=2d8c3b76a3b75c26abcd680221d75268
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
Hash 7ab6a673d5e6fb9ea8e3ee4645c42493
38b4d86ba2ccd02ae25aaacbf3919a2e57c13c3b
a4ad682d8cad87cb4d62a15777d23087b90e11b156ba5466e52563f2f17767b4
GET /wp-content/themes/stockholm/css/linear-icons/style.css?ver=2d8c3b76a3b75c26abcd680221d75268 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:09:57 GMT
ETag: "4242de9-2098-5eda8a125de1c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1651
Keep-Alive: timeout=5, max=149
Connection: Keep-Alive
Content-Type: text/css
agrofarmacia.net/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.6-78496d1
185.2.4.42200 OK 2.6 kB URL HTTP/1.1 agrofarmacia.net/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.6-78496d1
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
File type ASCII text, with very long lines (11232), with no line terminators
Hash 32ddff47911411a1e7685adb9b5dc293
542dd289e007fcab44021724159568f33523aee8
6319be54a637315646bb05a597015dbb5ff79af4f7fc7c4a14416183292eb7f9
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.6-78496d1 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 10:59:57 GMT
ETag: "41e31bb-2be0-5eda87d680390-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2585
Keep-Alive: timeout=5, max=146
Connection: Keep-Alive
Content-Type: text/css
agrofarmacia.net/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=2d8c3b76a3b75c26abcd680221d75268
185.2.4.42200 OK 1.1 kB URL HTTP/1.1 agrofarmacia.net/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=2d8c3b76a3b75c26abcd680221d75268
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
File type ASCII text, with very long lines (4163), with no line terminators
Hash dcb69e9298cb966d1a9875df8d6e2032
24ab2d72e0fc7324be99528fc214d4f0b1548d04
96eab68e1338db6123a16b34c30c2cdad14bbef84bfb69557160ba023fc08912
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=2d8c3b76a3b75c26abcd680221d75268 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 10:59:58 GMT
ETag: "41e31c2-1043-5eda87d726bae-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1142
Keep-Alive: timeout=5, max=149
Connection: Keep-Alive
Content-Type: text/css
agrofarmacia.net/wp-content/themes/stockholm/css/responsive.min.css?ver=2d8c3b76a3b75c26abcd680221d75268
185.2.4.42200 OK 9.2 kB URL HTTP/1.1 agrofarmacia.net/wp-content/themes/stockholm/css/responsive.min.css?ver=2d8c3b76a3b75c26abcd680221d75268
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 91bf9915f4866940a487f505a12286a8
09e093104a54c2db21308c067342ecf57a33ab9e
1abca1d5015213f332e5fd52ea6901e5ac895f52c50735896f63859eca559686
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/stockholm/css/responsive.min.css?ver=2d8c3b76a3b75c26abcd680221d75268 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:03:31 GMT
ETag: "4222401-11af4-5eda88a2585b3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 9222
Keep-Alive: timeout=5, max=149
Connection: Keep-Alive
Content-Type: text/css
agrofarmacia.net/wp-content/themes/stockholm/css/style_dynamic_responsive.css?ver=1668683023
185.2.4.42200 OK 172 B URL HTTP/1.1 agrofarmacia.net/wp-content/themes/stockholm/css/style_dynamic_responsive.css?ver=1668683023
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
Hash f111a89343eac12bbdd4b2f7a9eca483
cdfaabcf1f457c755767f46642a99e590fe890fc
acef6b2ee297e144d6848963c1e72efca35c0632e261b483fe2a9d4c0a9fc70b
GET /wp-content/themes/stockholm/css/style_dynamic_responsive.css?ver=1668683023 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:03:43 GMT
ETag: "4222407-168-5eda88ade91ba-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 172
Keep-Alive: timeout=5, max=149
Connection: Keep-Alive
Content-Type: text/css
agrofarmacia.net/wp-content/themes/stockholm/css/custom_css.css?ver=1668683004
185.2.4.42200 OK 2 B URL HTTP/1.1 agrofarmacia.net/wp-content/themes/stockholm/css/custom_css.css?ver=1668683004
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
Hash e1c06d85ae7b8b032bef47e42e4c08f9
71853c6197a6a7f222db0f1978c7cb232b87c5ee
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/stockholm/css/custom_css.css?ver=1668683004 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:03:24 GMT
ETag: "42223fc-2-5eda889c09941"
Accept-Ranges: bytes
Content-Length: 2
Vary: User-Agent
Keep-Alive: timeout=5, max=145
Connection: Keep-Alive
Content-Type: text/css
agrofarmacia.net/wp-content/themes/stockholm-child/style.css?ver=2d8c3b76a3b75c26abcd680221d75268
185.2.4.42200 OK 1.9 kB URL HTTP/1.1 agrofarmacia.net/wp-content/themes/stockholm-child/style.css?ver=2d8c3b76a3b75c26abcd680221d75268
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
Hash 67958d4d813d029dd1f102c2b68cd2cf
c379743e247843894e5259d7b618d77dc17971a8
5cea0263cd61dd8a0da1a0cb36d9bfc2cb201fe09f01aaaa22051e68874bdbbc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/stockholm-child/style.css?ver=2d8c3b76a3b75c26abcd680221d75268 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 10:59:22 GMT
ETag: "41e30d5-2181-5eda87b47ebaa-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1936
Keep-Alive: timeout=5, max=148
Connection: Keep-Alive
Content-Type: text/css
agrofarmacia.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
185.2.4.42200 OK 4.0 kB URL HTTP/1.1 agrofarmacia.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
File type ASCII text, with very long lines (9959)
Hash a6c81e2f02bd04160d2de88c4e8f3559
e3f3c91427d785820ca97dabe738f01faf041f36
b734d83af5da0eb627e04d3e62ce652b9eb7de19667a1b91da6b93f0ea5d7ffe
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 10:59:54 GMT
ETag: "41e31a2-2748-5eda87d3527c7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4014
Keep-Alive: timeout=5, max=148
Connection: Keep-Alive
Content-Type: application/javascript
agrofarmacia.net/wp-content/themes/stockholm/css/stylesheet.min.css?ver=2d8c3b76a3b75c26abcd680221d75268
185.2.4.42200 OK 55 kB URL HTTP/1.1 agrofarmacia.net/wp-content/themes/stockholm/css/stylesheet.min.css?ver=2d8c3b76a3b75c26abcd680221d75268
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 339bc0e012a48873f39e90395db8963d
adf0c3d5e8619c719041e0499d7f6c8159c16f11
01a3ff484b035049ebcf9dc67ca7565153eb77ce7c186bf2c3b8e1cf8d080461
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/stockholm/css/stylesheet.min.css?ver=2d8c3b76a3b75c26abcd680221d75268 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:03:40 GMT
ETag: "4222404-60fe4-5eda88ab585b5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 54646
Keep-Alive: timeout=5, max=150
Connection: Keep-Alive
Content-Type: text/css
agrofarmacia.net/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.5.5
185.2.4.42200 OK 46 kB URL HTTP/1.1 agrofarmacia.net/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.5.5
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4cf73362be72b477287acbb3f7737f86
3c3e185f11497b3fc06fbb6b0e1932bf7f5dfb3d
c9e79d70c80ee8ee7114b162dc07a1fda6a6fe6e1cd7af94d8aba516e36a0a14
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.5.5 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:06:16 GMT
ETag: "42424ce-76596-5eda893fcad07-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 45591
Keep-Alive: timeout=5, max=148
Connection: Keep-Alive
Content-Type: text/css
agrofarmacia.net/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=2d8c3b76a3b75c26abcd680221d75268
185.2.4.42200 OK 551 B URL HTTP/1.1 agrofarmacia.net/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=2d8c3b76a3b75c26abcd680221d75268
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
File type ASCII text, with very long lines (1193), with no line terminators
Hash 2f198247159358c97acb1750c59b1ab5
5dbc36778fe163d998f295095ddc5c73895f0daa
edb7abae43f424a4af8fe4d1e823ca6b383758efef9c1caa53c0ea85100b87eb
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=2d8c3b76a3b75c26abcd680221d75268 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 10:59:57 GMT
ETag: "41e31b7-4a9-5eda87d608d5f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 551
Keep-Alive: timeout=5, max=149
Connection: Keep-Alive
Content-Type: application/javascript
agrofarmacia.net/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=2d8c3b76a3b75c26abcd680221d75268
185.2.4.42200 OK 4.0 kB URL HTTP/1.1 agrofarmacia.net/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=2d8c3b76a3b75c26abcd680221d75268
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
Hash 179ff7e7ba061cb009f29849fc15f071
f824ebc474c27b208137b68aa51d5d0d2b3a89e9
b889c73e9da05e33847d3ab6f1f98c172204c3e4cb2e4832863695f34e2270de
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=2d8c3b76a3b75c26abcd680221d75268 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:05:55 GMT
ETag: "4242459-3868-5eda892b619d1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3993
Keep-Alive: timeout=5, max=147
Connection: Keep-Alive
Content-Type: application/javascript
agrofarmacia.net/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8
185.2.4.42200 OK 18 kB URL HTTP/1.1 agrofarmacia.net/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
File type ASCII text, with very long lines (64614)
Hash 29e65dfc954bfad48f980932be5bc816
40b8fed8b09f7d56c2f36545f6bd688f85bf925b
fa7f9a3dc0974c723c21c8b786e7fe43098f23f5a6f4885184e90987909394f4
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:19:13 GMT
ETag: "4260fe6-fdaf-5eda8c248559f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 18082
Keep-Alive: timeout=5, max=147
Connection: Keep-Alive
Content-Type: application/javascript
agrofarmacia.net/wp-includes/js/jquery/jquery.js?ver=1.12.4
185.2.4.42200 OK 34 kB URL HTTP/1.1 agrofarmacia.net/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
File type ASCII text, with very long lines (32077)
Hash ed4b26f09b9c4f4452a7edf9ba6acf98
7dd55dd1775c06dced30d252a273d021b5ab1b35
161d50f181043aea3b29b895db9629a21f56b224a6ea966fbd3e6fbb26ecfb39
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 10:59:55 GMT
ETag: "41e31a9-17b9f-5eda87d415cd7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 33766
Keep-Alive: timeout=5, max=148
Connection: Keep-Alive
Content-Type: application/javascript
agrofarmacia.net/wp-content/themes/stockholm/js/plugins/qode-like.js?ver=1.0
185.2.4.42200 OK 393 B URL HTTP/1.1 agrofarmacia.net/wp-content/themes/stockholm/js/plugins/qode-like.js?ver=1.0
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
Hash a3a325e40cd5ff4df0c3860b1482caba
0ef9e3838c5d8f4812f87853456331f2eee41baa
74e56bb80c75baf9113fbd9e94b42599aef99784ed62df1520b0fcff2ec297a8
GET /wp-content/themes/stockholm/js/plugins/qode-like.js?ver=1.0 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:11:07 GMT
ETag: "4242e6c-2e3-5eda8a54c53d8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 393
Keep-Alive: timeout=5, max=148
Connection: Keep-Alive
Content-Type: application/javascript
agrofarmacia.net/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=2d8c3b76a3b75c26abcd680221d75268
185.2.4.42200 OK 481 B URL HTTP/1.1 agrofarmacia.net/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=2d8c3b76a3b75c26abcd680221d75268
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
File type HTML document, ASCII text, with very long lines (914), with no line terminators
Hash bd1336e7056ac5a40f0b7ad428fb943e
c7e67695c8b623ad31ad42497841510946192cae
100a43ce4da4bbbc881b44eacbdd7105b639499c0d1940098ba8d7c279b4de8b
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=2d8c3b76a3b75c26abcd680221d75268 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 10:59:58 GMT
ETag: "41e31c3-392-5eda87d734287-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 481
Keep-Alive: timeout=5, max=146
Connection: Keep-Alive
Content-Type: application/javascript
agrofarmacia.net/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8
185.2.4.42200 OK 38 kB URL HTTP/1.1 agrofarmacia.net/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
File type ASCII text, with very long lines (27287)
Hash 9f8cfca5b75c0a294c0b6343d98201f0
eaecb944b9565e65271e1f09d682d2ab7dfaf4d0
4fcaa9fdd6eb3d15c6d56fb1de274d78962c6251f1f06191bbb3d97a320afd0d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:19:13 GMT
ETag: "4260fe8-1af53-5eda8c24d00f5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 38315
Keep-Alive: timeout=5, max=144
Connection: Keep-Alive
Content-Type: application/javascript
agrofarmacia.net/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.6-78496d1
185.2.4.42200 OK 38 kB URL HTTP/1.1 agrofarmacia.net/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.6-78496d1
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
File type ASCII text, with very long lines (65266)
Hash 41fc857312dc632e17b5622c845b46b2
e01db357c907260107de3084e14ba7653192c195
1fe191de98595dcde27b948075d6c702d117219e47c281f1a8d279205c1f72d7
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.6-78496d1 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 10:59:57 GMT
ETag: "41e31b5-2638f-5eda87d5cad2a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 38128
Keep-Alive: timeout=5, max=147
Connection: Keep-Alive
Content-Type: application/javascript
agrofarmacia.net/wp-content/themes/stockholm/js/plugins/jquery.fullPage.min.js?ver=2d8c3b76a3b75c26abcd680221d75268
185.2.4.42200 OK 7.2 kB URL HTTP/1.1 agrofarmacia.net/wp-content/themes/stockholm/js/plugins/jquery.fullPage.min.js?ver=2d8c3b76a3b75c26abcd680221d75268
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
File type ASCII text, with very long lines (550)
Hash c85d49f0216e7d67f17d94dc473e59d9
03460f006a9a1c5a6f4c62013d510e2a6f5a52fd
c8d05765dfa8af10abca15eb64ab5e2e26f8c1a3930595e9102769ea70763158
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/stockholm/js/plugins/jquery.fullPage.min.js?ver=2d8c3b76a3b75c26abcd680221d75268 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:11:05 GMT
ETag: "4242e5d-5c7f-5eda8a535a70a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7178
Keep-Alive: timeout=5, max=147
Connection: Keep-Alive
Content-Type: application/javascript
agrofarmacia.net/wp-content/themes/stockholm/js/plugins/lemmon-slider.js?ver=2d8c3b76a3b75c26abcd680221d75268
185.2.4.42200 OK 2.3 kB URL HTTP/1.1 agrofarmacia.net/wp-content/themes/stockholm/js/plugins/lemmon-slider.js?ver=2d8c3b76a3b75c26abcd680221d75268
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
Hash be24e998884fccc09920f97107c86d9c
77f21d21f2133da1a9765d402c5cb28382797c27
1536b560edc33eed3aa958bb8a3b0019e64673259aa4d0459230bd96698949ad
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/stockholm/js/plugins/lemmon-slider.js?ver=2d8c3b76a3b75c26abcd680221d75268 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:11:06 GMT
ETag: "4242e69-3330-5eda8a548390a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2348
Keep-Alive: timeout=5, max=145
Connection: Keep-Alive
Content-Type: application/javascript
agrofarmacia.net/wp-content/themes/stockholm/js/plugins/jquery.mousewheel.min.js?ver=2d8c3b76a3b75c26abcd680221d75268
185.2.4.42200 OK 716 B URL HTTP/1.1 agrofarmacia.net/wp-content/themes/stockholm/js/plugins/jquery.mousewheel.min.js?ver=2d8c3b76a3b75c26abcd680221d75268
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
File type ASCII text, with very long lines (1020)
Hash 1bb069d9e3a8d110eaf5319b82b26e9b
25921fb49b922ecc44a40550587df5ace5e9a9a9
6975d1b270a0cbbcd4f0a652d6b32bce9eb2344944e1ccde88e5588bf51e71d4
GET /wp-content/themes/stockholm/js/plugins/jquery.mousewheel.min.js?ver=2d8c3b76a3b75c26abcd680221d75268 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:11:05 GMT
ETag: "4242e61-570-5eda8a53bbdaa-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 716
Keep-Alive: timeout=5, max=143
Connection: Keep-Alive
Content-Type: application/javascript
agrofarmacia.net/wp-content/themes/stockholm/js/plugins/jquery.parallax-scroll.js?ver=2d8c3b76a3b75c26abcd680221d75268
185.2.4.42200 OK 2.0 kB URL HTTP/1.1 agrofarmacia.net/wp-content/themes/stockholm/js/plugins/jquery.parallax-scroll.js?ver=2d8c3b76a3b75c26abcd680221d75268
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
Hash 4bea0328db878dfe4cfd1b9b2ab11c93
c055555cba034baded0d5aaf696770b81b916c65
0dd45fa1793fe28f5793486dde4a5e430586999dafddfb602a7cf0a0d3ce1934
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/stockholm/js/plugins/jquery.parallax-scroll.js?ver=2d8c3b76a3b75c26abcd680221d75268 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:11:06 GMT
ETag: "4242e63-23b7-5eda8a53e7cce-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1962
Keep-Alive: timeout=5, max=144
Connection: Keep-Alive
Content-Type: application/javascript
agrofarmacia.net/wp-content/themes/stockholm/js/plugins/jquery.touchSwipe.min.js?ver=2d8c3b76a3b75c26abcd680221d75268
185.2.4.42200 OK 4.0 kB URL HTTP/1.1 agrofarmacia.net/wp-content/themes/stockholm/js/plugins/jquery.touchSwipe.min.js?ver=2d8c3b76a3b75c26abcd680221d75268
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
File type ASCII text, with very long lines (11417)
Hash bfa32a001bd2b3755231fce83f5c6535
3be90f16e183c9d58feb8485cb1fac757e591a0d
855566e1cd3fb73824f070bffdb7deb2cb835ab9e010dbef2c6e94aee3a1cba1
GET /wp-content/themes/stockholm/js/plugins/jquery.touchSwipe.min.js?ver=2d8c3b76a3b75c26abcd680221d75268 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:11:06 GMT
ETag: "4242e67-2e1d-5eda8a54581b7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4029
Keep-Alive: timeout=5, max=146
Connection: Keep-Alive
Content-Type: application/javascript
agrofarmacia.net/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=5.5.5
185.2.4.42200 OK 9.9 kB URL HTTP/1.1 agrofarmacia.net/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=5.5.5
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
File type ASCII text, with very long lines (32004)
Hash f46a131da1c8eb42ffaec895ed170d3c
20562648e83ea77d8265b07a600f0e3a9287b213
379cc38e9fd4ac551b1e4ef3d5cf6db2b978a3f0346255f956f5031514522f85
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=5.5.5 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:24:28 GMT
ETag: "4261f4c-8aaf-5eda8d50e044e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 9863
Keep-Alive: timeout=5, max=146
Connection: Keep-Alive
Content-Type: application/javascript
agrofarmacia.net/wp-content/themes/stockholm/js/custom_js.js?ver=1668683031
185.2.4.42200 OK 102 B URL HTTP/1.1 agrofarmacia.net/wp-content/themes/stockholm/js/custom_js.js?ver=1668683031
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
Hash 7a98cdbc63db93f7aac99d1375cc96a6
cb58957aa4e07bf32215b2b6e10da340dc5a1ca4
8bde1fba94a37fe6af96b96a58ba1dec9753f91aa424256971c7c71f4af69636
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/stockholm/js/custom_js.js?ver=1668683031 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:03:51 GMT
ETag: "42421c1-55-5eda88b570a2d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 102
Keep-Alive: timeout=5, max=143
Connection: Keep-Alive
Content-Type: application/javascript
agrofarmacia.net/wp-content/themes/stockholm/js/default_dynamic.js?ver=1668683032
185.2.4.42200 OK 1.6 kB URL HTTP/1.1 agrofarmacia.net/wp-content/themes/stockholm/js/default_dynamic.js?ver=1668683032
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
Hash a10b1dec2ba8e130f9644fb54123efdc
b81d92aa8582bc2f31a9627f276267b7759469b1
acbeb01eb672e019a73700071d5e5e4fb05638967c3a6c29dd10d62be5d12ab6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/stockholm/js/default_dynamic.js?ver=1668683032 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:03:52 GMT
ETag: "42421c5-fb5-5eda88b629744-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1567
Keep-Alive: timeout=5, max=146
Connection: Keep-Alive
Content-Type: application/javascript
agrofarmacia.net/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.5.5
185.2.4.42200 OK 5.7 kB URL HTTP/1.1 agrofarmacia.net/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.5.5
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
File type ASCII text, with very long lines (19706), with no line terminators
Hash 7e76e8ec08b6706e3e5814ccecf4cefc
3be624813346feff0ee05ffac2d700a9411f1e6e
35f349a1c263c0e6669607bba7911e3467530bc4b12a0cbd492c6a577a3c35a7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.5.5 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:17:20 GMT
ETag: "4260bf5-4cfa-5eda8bb8b6e86-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5653
Keep-Alive: timeout=5, max=145
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 22:37:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
agrofarmacia.net/wp-content/themes/stockholm/style.css
185.2.4.42200 OK 335 B URL HTTP/1.1 agrofarmacia.net/wp-content/themes/stockholm/style.css
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
Hash 6d0bac9d0538dcba4b601e50d3021860
ae63ca6051d3094ca762cd9b090533fe08d1f846
c8d75a22feb6cfe33a73183dbf645444a3a3705c1b48fb71c3c42578cabde002
GET /wp-content/themes/stockholm/style.css HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/wp-content/themes/stockholm-child/style.css?ver=2d8c3b76a3b75c26abcd680221d75268
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 10:59:20 GMT
ETag: "41e30cc-204-5eda87b2c1a6e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 335
Keep-Alive: timeout=5, max=142
Connection: Keep-Alive
Content-Type: text/css
agrofarmacia.net/wp-includes/js/wp-embed.min.js?ver=2d8c3b76a3b75c26abcd680221d75268
185.2.4.42200 OK 753 B URL HTTP/1.1 agrofarmacia.net/wp-includes/js/wp-embed.min.js?ver=2d8c3b76a3b75c26abcd680221d75268
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
File type ASCII text, with very long lines (1403), with no line terminators
Hash 8151177dccb399a75164172bb63b0491
0a2a5bf7eaa29bb8690a657bbc982360802ab41b
71d58666e959b9ea4a90f83fa5926fced7f92c084a098ee23ec450054b7292a8
GET /wp-includes/js/wp-embed.min.js?ver=2d8c3b76a3b75c26abcd680221d75268 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 10:56:11 GMT
ETag: "41e2e4e-57b-5eda86fef5e3e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 753
Keep-Alive: timeout=5, max=145
Connection: Keep-Alive
Content-Type: application/javascript
agrofarmacia.net/wp-content/themes/stockholm/js/default.js?ver=2d8c3b76a3b75c26abcd680221d75268
185.2.4.42200 OK 37 kB URL HTTP/1.1 agrofarmacia.net/wp-content/themes/stockholm/js/default.js?ver=2d8c3b76a3b75c26abcd680221d75268
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
Hash 8f1797b318560ac83255a7b3d006d746
a5c4e934bbbb05220f25284f190f3b7ab3df12f6
e88d69052319c990e3dcf58e200da10f07962f20fd4d5be2d86da6e29c8c5cb5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/stockholm/js/default.js?ver=2d8c3b76a3b75c26abcd680221d75268 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:03:52 GMT
ETag: "42421c3-37940-5eda88b5fe7c1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 36976
Keep-Alive: timeout=5, max=142
Connection: Keep-Alive
Content-Type: application/javascript
agrofarmacia.net/wp-content/uploads/2019/05/logo-agrofarmacia.png
185.2.4.42200 OK 21 kB URL HTTP/1.1 agrofarmacia.net/wp-content/uploads/2019/05/logo-agrofarmacia.png
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
File type PNG image data, 285 x 49, 8-bit/color RGBA, non-interlaced\012- data
Hash 4aa8fef1ac6ed9ef39534c51322b2e2d
4c954a488478af2eb0bed96e65d8c0c2b5db45f6
b2ddbec93b491545e511c22e7b30bef9adb21f53629f22a2609b0285255f0c8c
GET /wp-content/uploads/2019/05/logo-agrofarmacia.png HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:05:03 GMT
ETag: "4242361-51be-5eda88f9c0490"
Accept-Ranges: bytes
Content-Length: 20926
Keep-Alive: timeout=5, max=144
Connection: Keep-Alive
Content-Type: image/png
fonts.googleapis.com/css?family=Raleway:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Crete+Round:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Work+Sans:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&subset=latin,latin-ext
142.250.74.138200 OK 1.9 kB URL HTTP/2 fonts.googleapis.com/css?family=Raleway:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Crete+Round:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Work+Sans:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&subset=latin,latin-ext
IP 142.250.74.138:0
Hash 60baac5bfad61758f92ea80d25f0f71c
3cc7e108b34d4f7541d2f1d823f213212b38eacc
345822b6aabc0422fbbe96a5de98cbb1f6f25900c6ab3746b016f52da201a13f
GET /css?family=Raleway:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Crete+Round:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Work+Sans:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 22:37:31 GMT
date: Sat, 28 Jan 2023 22:37:31 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
agrofarmacia.net/wp-content/themes/stockholm/js/plugins.js?ver=2d8c3b76a3b75c26abcd680221d75268
185.2.4.42200 OK 168 kB URL HTTP/1.1 agrofarmacia.net/wp-content/themes/stockholm/js/plugins.js?ver=2d8c3b76a3b75c26abcd680221d75268
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
File type HTML document, ASCII text, with very long lines (45166)
Size 168 kB (168396 bytes)
Hash b1699a8c154aca482ef258e099f02bc0
8100a57d7cd23d6b8f19bc213b4dcbd123399d54
7b0d5e7b857ecbc72ba27d36d66eb99e5de8c902c637efcc5037ed09f0720fe0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/stockholm/js/plugins.js?ver=2d8c3b76a3b75c26abcd680221d75268 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:03:53 GMT
ETag: "42421c8-a0046-5eda88b74bfcc-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=146
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash fb70fef6ef859dc8ba28e87cabbe12ca
ccc6e78ce96f81b135af34e839cf55a44d7ad78a
031874365a691474f878459230905db9ef76f7a9b064ec73123460ae7062aab3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 14:24:24 GMT
Expires: Fri, 03 Feb 2023 14:24:23 GMT
Etag: "ccc6e78ce96f81b135af34e839cf55a44d7ad78a"
Cache-Control: max-age=488211,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 790d36904a58b505-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 22:37:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
agrofarmacia.net/wp-content/themes/stockholm/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
185.2.4.42200 OK 77 kB URL HTTP/1.1 agrofarmacia.net/wp-content/themes/stockholm/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/stockholm/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://agrofarmacia.net/wp-content/themes/stockholm/css/font-awesome/css/font-awesome.min.css?ver=2d8c3b76a3b75c26abcd680221d75268
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:19:39 GMT
ETag: "4261158-12d68-5eda8c3d8b3d4"
Accept-Ranges: bytes
Content-Length: 77160
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=145
Connection: Keep-Alive
Content-Type: font/woff2
fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
142.250.74.35200 OK 48 kB URL HTTP/2 fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 47728, version 1.0\012- data
Hash b1581ddd77372ceb06eb14adfd1bea07
1a3b0fc96fa73b808aa1f91f122a3c9bdcf93ee8
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
GET /s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://agrofarmacia.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47728
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 19:22:23 GMT
expires: Wed, 24 Jan 2024 19:22:23 GMT
cache-control: public, max-age=31536000
age: 357308
last-modified: Tue, 23 Aug 2022 17:55:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 22:37:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
agrofarmacia.net/wp-content/themes/stockholm/css/elegant-icons/fonts/ElegantIcons.woff
185.2.4.42200 OK 64 kB URL HTTP/1.1 agrofarmacia.net/wp-content/themes/stockholm/css/elegant-icons/fonts/ElegantIcons.woff
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
File type Web Open Font Format, CFF, length 63664, version 1.0\012- data
Hash fdd9e757bf61675343dcf55100422b84
f9be87fa2d1d4a95e8305afb51778db4bc759fbc
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/stockholm/css/elegant-icons/fonts/ElegantIcons.woff HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://agrofarmacia.net/wp-content/themes/stockholm/css/elegant-icons/style.min.css?ver=2d8c3b76a3b75c26abcd680221d75268
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:19:37 GMT
ETag: "426114b-f8b0-5eda8c3b502ee"
Accept-Ranges: bytes
Content-Length: 63664
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=142
Connection: Keep-Alive
Content-Type: font/woff
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4653
Expires: Sat, 28 Jan 2023 23:55:05 GMT
Date: Sat, 28 Jan 2023 22:37:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4653
Expires: Sat, 28 Jan 2023 23:55:05 GMT
Date: Sat, 28 Jan 2023 22:37:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4653
Expires: Sat, 28 Jan 2023 23:55:05 GMT
Date: Sat, 28 Jan 2023 22:37:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88a27c66-393d-4cd0-b191-286277c9da31.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88a27c66-393d-4cd0-b191-286277c9da31.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b1b66f2ccb0017b06d5e5903e00dede4
f3c7c1abdbab6510de54727cb68eedcc3103e1ce
44d84a015c27d9a298a2ef891e46f2fdd7764d45d914689e127244fef96ddd27
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88a27c66-393d-4cd0-b191-286277c9da31.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8149
x-amzn-requestid: 8c634b51-b124-4cf9-b20e-897babf98d0b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: feRtIG3sIAMF-rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d59653-3f20abcd6c56307b1ebabf2b;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 21:40:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jpe_r8O7AjOS1Mg4kmgDCvxstulkpZI9DXkagbRPmrgyjgwVbDFuog==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:46:36 GMT
etag: "f3c7c1abdbab6510de54727cb68eedcc3103e1ce"
content-type: image/jpeg
age: 3056
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 20:46:16 GMT
age: 6676
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df8e551-afc5-4ea3-a9ef-8af42c4cbea5.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df8e551-afc5-4ea3-a9ef-8af42c4cbea5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 47514f1386d4e6962ac2c931647f60f4
c8da685b6a5aee80c98d4173ffe226b672f054c3
474d462b5d4dbd15b7f759457fe1ed084819cea563ef7c1285028dad9a4a404c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df8e551-afc5-4ea3-a9ef-8af42c4cbea5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7201
x-amzn-requestid: ba830369-3a5f-45bc-9af9-5ad9ee58f43f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbvRREJqIAMF8Uw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4926e-6983a44e506dcd4d203c2688;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 03:11:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k8zu8NNW1XfVlVQuIh495I2sE9YzQQXRooJmVFb2Yqav_D5UCehhLw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:53:26 GMT
age: 66533
etag: "c8da685b6a5aee80c98d4173ffe226b672f054c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ff5857c-39d4-4978-9668-8754096c365b.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ff5857c-39d4-4978-9668-8754096c365b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17da02bed84fa533c12b4e833f54ec69
e0862b84c3b449722536d8c7d1373af6ad32b7c5
742b05f0d88b86d1890bca55d3cbbd4a746546ab969b866bc4f69f4e2bc8ae38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ff5857c-39d4-4978-9668-8754096c365b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8995
x-amzn-requestid: 136f34c6-7348-4543-811e-4ecfd8ee8f5e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSRqKGhKoAMFjQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0c974-7e3f6da23d02323a5c8d86c9;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 06:17:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uHooyYgYAw370dVKj8BIZUbq9012nnwKsT6cyRAMD1yNWrc8PFuhHA==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 15:59:17 GMT
age: 23895
etag: "e0862b84c3b449722536d8c7d1373af6ad32b7c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8f2806c-ec5e-41a0-85d8-007f6d34d108.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8f2806c-ec5e-41a0-85d8-007f6d34d108.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6021d6a06bff2826eb341747e82484f7
a817ff1ba206234627706551820d0d9856b398de
f0ba6de8709fdb73e94dbdace635232c76b9d70dad73badaca0542d9ad49604d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8f2806c-ec5e-41a0-85d8-007f6d34d108.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11624
x-amzn-requestid: 09cf15e8-9e34-48d8-98e6-f698e3db09a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIhl7Hv7oAMFozg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce2f2-0c3acc173da3ccf164b4c412;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:17:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0-OYl8IX1kTRNxA8_kGXbD-yV4DeqDgN4qkCcvKxTW7VVz2FTQgalw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 06:42:55 GMT
age: 57277
etag: "a817ff1ba206234627706551820d0d9856b398de"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43c4a8e963936a8064dbd2bd3c67b905
8508727c97127c98b886833af28b3470306216c2
070c29fe7c0a227029483d675eac863904ab6b291467acdf62167f4845699c21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8652
x-amzn-requestid: 5a5a883e-d7d4-4fc5-925a-3a95830c504e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVguyG7BIAMFm8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d214c4-390b59a32060e41203533c58;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 05:51:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ewSsCY4u9DwRtaj00U9JCim9tYeCgHRuIQFpdHm4ttI6L02-e44iDQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 06:42:55 GMT
age: 57277
etag: "8508727c97127c98b886833af28b3470306216c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
agrofarmacia.net/wp-content/uploads/2019/06/favicon.png
185.2.4.42200 OK 3.8 kB URL HTTP/1.1 agrofarmacia.net/wp-content/uploads/2019/06/favicon.png
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 7869fe0991aa78ee35cf639d82666663
702c5773ca3a7dd7ed82a902d60537377c72c41e
4b7ee5b5349f72c66ac1ea01c067b10214697f03540c566ea0a7193088b10ee3
GET /wp-content/uploads/2019/06/favicon.png HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:32 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:05:06 GMT
ETag: "4242388-eb4-5eda88fcc0dae"
Accept-Ranges: bytes
Content-Length: 3764
Keep-Alive: timeout=5, max=144
Connection: Keep-Alive
Content-Type: image/png
agrofarmacia.net/wp-content/themes/stockholm/js/plugins/jquery.carouFredSel-6.2.1.js?ver=2d8c3b76a3b75c26abcd680221d75268
185.2.4.42200 OK 0 B URL HTTP/1.1 agrofarmacia.net/wp-content/themes/stockholm/js/plugins/jquery.carouFredSel-6.2.1.js?ver=2d8c3b76a3b75c26abcd680221d75268
IP 185.2.4.42:0
ASN #203461 Register S.p.A.
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/stockholm/js/plugins/jquery.carouFredSel-6.2.1.js?ver=2d8c3b76a3b75c26abcd680221d75268 HTTP/1.1
Host: agrofarmacia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/Bammmlk/Bofa/verify.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 22:37:31 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:11:05 GMT
ETag: "4242e58-163cc-5eda8a52f695a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 18559
Keep-Alive: timeout=5, max=147
Connection: Keep-Alive
Content-Type: application/javascript
cdn.cookie-script.com/s/dffddcd3d49fd889a0d93c2f80ce9cc1.js
78.47.189.205200 OK 0 B URL HTTP/2 cdn.cookie-script.com/s/dffddcd3d49fd889a0d93c2f80ce9cc1.js
IP 78.47.189.205:0
ASN #24940 Hetzner Online GmbH
GET /s/dffddcd3d49fd889a0d93c2f80ce9cc1.js HTTP/1.1
Host: cdn.cookie-script.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agrofarmacia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 28 Jan 2023 22:37:31 GMT
vary: Accept-Encoding
last-modified: Tue, 22 Nov 2022 14:38:55 GMT
etag: W/"001adaba0e2ad4e7b2946767ac26752c"
access-control-allow-origin: *
x-cache-status: HIT
content-type: application/javascript
content-encoding: gzip
X-Firefox-Spdy: h2