r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10439
Expires: Sun, 29 Jan 2023 15:10:29 GMT
Date: Sun, 29 Jan 2023 12:16:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10507
Expires: Sun, 29 Jan 2023 15:11:37 GMT
Date: Sun, 29 Jan 2023 12:16:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 11:43:08 GMT
content-type: application/json
age: 2002
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2982
Expires: Sun, 29 Jan 2023 13:06:12 GMT
Date: Sun, 29 Jan 2023 12:16:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 3SlVnfyjNXffkNcmfbhU1DfmkWgQ12jdndEXen/n0JempgzraesiAUd4sd/6zBGzYbAZ/+nRBHA=
x-amz-request-id: BBNZSNBCMFC0EWT5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 11:21:22 GMT
age: 3308
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 12:16:30 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 11:49:04 GMT
age: 1646
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8881
Expires: Sun, 29 Jan 2023 14:44:32 GMT
Date: Sun, 29 Jan 2023 12:16:31 GMT
Connection: keep-alive
mem.com.mx/wp-includes/css/cs/login.php
72.52.253.68301 Moved Permanently 0 B URL HTTP/1.1 mem.com.mx/wp-includes/css/cs/login.php
IP 72.52.253.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/cs/login.php HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 29 Jan 2023 12:16:30 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://mem.com.mx/wp-includes/css/cs/login.php
X-Powered-By: PHP/7.4.33, PleskLin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
54.184.102.146101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.184.102.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: r8uI3JndEWBT2ARn2n5rXg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: U08r7Eyo4BZz28LBMcdyuMukv3U=
status.rapidssl.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4225cecc52565f4d4d787c7c498490a4
a83d3704c8b35d49c3e7c2b1520aa766a7e70ffe
abc226fc0b59aedc92590bdd79d0b93473983d66c7e257f7f9e11ae2d8ff54ab
POST / HTTP/1.1
Host: status.rapidssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=128688
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 12:16:31 GMT
Etag: "63d5b74f-1d7"
Expires: Tue, 31 Jan 2023 00:01:19 GMT
Last-Modified: Sun, 29 Jan 2023 00:01:19 GMT
Server: nginx
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5173
Expires: Sun, 29 Jan 2023 13:42:45 GMT
Date: Sun, 29 Jan 2023 12:16:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5173
Expires: Sun, 29 Jan 2023 13:42:45 GMT
Date: Sun, 29 Jan 2023 12:16:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5173
Expires: Sun, 29 Jan 2023 13:42:45 GMT
Date: Sun, 29 Jan 2023 12:16:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5173
Expires: Sun, 29 Jan 2023 13:42:45 GMT
Date: Sun, 29 Jan 2023 12:16:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4jPbm4WufkUKm7ljLvpHrJUFhr-JQ_nl3iYfI5S8nTqEszFdUtz9EQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 05:24:09 GMT
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
age: 24743
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 17:35:56 GMT
age: 67236
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d2bbd93-ce5c-4300-9ac3-8ccdde169701.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d2bbd93-ce5c-4300-9ac3-8ccdde169701.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ed721e83648418f4a5d64f9d038fd1a
7a311c79e311448941a8d624c1064b1a2d97cfbd
b961e73aaba814eec66532ceeafad5191371fc762b05338990e8cc9c8ecfcbff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d2bbd93-ce5c-4300-9ac3-8ccdde169701.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6875
x-amzn-requestid: 5fb13e91-8750-4dd9-90a2-f1218ea6009b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fS9t2E0AoAMF_LA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d10ff2-22e819312302377c4bf698ff;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 11:18:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QH_-DX5fiBhfS9MVH6pJi57mqFRRPSPf0iDbp_5BHE1jUqCZvvPesQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:46:21 GMT
age: 52211
etag: "7a311c79e311448941a8d624c1064b1a2d97cfbd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cbbc57c4e469baec1bda006407877cc
e988f007b1f9ec2327e7817f38cf56202096aeae
5237a8a8a7aa1fe59548582abf726fe77ad9e1fad8535bb5f88519dc6e779a86
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6158
x-amzn-requestid: 034023e1-bd96-4c41-aa48-cccf5fa7b366
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: feLdTEXToAMF5Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d58c54-5390c17952d82d9108bdd3f8;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 20:57:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ACe_e899vrvXgDH3SKhGkebo6EgwW3c97aiFsr_p0g0cyWhl0XmjIg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 00:04:06 GMT
etag: "e988f007b1f9ec2327e7817f38cf56202096aeae"
content-type: image/jpeg
age: 43946
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c77437e3a7361861aed8bfecbfe6bd6
fefd238c13c0fdfb7d964c90fcc8a8cbbf953034
282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5594
x-amzn-requestid: d56c9b84-dc1f-4d5c-91bf-7db55058bf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLyeEGOloAMFpzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce3126-5013a6b971d6800c5c85a4eb;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:03:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: D2ZAelkDgsd0wjoOSoPRwTzhozs84_aIcgwU-QmbDrTnHztVD0VL_A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 14:57:16 GMT
age: 76756
etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43c4a8e963936a8064dbd2bd3c67b905
8508727c97127c98b886833af28b3470306216c2
070c29fe7c0a227029483d675eac863904ab6b291467acdf62167f4845699c21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8652
x-amzn-requestid: 5a5a883e-d7d4-4fc5-925a-3a95830c504e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVguyG7BIAMFm8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d214c4-390b59a32060e41203533c58;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 05:51:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ewSsCY4u9DwRtaj00U9JCim9tYeCgHRuIQFpdHm4ttI6L02-e44iDQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 23:11:24 GMT
age: 47108
etag: "8508727c97127c98b886833af28b3470306216c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mem.com.mx/wp-includes/css/cs/login.php
72.52.253.68404 Not Found 49 kB URL HTTP/1.1 mem.com.mx/wp-includes/css/cs/login.php
IP 72.52.253.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1820), with CRLF, LF line terminators
Hash bcfc79f039b60b0f988889c4305ae706
a2f65ad1acb006a4684ac59b72f902b208a83f5d
8dc023f13b19e12dd9332085503ffdaea565730f9b605cac35ca532d079b3e20
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/cs/login.php HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 12:16:31 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://mem.com.mx/wp-json/>; rel="https://api.w.org/"
X-Powered-By: PHP/7.4.33, PleskLin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
mem.com.mx/wp-content/plugins/elements-plus/assets/css/ep-elements.css?ver=2.14.2
72.52.253.68200 OK 12 kB URL HTTP/1.1 mem.com.mx/wp-content/plugins/elements-plus/assets/css/ep-elements.css?ver=2.14.2
IP 72.52.253.68:0
Hash 23fc0c847e2fe148acf94662aab3a59b
fa6baa125fd4ab90592e2129019999b7b9c70bd4
28c58d192026dd68823c2e2bab437c624a895748b6e5783644d896ba5d52ada4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elements-plus/assets/css/ep-elements.css?ver=2.14.2 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:33 GMT
Server: Apache
Last-Modified: Tue, 01 Sep 2020 14:55:32 GMT
ETag: "2f07-5ae41b5ef0100"
Accept-Ranges: bytes
Content-Length: 12039
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
mem.com.mx/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=5.5.1
72.52.253.68200 OK 3.3 kB URL HTTP/1.1 mem.com.mx/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=5.5.1
IP 72.52.253.68:0
File type ASCII text, with very long lines (3276), with no line terminators
Hash 1acc6d05dce5567e977de5bb00610c80
72c307774f03749c32c313565da58fa3b8a80830
ae707ec81b142f04b6d5f785a5d4f7e8301bdb62a95288dee1f3e58930d21c7a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=5.5.1 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:33 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 17:02:40 GMT
ETag: "ccc-5cb7ed99a74f1"
Accept-Ranges: bytes
Content-Length: 3276
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mem.com.mx/wp-content/plugins/elements-plus/assets/css/justifiedGallery.min.css?ver=2.14.2
72.52.253.68200 OK 1.8 kB URL HTTP/1.1 mem.com.mx/wp-content/plugins/elements-plus/assets/css/justifiedGallery.min.css?ver=2.14.2
IP 72.52.253.68:0
File type ASCII text, with very long lines (1641)
Hash 2cbaf5d42ca1755790be96efb44ab28b
5a0b11287defc4b18fef056675304ee80c686989
26fe78a9d2ff41c0ed0c55deaf63a235e1bb49dc9c5a275c51c6deac5cf3ace4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elements-plus/assets/css/justifiedGallery.min.css?ver=2.14.2 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:33 GMT
Server: Apache
Last-Modified: Tue, 01 Sep 2020 14:55:32 GMT
ETag: "708-5ae41b5ef0100"
Accept-Ranges: bytes
Content-Length: 1800
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mem.com.mx/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2
72.52.253.68200 OK 2.6 kB URL HTTP/1.1 mem.com.mx/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2
IP 72.52.253.68:0
Hash 76e12144b6be9bc0a17dd880c5566156
c57db768b452aea923a2b083162e9e6ffb98d2f8
070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:33 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 19:14:06 GMT
ETag: "a50-5cb80afa86609"
Accept-Ranges: bytes
Content-Length: 2640
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mem.com.mx/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.4
72.52.253.68200 OK 776 B URL HTTP/1.1 mem.com.mx/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.4
IP 72.52.253.68:0
Hash a5bf64d5859ee94a3e8e93d592d6d2a0
049eb63b42dbb820b06870a430f523bf06880721
25825611ade7ceaed7df3862ec56dc91ad1d2be539966ef7bbe84306e51cfb08
GET /wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.4 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:33 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 19:14:09 GMT
ETag: "308-5cb80afd4d898"
Accept-Ranges: bytes
Content-Length: 776
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 12:16:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 86352d15c37831cf9bf1e41325029224
ac8b28bcc1e6dd026e1f62d1ef8b9f80a42eee21
154f5f5e116df41f5d3bd414c671138b2afc198071529a0f3573109277566cd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 12:16:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?hl=es_ES&onload=recaptchaCallback&render=explicit&ver=2.0
142.250.74.132200 OK 579 B URL HTTP/2 www.google.com/recaptcha/api.js?hl=es_ES&onload=recaptchaCallback&render=explicit&ver=2.0
IP 142.250.74.132:0
File type ASCII text, with very long lines (912), with no line terminators
Hash e614edcca741c6574a943936929805dd
7ba38ff512868fef00776c15fe99f1f60acb6b1b
13ac092be02953f2d60dd3cf55e6adc7558b63dc7cc2a0caf015b9a4e41273a0
GET /recaptcha/api.js?hl=es_ES&onload=recaptchaCallback&render=explicit&ver=2.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 29 Jan 2023 12:16:33 GMT
date: Sun, 29 Jan 2023 12:16:33 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 579
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 12:16:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 12:16:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mem.com.mx/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.4.3
72.52.253.68200 OK 3.9 kB URL HTTP/1.1 mem.com.mx/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.4.3
IP 72.52.253.68:0
File type ASCII text, with very long lines (3815)
Hash 5f521e717558cc20692390671165c2b0
258086100058f5948a30de094df077c0dc104e34
5d226564912131e787a9f390646eeb1c6e775810de3173724a1c78bd5d77bb0c
GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.4.3 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:33 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 19:14:08 GMT
ETag: "f0e-5cb80afc40fda"
Accept-Ranges: bytes
Content-Length: 3854
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
mem.com.mx/wp-includes/js/wp-emoji-release.min.js?ver=5.8.6
72.52.253.68200 OK 18 kB URL HTTP/1.1 mem.com.mx/wp-includes/js/wp-emoji-release.min.js?ver=5.8.6
IP 72.52.253.68:0
File type ASCII text, with very long lines (15224)
Hash 116c86c56f8db0bb63f15ceda50fdc98
75e308982ecf7cd43644b8b426e6aa1a0b0fbe26
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.8.6 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:33 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 19:13:45 GMT
ETag: "4705-5cb80ae64e444"
Accept-Ranges: bytes
Content-Length: 18181
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
mem.com.mx/wp-includes/css/dist/block-library/style.min.css?ver=5.8.6
72.52.253.68200 OK 81 kB URL HTTP/1.1 mem.com.mx/wp-includes/css/dist/block-library/style.min.css?ver=5.8.6
IP 72.52.253.68:0
File type Unicode text, UTF-8 text, with very long lines (33376)
Hash 43c4bc05b5e3b0a6684a7c3a52e63590
ed6d95d525a710a82e8b8583e9ba7bce3b2a4722
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.8.6 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:33 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 19:13:45 GMT
ETag: "13abe-5cb80ae6833e6"
Accept-Ranges: bytes
Content-Length: 80574
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mem.com.mx/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.12.0
72.52.253.68200 OK 18 kB URL HTTP/1.1 mem.com.mx/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.12.0
IP 72.52.253.68:0
File type ASCII text, with very long lines (17633)
Hash def44311f09960b7e0c00406cb20d6b0
31a74acb917ef7f33106d14a7d2967c0b8ca1b7c
8da4ba63c0631c15e1fbebacc34c51ddf4d51b8b2bd7a6c9a3885e913f408301
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.12.0 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:33 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 19:14:08 GMT
ETag: "450f-5cb80afc505f0"
Accept-Ranges: bytes
Content-Length: 17679
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
mem.com.mx/wp-content/uploads/elementor/css/post-11.css?ver=1631573689
72.52.253.68200 OK 1.0 kB URL HTTP/1.1 mem.com.mx/wp-content/uploads/elementor/css/post-11.css?ver=1631573689
IP 72.52.253.68:0
File type ASCII text, with very long lines (1022), with no line terminators
Hash 74145f45af498776c913559c8d07f657
d06d8ff4dbf09e1eac20ccf651fc1e01592ac0f9
a59e5ec45da795d9dd1023a29b487a9f85e48700072168a1736a3875ac92423a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-11.css?ver=1631573689 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:33 GMT
Server: Apache
Last-Modified: Mon, 13 Sep 2021 22:54:49 GMT
ETag: "3fe-5cbe85a2da1a9"
Accept-Ranges: bytes
Content-Length: 1022
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
mem.com.mx/wp-content/uploads/elementor/css/post-12.css?ver=1631911645
72.52.253.68200 OK 10 kB URL HTTP/1.1 mem.com.mx/wp-content/uploads/elementor/css/post-12.css?ver=1631911645
IP 72.52.253.68:0
File type ASCII text, with very long lines (4594)
Hash 963465187a0e886e5acae40520596667
eaddae51f4218a772dea936e89024bdca7abd1c0
5c0acc25decc4a4fa99d011c98042b3053b0c2759067d32a7b345af63a5bb805
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-12.css?ver=1631911645 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:33 GMT
Server: Apache
Last-Modified: Fri, 17 Sep 2021 20:47:25 GMT
ETag: "2736-5cc3709ec29fe"
Accept-Ranges: bytes
Content-Length: 10038
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
mem.com.mx/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=5.5.1
72.52.253.68200 OK 182 kB URL HTTP/1.1 mem.com.mx/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=5.5.1
IP 72.52.253.68:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size 182 kB (182136 bytes)
Hash dea45f0e1a9b50b1c50f1839edc47cc6
676a0c017708de6f28abe8f3a52b037a0d2f025d
151c1e1a788f16d0416faa66ca63d7ab79c503508a9a9fded978c0b4de7c50a8
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=5.5.1 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:33 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 17:02:40 GMT
ETag: "2c778-5cb7ed99a3a59"
Accept-Ranges: bytes
Content-Length: 182136
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mem.com.mx/wp-content/uploads/elementor/css/global.css?ver=1631573689
72.52.253.68200 OK 70 kB URL HTTP/1.1 mem.com.mx/wp-content/uploads/elementor/css/global.css?ver=1631573689
IP 72.52.253.68:0
File type ASCII text, with very long lines (23796), with CRLF, LF line terminators
Hash 4210179f09295488bc536086e8709072
8fa31085dee4f76760f02d5c2260dbf6f3082f37
4162421f21e875d7072f9e38c02ace68c82f87e73202d00a67c52104595a264e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/global.css?ver=1631573689 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:33 GMT
Server: Apache
Last-Modified: Mon, 13 Sep 2021 22:54:49 GMT
ETag: "11130-5cbe85a339cdd"
Accept-Ranges: bytes
Content-Length: 69936
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
mem.com.mx/wp-content/plugins/creame-whatsapp-me/public/css/joinchat.min.css?ver=4.1.15
72.52.253.68200 OK 12 kB URL HTTP/1.1 mem.com.mx/wp-content/plugins/creame-whatsapp-me/public/css/joinchat.min.css?ver=4.1.15
IP 72.52.253.68:0
File type ASCII text, with very long lines (11554), with no line terminators
Hash c420bf48710cfd633d5d16ad89d6b249
22474049089c32371c65cf984b098d04b77b9a86
8bb3c65884543930b7e7711aebd7d492857fb59330aab9c12a9a25d0c5f3c98b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/creame-whatsapp-me/public/css/joinchat.min.css?ver=4.1.15 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:33 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 19:14:16 GMT
ETag: "2d22-5cb80b0364d0c"
Accept-Ranges: bytes
Content-Length: 11554
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
mem.com.mx/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.4
72.52.253.68200 OK 76 kB URL HTTP/1.1 mem.com.mx/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.4
IP 72.52.253.68:0
File type Unicode text, UTF-8 text, with very long lines (1646)
Hash 698857b482c7fbe80633d0d0e37fa586
f066f62f547706cb7a975fb659bb0e539ca5e6d5
b793ae49aa398fda4ef5a1428d63e115109011a34ba553c01074eedf5823d780
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.4 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:33 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 19:14:09 GMT
ETag: "127a0-5cb80afd618e5"
Accept-Ranges: bytes
Content-Length: 75680
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
mem.com.mx/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
72.52.253.68200 OK 58 kB URL HTTP/1.1 mem.com.mx/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 72.52.253.68:0
File type ASCII text, with very long lines (57726)
Hash eeb705d0bdccfd645d3bbd46dd1fbab3
066def290f42ed8c00860e573cc880bd46e9ced4
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:33 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 19:14:08 GMT
ETag: "e238-5cb80afc5c93e"
Accept-Ranges: bytes
Content-Length: 57912
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
mem.com.mx/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
72.52.253.68200 OK 669 B URL HTTP/1.1 mem.com.mx/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 72.52.253.68:0
File type ASCII text, with very long lines (483)
Hash 9eb2d3c87feb6bb2ffa63b70532b1477
38f226335a05ab0e30497bc7419eb5e243a9e26c
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:33 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 19:14:08 GMT
ETag: "29d-5cb80afc5c556"
Accept-Ranges: bytes
Content-Length: 669
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
mem.com.mx/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.4.3
72.52.253.68200 OK 131 kB URL HTTP/1.1 mem.com.mx/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.4.3
IP 72.52.253.68:0
File type ASCII text, with very long lines (65497)
Size 131 kB (131182 bytes)
Hash 1698f85b9c63c60db88e873ff6f7714c
92c13ae4ade868f0e734196fa710f30ffda2b312
9864dda0d7d2810445d5ef2f716e7fb1fa972e660ce08ea26f60347a286b7a8e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.4.3 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:33 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 19:14:08 GMT
ETag: "2006e-5cb80afc44689"
Accept-Ranges: bytes
Content-Length: 131182
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
mem.com.mx/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
72.52.253.68200 OK 675 B URL HTTP/1.1 mem.com.mx/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
IP 72.52.253.68:0
File type ASCII text, with very long lines (489)
Hash 144e43c3b3d8ea5b278c062c202c92f2
3c037057a419245849747b4762d09d88cab66fc1
9cd63b8cea25045c14623c538d26752518a58c0c682795ce6ad3078976c65a37
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:33 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 19:14:08 GMT
ETag: "2a3-5cb80afc5cd26"
Accept-Ranges: bytes
Content-Length: 675
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
mem.com.mx/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
72.52.253.68200 OK 11 kB URL HTTP/1.1 mem.com.mx/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 72.52.253.68:0
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:33 GMT
Server: Apache
Last-Modified: Wed, 16 Dec 2020 14:55:25 GMT
ETag: "2bd8-5b69610b1f140"
Accept-Ranges: bytes
Content-Length: 11224
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
mem.com.mx/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
72.52.253.68200 OK 6.4 kB URL HTTP/1.1 mem.com.mx/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
IP 72.52.253.68:0
File type ASCII text, with very long lines (6406), with no line terminators
Hash 8fe2803a01c9fa77cb1a2618c3552dce
2230dd8f0604e4328e7c2a3f9437a6bf2986f592
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:33 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 19:13:45 GMT
ETag: "1906-5cb80ae64b94d"
Accept-Ranges: bytes
Content-Length: 6406
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
mem.com.mx/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2
72.52.253.68200 OK 13 kB URL HTTP/1.1 mem.com.mx/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2
IP 72.52.253.68:0
File type ASCII text, with very long lines (12987), with no line terminators
Hash 6ad9165b167d54947b37f4b9de75ab39
4c02f66fd8c26141450e310d6786f50f99913dd4
eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:33 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 19:14:06 GMT
ETag: "32bb-5cb80afa85e39"
Accept-Ranges: bytes
Content-Length: 12987
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
mem.com.mx/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
72.52.253.68200 OK 16 kB URL HTTP/1.1 mem.com.mx/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 72.52.253.68:0
File type Unicode text, UTF-8 text, with very long lines (16323)
Hash 38400d9c6ba7d41239fccfaa9f523558
fe9a1548961441ce82e5399444f2be5408d2644c
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:33 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 19:13:45 GMT
ETag: "4056-5cb80ae64c505"
Accept-Ranges: bytes
Content-Length: 16470
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
mem.com.mx/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
72.52.253.68200 OK 90 kB URL HTTP/1.1 mem.com.mx/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 72.52.253.68:0
File type ASCII text, with very long lines (65447)
Hash 02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:33 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 19:13:45 GMT
ETag: "15db1-5cb80ae670b08"
Accept-Ranges: bytes
Content-Length: 89521
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
mem.com.mx/wp-content/uploads/dynamic_avia/avia-merged-styles-ccf32422292d8d011e0797d09c4561db---6144fb1170f4f.css
72.52.253.68200 OK 390 kB URL HTTP/1.1 mem.com.mx/wp-content/uploads/dynamic_avia/avia-merged-styles-ccf32422292d8d011e0797d09c4561db---6144fb1170f4f.css
IP 72.52.253.68:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size 390 kB (390458 bytes)
Hash b8724e7433492f6c9c48b987645b2e4b
2d793cb1f67e10d4b57acc6ad5e6534ab52d5cb2
edeba6c8fe81071a12084eb717f4a174b8cdc4b297a82f0158dcd5e597815e06
GET /wp-content/uploads/dynamic_avia/avia-merged-styles-ccf32422292d8d011e0797d09c4561db---6144fb1170f4f.css HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:33 GMT
Server: Apache
Last-Modified: Fri, 17 Sep 2021 20:31:13 GMT
ETag: "5f53a-5cc36cfff3349"
Accept-Ranges: bytes
Content-Length: 390458
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
mem.com.mx/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.6.0
72.52.253.68200 OK 3.0 kB URL HTTP/1.1 mem.com.mx/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.6.0
IP 72.52.253.68:0
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 8bc2109ef48cabf7a26b73d7c3536c5f
0e0dfee3a3975eafc3dd55f190d1deb3c6c55d3b
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.6.0 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:34 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 17:02:38 GMT
ETag: "bdd-5cb7ed9798f53"
Accept-Ranges: bytes
Content-Length: 3037
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
mem.com.mx/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.6.0
72.52.253.68200 OK 9.5 kB URL HTTP/1.1 mem.com.mx/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.6.0
IP 72.52.253.68:0
File type ASCII text, with very long lines (9151)
Hash 2e96f622673104a3fb67ab56f849c073
f4c17ae4709cad9bc997357581f4e30fc4bbee2c
b49498d1142de7f2e16afc2cd4250d2ba30c5df4de5d291f51d7cf69727efdbe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.6.0 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:34 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 17:02:38 GMT
ETag: "2549-5cb7ed9792dac"
Accept-Ranges: bytes
Content-Length: 9545
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
mem.com.mx/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.5.6.0
72.52.253.68200 OK 1.8 kB URL HTTP/1.1 mem.com.mx/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.5.6.0
IP 72.52.253.68:0
File type ASCII text, with very long lines (1668)
Hash d0a6d8547c66b0d7b0172466558d1208
ff93916519c7b9483251f609e4d29f38c30a66e3
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.5.6.0 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:34 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 17:02:38 GMT
ETag: "72a-5cb7ed97902b4"
Accept-Ranges: bytes
Content-Length: 1834
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
mem.com.mx/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.6.0
72.52.253.68200 OK 2.1 kB URL HTTP/1.1 mem.com.mx/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.6.0
IP 72.52.253.68:0
File type ASCII text, with very long lines (2139), with no line terminators
Hash b72c1cbb1530a011a27bd9800f26765a
27b825c5d8255f33b8427a059d4545ebd65e1746
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.6.0 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:34 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 17:02:38 GMT
ETag: "85b-5cb7ed979933b"
Accept-Ranges: bytes
Content-Length: 2139
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
mem.com.mx/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.6.0
72.52.253.68200 OK 2.9 kB URL HTTP/1.1 mem.com.mx/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.6.0
IP 72.52.253.68:0
File type ASCII text, with very long lines (2938), with no line terminators
Hash 51af5d767f0300f23ecec6298b707395
5eb2d3d937fe0392a974937125d0420666b9396c
9c7c023f91428234ca0ea4df1199758686f4dcd04da96ba63571788fb3389c0b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.6.0 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:34 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 17:02:38 GMT
ETag: "b7a-5cb7ed97977e3"
Accept-Ranges: bytes
Content-Length: 2938
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
mem.com.mx/wp-content/plugins/elements-plus/assets/js/jquery.justifiedGallery.min.js?ver=3.6.3
72.52.253.68200 OK 18 kB URL HTTP/1.1 mem.com.mx/wp-content/plugins/elements-plus/assets/js/jquery.justifiedGallery.min.js?ver=3.6.3
IP 72.52.253.68:0
File type ASCII text, with very long lines (17996)
Hash 2b3d40ed1cbe1cb2de2eb6a191e3ae95
cebed5817799dd7417021f72a847a9a81893537c
9877e27090bf534cb7495116e8a873c50b673a9c9f2af5d8af324bc6c50ff8bd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elements-plus/assets/js/jquery.justifiedGallery.min.js?ver=3.6.3 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:34 GMT
Server: Apache
Last-Modified: Tue, 01 Sep 2020 14:55:32 GMT
ETag: "46eb-5ae41b5ef0100"
Accept-Ranges: bytes
Content-Length: 18155
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
mem.com.mx/wp-content/plugins/elements-plus/assets/js/ep-scripts.js?ver=2.14.2
72.52.253.68200 OK 7.9 kB URL HTTP/1.1 mem.com.mx/wp-content/plugins/elements-plus/assets/js/ep-scripts.js?ver=2.14.2
IP 72.52.253.68:0
File type ASCII text, with CRLF line terminators
Hash 41185308ec3e9894bc7483ef3c2f5971
b1624c4c46ca04b858fa7168b8bd2df668ba6ed9
a56c5df3d8c9938b6dad62d2527cd780a3b5413a9e2a91cb241e454db63b7210
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elements-plus/assets/js/ep-scripts.js?ver=2.14.2 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:34 GMT
Server: Apache
Last-Modified: Tue, 01 Sep 2020 14:55:32 GMT
ETag: "1ee2-5ae41b5ef0100"
Accept-Ranges: bytes
Content-Length: 7906
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
mem.com.mx/wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.1.15
72.52.253.68200 OK 6.6 kB URL HTTP/1.1 mem.com.mx/wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.1.15
IP 72.52.253.68:0
File type ASCII text, with very long lines (6567), with no line terminators
Hash c77860068cb0d58078894f03ef07f0e7
f81e45a3b07a17bc34237c054e0f82c14b741db8
e5b9bb64c4a3efc3612c37e0400a82edfac206cf4d24e383b164a3b98043a55e
GET /wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.1.15 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:34 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 19:14:16 GMT
ETag: "19a7-5cb80b036453c"
Accept-Ranges: bytes
Content-Length: 6567
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 12:16:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/armata/v19/gokvH63_HV5jQ-ENkzR2.woff2
142.250.74.35200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/armata/v19/gokvH63_HV5jQ-ENkzR2.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 17508, version 1.0\012- data
Hash 07ae2c891c6c8844c8650eb530585e09
f91dc08490671d0dbc0b67d3e4450cefd5dc451f
b973b666432a1e852bad93c5b9bda4f3a6df969dd1bedc8c4892f54443a1b0f1
GET /s/armata/v19/gokvH63_HV5jQ-ENkzR2.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mem.com.mx
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17508
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 14:06:25 GMT
expires: Fri, 26 Jan 2024 14:06:25 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 20:08:25 GMT
content-type: font/woff2
age: 252609
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mem.com.mx/wp-includes/js/wp-embed.min.js?ver=5.8.6
72.52.253.68200 OK 1.4 kB URL HTTP/1.1 mem.com.mx/wp-includes/js/wp-embed.min.js?ver=5.8.6
IP 72.52.253.68:0
File type ASCII text, with very long lines (1391)
Hash 905225d5711b559d3092387d5ffbedbd
6f6c39075263bafb9e8c10f1b34a1a0f7ee03c9d
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
GET /wp-includes/js/wp-embed.min.js?ver=5.8.6 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:34 GMT
Server: Apache
Last-Modified: Thu, 04 Feb 2021 06:20:54 GMT
ETag: "592-5ba7cb4b49d80"
Accept-Ranges: bytes
Content-Length: 1426
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CArmata%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.8.6
142.250.74.74200 OK 2.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CArmata%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.8.6
IP 142.250.74.74:0
Hash 4e7e67cc889d7cce4de71eb99159a1b2
2d09a2ad592aadea7c5b38429f9d7a4e3d32f0f4
df9188ce8ecc073bdffe05f42f0f880b25971c00f9231e20133da730f8d395d5
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CArmata%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.8.6 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 12:16:33 GMT
date: Sun, 29 Jan 2023 12:16:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mem.com.mx/wp-content/plugins/wpcf7-recaptcha/assets/js/wpcf7-recaptcha-controls.js?ver=1.2
72.52.253.68200 OK 2.0 kB URL HTTP/1.1 mem.com.mx/wp-content/plugins/wpcf7-recaptcha/assets/js/wpcf7-recaptcha-controls.js?ver=1.2
IP 72.52.253.68:0
File type ASCII text, with CRLF line terminators
Hash a56436c9e214ef323a2a3581d13dffe9
378e2f4aaee735f2644e88c0e7f143dd9b67af5e
cf1f9d0c295267b005cb0f3aae2f90826fd8ee6c14fe5d29501e9b08e541dc79
GET /wp-content/plugins/wpcf7-recaptcha/assets/js/wpcf7-recaptcha-controls.js?ver=1.2 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:34 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 19:14:19 GMT
ETag: "7d0-5cb80b06ce916"
Accept-Ranges: bytes
Content-Length: 2000
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mem.com.mx
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:33:54 GMT
expires: Thu, 25 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 319360
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 12:16:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mem.com.mx/wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21-wc.5.6.0
72.52.253.68200 OK 2.7 kB URL HTTP/1.1 mem.com.mx/wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21-wc.5.6.0
IP 72.52.253.68:0
File type ASCII text, with very long lines (2600)
Hash 6656000d5e9d405df3093dec766256c2
adc0fc077f359ca912305c4d0ec2d56c201c0613
7592aea3e7ee0eb873abaf4872be28881cf3c6427244c884a20c7860d64586da
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21-wc.5.6.0 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:34 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 17:02:38 GMT
ETag: "a6a-5cb7ed979a6c3"
Accept-Ranges: bytes
Content-Length: 2666
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
mem.com.mx/wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2-wc.5.6.0
72.52.253.68200 OK 23 kB URL HTTP/1.1 mem.com.mx/wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2-wc.5.6.0
IP 72.52.253.68:0
File type ASCII text, with very long lines (22774), with no line terminators
Hash 031b743a76c3631cddc1dd33e0b3f898
79e6163cf945a4221240259a3671ab328652d13a
63ea4f605da0448be22667e995975d694333269fb13cf36036cd291798744c1b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2-wc.5.6.0 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:34 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 17:02:38 GMT
ETag: "58f6-5cb7ed979357c"
Accept-Ranges: bytes
Content-Length: 22774
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
mem.com.mx/wp-includes/js/underscore.min.js?ver=1.13.1
72.52.253.68200 OK 19 kB URL HTTP/1.1 mem.com.mx/wp-includes/js/underscore.min.js?ver=1.13.1
IP 72.52.253.68:0
File type ASCII text, with very long lines (19041)
Hash 3d4eded8f539eacea148e8fc2e5eeba9
69256a9300408c05fc3fbeca2ee16b99bf49c573
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/underscore.min.js?ver=1.13.1 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:34 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 19:13:45 GMT
ETag: "4a84-5cb80ae672660"
Accept-Ranges: bytes
Content-Length: 19076
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
mem.com.mx/wp-includes/js/wp-util.min.js?ver=5.8.6
72.52.253.68200 OK 1.3 kB URL HTTP/1.1 mem.com.mx/wp-includes/js/wp-util.min.js?ver=5.8.6
IP 72.52.253.68:0
File type ASCII text, with very long lines (1305)
Hash 8637362089372427b52fa10a43d8109c
6009bed674718329dce6055ab09fa95181162d81
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-util.min.js?ver=5.8.6 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:34 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 19:13:45 GMT
ETag: "53c-5cb80ae663c02"
Accept-Ranges: bytes
Content-Length: 1340
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
mem.com.mx/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=5.6.0
72.52.253.68200 OK 14 kB URL HTTP/1.1 mem.com.mx/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=5.6.0
IP 72.52.253.68:0
File type ASCII text, with very long lines (13595), with no line terminators
Hash d4404db36e560c1db1966e54e3ae9de6
1ed4dbed6b34c988ccd3c079ca6563099a59cc5f
1113cb471b59e05bbc7b41a1c17d18647090249f7a6ac9419b71598c0c37c683
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=5.6.0 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:34 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 17:02:38 GMT
ETag: "351b-5cb7ed9797fb3"
Accept-Ranges: bytes
Content-Length: 13595
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
mem.com.mx/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=5.6.0
72.52.253.68200 OK 6.4 kB URL HTTP/1.1 mem.com.mx/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=5.6.0
IP 72.52.253.68:0
File type Unicode text, UTF-8 text, with very long lines (6357), with no line terminators
Hash d71a9deb6b35ed78b25d49739cb2299e
74daa3f57001632d74a004977ec50c1b74d729d4
c799cc52f81045dc282c29f1f879d9f889e9789d9c35ce569aa3e5e3e7323834
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=5.6.0 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:34 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 17:02:38 GMT
ETag: "18d8-5cb7ed9799b0b"
Accept-Ranges: bytes
Content-Length: 6360
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
mem.com.mx/wp-content/uploads/dynamic_avia/avia-footer-scripts-05c5e709047ce2d66f687722d49ae659---6144fb11ac6fd.js
72.52.253.68200 OK 86 kB URL HTTP/1.1 mem.com.mx/wp-content/uploads/dynamic_avia/avia-footer-scripts-05c5e709047ce2d66f687722d49ae659---6144fb11ac6fd.js
IP 72.52.253.68:0
File type Unicode text, UTF-8 text, with very long lines (10548)
Hash 71ab0cd85c390cd95b5155f14a3c6fb1
f92b928d8f641230b6e175097fc9c11729ae8d71
89bb202889f647b03601494474f58ab64ae30e7805838ce8e281b64ef4736d32
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/dynamic_avia/avia-footer-scripts-05c5e709047ce2d66f687722d49ae659---6144fb11ac6fd.js HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:34 GMT
Server: Apache
Last-Modified: Fri, 17 Sep 2021 20:31:13 GMT
ETag: "14fca-5cc36d002e87a"
Accept-Ranges: bytes
Content-Length: 85962
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
mem.com.mx/wp-content/uploads/2021/09/Logo.png
72.52.253.68200 OK 12 kB URL HTTP/1.1 mem.com.mx/wp-content/uploads/2021/09/Logo.png
IP 72.52.253.68:0
File type PNG image data, 559 x 220, 8-bit/color RGBA, non-interlaced\012- data
Hash 3f88fffdb92e2c3b965099548132b165
9452f6f08a456a9db19ba5d4d0fd76f9f261b208
cca47e5997bc02e25ea12d221bc9518cbddefba7ebc7cc18997472197f35e194
GET /wp-content/uploads/2021/09/Logo.png HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:34 GMT
Server: Apache
Last-Modified: Tue, 14 Sep 2021 18:16:31 GMT
ETag: "2dee-5cbf894c6e391"
Accept-Ranges: bytes
Content-Length: 11758
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
mem.com.mx/wp-content/themes/enfold/config-templatebuilder/avia-template-builder/assets/fonts/entypo-fontello.woff2
72.52.253.68200 OK 39 kB URL HTTP/1.1 mem.com.mx/wp-content/themes/enfold/config-templatebuilder/avia-template-builder/assets/fonts/entypo-fontello.woff2
IP 72.52.253.68:0
File type Web Open Font Format (Version 2), TrueType, length 39220, version 1.0\012- data
Hash 88bd94b6a31a73b5ee2b4a9799c7285e
59b220f616928d7baef57b681093c55c3f787abd
7f260ff280b2e54e84e6f9c2790da49cc9abadc457b77d1df4dea121a8c8ab6e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/enfold/config-templatebuilder/avia-template-builder/assets/fonts/entypo-fontello.woff2 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:34 GMT
Server: Apache
Last-Modified: Tue, 02 Mar 2021 18:03:04 GMT
ETag: "9934-5bc918bb92600"
Accept-Ranges: bytes
Content-Length: 39220
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__es.js
216.58.211.3200 OK 165 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__es.js
IP 216.58.211.3:0
File type ASCII text, with very long lines (828)
Size 165 kB (165004 bytes)
Hash 511164c9a31006d3d18993e6e8cfdd10
daf2cd031bd77506209a8b3a43531a567746ceac
e1e5d50b7c40295499b4b494c45ca60043cd91d4ee415ca9088ac2706987876c
GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__es.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mem.com.mx
Connection: keep-alive
Referer: https://mem.com.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 165004
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:04:20 GMT
expires: Tue, 23 Jan 2024 18:04:20 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
age: 497534
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mem.com.mx/wp-content/uploads/2021/09/icon.jpg
72.52.253.68200 OK 8.9 kB URL HTTP/1.1 mem.com.mx/wp-content/uploads/2021/09/icon.jpg
IP 72.52.253.68:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 180x180, components 3\012- data
Hash 3671fd24be1c56174291ee0c1046c0c6
f83e1d7a6601716ac9bedc30978d2d0d8ae13c32
910ea8019aab30ec6c2aa58d994c8b2b5c722e0234a4d3b440e2ce44e906fe0d
GET /wp-content/uploads/2021/09/icon.jpg HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:34 GMT
Server: Apache
Last-Modified: Fri, 17 Sep 2021 20:30:19 GMT
ETag: "22ce-5cc36cccd434f"
Accept-Ranges: bytes
Content-Length: 8910
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
mem.com.mx/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
72.52.253.68200 OK 78 kB URL HTTP/1.1 mem.com.mx/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 72.52.253.68:0
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mem.com.mx/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:34 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 19:14:08 GMT
ETag: "13174-5cb80afc55fc7"
Accept-Ranges: bytes
Content-Length: 78196
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
mem.com.mx/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
72.52.253.68200 OK 77 kB URL HTTP/1.1 mem.com.mx/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP 72.52.253.68:0
File type Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Hash f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mem.com.mx/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:34 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 19:14:08 GMT
ETag: "12bdc-5cb80afc56797"
Accept-Ranges: bytes
Content-Length: 76764
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mem.com.mx
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 13:09:06 GMT
expires: Wed, 24 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 428848
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mem.com.mx/?wc-ajax=get_refreshed_fragments
72.52.253.68200 OK 795 B URL HTTP/1.1 mem.com.mx/?wc-ajax=get_refreshed_fragments
IP 72.52.253.68:0
File type JSON data\012- , ASCII text, with very long lines (795), with no line terminators
Hash cd17452d4e8efda9b21ceef1408aad47
8a40f38be52c5f8e145bcbbbb4cff002ac406bfa
ca86a84f0b2670c0182a4b098fa2841141ea18b9c8cef89c9d33c54928661bba
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: mem.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://mem.com.mx
Connection: keep-alive
Referer: https://mem.com.mx/wp-includes/css/cs/login.php
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:16:34 GMT
Server: Apache
Access-Control-Allow-Origin: https://mem.com.mx
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Powered-By: PHP/7.4.33, PleskLin
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8