firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 17:15:02 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZMjCpJ9oxkXXynwt-OfOJqQ1TXzB9qh7oAZkf8Cnl98YU-qwhCksJw==
Age: 2633
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16830
Expires: Sun, 25 Sep 2022 22:39:25 GMT
Date: Sun, 25 Sep 2022 17:58:55 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NsNeXRS4dBqu7uUoxEF_FLQzZK8OIzZvVSX0O6W3XRNDLkynmXNvwg==
age: 48221
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 17:58:55 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cafexstock.com/wp-login.php
45.252.248.16302 Found 0 B URL HTTP/1.1 cafexstock.com/wp-login.php
IP 45.252.248.16:0
ASN #63760 AZDIGI Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-login.php HTTP/1.1
Host: cafexstock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.25
x-redirect-by: WordPress
location: https://cafexstock.com/wp-login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Sun, 25 Sep 2022 17:58:55 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=15768000; includeSubDomains
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 25 Sep 2022 17:04:17 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 25 Sep 2022 17:17:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OyqtInz-Ea8QRADuYdu_VnRHxPiEGFZBuXiLN0lLSvtSCHrdNcd-Jg==
Age: 3278
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd3b36dc2b620b48de491a8d9ba00fc0
be67ba7db5215dcb7c9225876e35a5e0a5005c9e
28205ee62c77b1caad6cc24c1ce98ddb92d26f67d41270f7d5278208a907c62f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6049
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 17:58:56 GMT
Last-Modified: Sun, 25 Sep 2022 16:18:07 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.69.181.45101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.69.181.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +81E1JGk70Gx813CFc5bcg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: i2NW9h8zzp7WlPVJJQ0J0MtwNlg=
cafexstock.com/wp-login.php
45.252.248.16200 OK 2.0 kB URL HTTP/2 cafexstock.com/wp-login.php
IP 45.252.248.16:0
ASN #63760 AZDIGI Corporation
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 34328c5146062e2932d7b337fa479d0c
691881f9dab4fab1262344847efd2aa97d506c86
6c129d02f7c846ad44410db46670320bcfad6c75d6fa58adaebe707d5018c7a6
Analyzer Verdict Alert fortinet Phishing
GET /wp-login.php HTTP/1.1
Host: cafexstock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.4.25
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
set-cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure
PHPSESSID=6706c8100b9d604e3fff1cc9c71d477c; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-length: 2031
content-encoding: br
vary: Accept-Encoding
date: Sun, 25 Sep 2022 17:58:56 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9162
Expires: Sun, 25 Sep 2022 20:31:38 GMT
Date: Sun, 25 Sep 2022 17:58:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9162
Expires: Sun, 25 Sep 2022 20:31:38 GMT
Date: Sun, 25 Sep 2022 17:58:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5CzA52-o7GYViSJ4lna7ptv9dycJCUL-NLWOk-iCW-ZxDU_FQH_OoQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 17:56:20 GMT
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
age: 156
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:19 GMT
age: 73297
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F742ed98b-b8fa-4199-984b-51f661ac6e89.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F742ed98b-b8fa-4199-984b-51f661ac6e89.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3f93f322ecd0244e7ee4169b200b50df
8db9c71402f2c8ceee047c56ca1a5e41c74f5cf3
2bb739a60a4581e554fb308be7df8b3d7f47e95051e5ef5e0d1d9ed0a0443b68
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F742ed98b-b8fa-4199-984b-51f661ac6e89.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4829
x-amzn-requestid: c283df3f-4198-47dd-9b24-634c425bccd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2aA_HgFoAMF_tQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632c0a06-3881d661368a03ae48227b37;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 07:08:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3zDl5u8ndYwMQ2-4aH1sRDit8p-G3OK9bvGNj1hOab9dWo5389KPGg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 08:15:05 GMT
age: 35031
etag: "8db9c71402f2c8ceee047c56ca1a5e41c74f5cf3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d59e1bbd58ff8c5fe5faecb58149601
ad7f5ed3a5f6923a0b1bb093bbc0f31a44fd0bcd
c16a2adaeaabbe45801ab5d12ceaeab587b525b4959933f53a9c8dcdb12aec68
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7757
x-amzn-requestid: 3092c81c-f703-403a-b718-e18f035f9464
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJQFUWIAMF7Pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-565f665c7e34294079703141;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hc0cpj1kMbAQqcM0ooSgEdS8nPP0m4FJD1bHdY7jN2OENNsJF_gluA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 08:16:33 GMT
age: 34943
etag: "ad7f5ed3a5f6923a0b1bb093bbc0f31a44fd0bcd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a89e7161745036637a66e8ab5b7efdf9
79c83cc27996b2339bd63764dbb2ae9744db6d70
13b990c3c6a9bee6def25d007e14628c52e427b6f4c718895b1817d5e8e59760
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8715
x-amzn-requestid: d5e237f4-4c0e-4e3b-b3ae-ea1eb5b7cafc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5JmTEAwIAMF_Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d22f4-48a975a866edc1755858600f;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 03:07:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Sm6N8Un8XKHtGGZwxLd1aYygBns1l8siRvcc2w_9V2imJopvt8Ockw==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 07:09:15 GMT
age: 38981
etag: "79c83cc27996b2339bd63764dbb2ae9744db6d70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dfdacc8edea3c24dad020d7e9c11b3f4
2b6e37596e88b62f288dc8e8c937fd904fae28d5
338a44f3bcc01bdd197f037dd8f8bf58a18dea00127465488efe76fb72a6fdff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8914
x-amzn-requestid: 8cfdc32e-f04a-4fd6-a1f1-632934a682fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EUHqJoAMF7MQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7881-14a6d8ef126409964607e0aa;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kdF6En2vbJhRH1bkYMOuNm5XOIsT1qs3FE281N1SKn1FbyW-oNZsEw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:06 GMT
etag: "2b6e37596e88b62f288dc8e8c937fd904fae28d5"
content-type: image/jpeg
age: 73310
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cafexstock.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
45.252.248.16200 OK 5.6 kB URL HTTP/2 cafexstock.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 45.252.248.16:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (11126)
Hash 0fd56e2686fc202e1230de23ccd3f398
b8e1951b4c652d3fa5fed71a80527d34499863b7
5f6d016d7c479cfd9d30f1f9ac79a7842f60457c7749be6bb32f8833bef45cad
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: cafexstock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cafexstock.com/wp-login.php
Cookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=6706c8100b9d604e3fff1cc9c71d477c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 17:58:56 GMT
content-type: application/javascript
last-modified: Fri, 11 Dec 2020 09:28:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5559
date: Sun, 25 Sep 2022 17:58:56 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
cafexstock.com/wp-includes/css/buttons.min.css?ver=5.8
45.252.248.16200 OK 1.4 kB URL HTTP/2 cafexstock.com/wp-includes/css/buttons.min.css?ver=5.8
IP 45.252.248.16:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (5819)
Hash e2bd84d40803926fb964da1c4014ea37
3ac4c6164a8583d3088058eab6fca0298ad03e96
dece60b811c14c77b8ec26667724f7543f684377b57fad34bdcb66dd8173d860
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/buttons.min.css?ver=5.8 HTTP/1.1
Host: cafexstock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cafexstock.com/wp-login.php
Cookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=6706c8100b9d604e3fff1cc9c71d477c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 17:58:56 GMT
content-type: text/css
last-modified: Sun, 29 Aug 2021 04:52:39 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1390
date: Sun, 25 Sep 2022 17:58:56 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
cafexstock.com/wp-admin/css/forms.min.css?ver=5.8
45.252.248.16200 OK 6.5 kB URL HTTP/2 cafexstock.com/wp-admin/css/forms.min.css?ver=5.8
IP 45.252.248.16:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (25326)
Hash 2dd0fe3b803224f277027c60499851a6
9f3d7569edbc281caa8fb15092c88f0b4797197b
20b82514c8d542d23fdbc5166c62e7159d846bf033325b708555fb5de4870297
GET /wp-admin/css/forms.min.css?ver=5.8 HTTP/1.1
Host: cafexstock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cafexstock.com/wp-login.php
Cookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=6706c8100b9d604e3fff1cc9c71d477c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 17:58:56 GMT
content-type: text/css
last-modified: Sun, 29 Aug 2021 04:52:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6452
date: Sun, 25 Sep 2022 17:58:56 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
cafexstock.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
45.252.248.16200 OK 33 kB URL HTTP/2 cafexstock.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 45.252.248.16:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (65447)
Hash bcb5b1336c1538133b050d4cb3e14b85
d93aaf718551e97ceb7045e429a47cb16f3d8bec
3c3a6f62c25fc1d6f0e642c9f482b0b3bf743c17ba870d0bc741b8f4754992ab
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: cafexstock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cafexstock.com/wp-login.php
Cookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=6706c8100b9d604e3fff1cc9c71d477c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 17:58:56 GMT
content-type: application/javascript
last-modified: Sun, 29 Aug 2021 04:52:39 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 33261
date: Sun, 25 Sep 2022 17:58:56 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
cafexstock.com/wp-includes/css/dashicons.min.css?ver=5.8
45.252.248.16200 OK 35 kB URL HTTP/2 cafexstock.com/wp-includes/css/dashicons.min.css?ver=5.8
IP 45.252.248.16:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (58981)
Hash 173dde0c23e54ef64789ba9afec29c06
7d8af7cbe365f22fe5f59678c383852e1f77dca3
571f5bac91195b54e4081329791e318edb2152685d69bf3444b7de146ee51de5
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dashicons.min.css?ver=5.8 HTTP/1.1
Host: cafexstock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cafexstock.com/wp-login.php
Cookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=6706c8100b9d604e3fff1cc9c71d477c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 17:58:56 GMT
content-type: text/css
last-modified: Sun, 29 Aug 2021 04:52:39 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 35200
date: Sun, 25 Sep 2022 17:58:56 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
cafexstock.com/wp-admin/css/l10n.min.css?ver=5.8
45.252.248.16200 OK 648 B URL HTTP/2 cafexstock.com/wp-admin/css/l10n.min.css?ver=5.8
IP 45.252.248.16:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (2442)
Hash c4dc4b2f0425241c1034d777a7aaf04c
154aef7a175491405e64b86392462e362837a22f
50c145f3e64f78de8101217969614fd3de507a7afc1d6a1cb1f652be45dbb30b
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/css/l10n.min.css?ver=5.8 HTTP/1.1
Host: cafexstock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cafexstock.com/wp-login.php
Cookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=6706c8100b9d604e3fff1cc9c71d477c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 17:58:56 GMT
content-type: text/css
last-modified: Tue, 11 Dec 2018 16:13:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 648
date: Sun, 25 Sep 2022 17:58:56 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
cafexstock.com/wp-admin/css/login.min.css?ver=5.8
45.252.248.16200 OK 2.0 kB URL HTTP/2 cafexstock.com/wp-admin/css/login.min.css?ver=5.8
IP 45.252.248.16:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (5681)
Hash a07e641b2c33bcd432dae526aa438188
77b74535df108d5a5c90422c3a3a57c718fecfde
53c08974e3617d51aa1a45bb749e7d35aa590eb8ce80f97e98cc8615b2339127
GET /wp-admin/css/login.min.css?ver=5.8 HTTP/1.1
Host: cafexstock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cafexstock.com/wp-login.php
Cookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=6706c8100b9d604e3fff1cc9c71d477c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 17:58:56 GMT
content-type: text/css
last-modified: Sun, 29 Aug 2021 04:52:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2018
date: Sun, 25 Sep 2022 17:58:56 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
cafexstock.com/wp-content/plugins/limit-login-attempts-reloaded/assets/css/login-page-styles.css?ver=2.25.5
45.252.248.16200 OK 293 B URL HTTP/2 cafexstock.com/wp-content/plugins/limit-login-attempts-reloaded/assets/css/login-page-styles.css?ver=2.25.5
IP 45.252.248.16:0
ASN #63760 AZDIGI Corporation
Hash ab0b594cc06e59bc254020362cddf4ca
1a7f8145db8c7ec82e51c77b452791c78c10a1eb
6194a0ccbe6ee48d4d2416cf9171c948b6ee743f6a069cc3971536e80f9d2e9b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/limit-login-attempts-reloaded/assets/css/login-page-styles.css?ver=2.25.5 HTTP/1.1
Host: cafexstock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cafexstock.com/wp-login.php
Cookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=6706c8100b9d604e3fff1cc9c71d477c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 17:58:56 GMT
content-type: text/css
last-modified: Sat, 17 Sep 2022 10:06:47 GMT
accept-ranges: bytes
content-length: 293
date: Sun, 25 Sep 2022 17:58:56 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
cafexstock.com/wp-includes/js/zxcvbn-async.min.js?ver=1.0
45.252.248.16200 OK 1.4 kB URL HTTP/2 cafexstock.com/wp-includes/js/zxcvbn-async.min.js?ver=1.0
IP 45.252.248.16:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (2553)
Hash fb94c490e8bd43cdf57adce8cb915851
615b829c07f5892e334192af26d351be7f818444
ca2a15afebbc5601ffc2c609c41776c35b62656fd7699063030bf79f0546e99a
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/zxcvbn-async.min.js?ver=1.0 HTTP/1.1
Host: cafexstock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cafexstock.com/wp-login.php
Connection: keep-alive
Cookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=6706c8100b9d604e3fff1cc9c71d477c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 17:58:56 GMT
content-type: application/javascript
last-modified: Sun, 29 Aug 2021 04:52:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1440
date: Sun, 25 Sep 2022 17:58:56 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
cafexstock.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
45.252.248.16200 OK 3.7 kB URL HTTP/2 cafexstock.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
IP 45.252.248.16:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (8643), with no line terminators
Hash 95da449210e069fc8d6240a96d88cf1c
74426194f154a609ebcece077ab21f2f96bbcf9d
e0713d389bb78af1b8973ac970881893f7f14ac9ba7f362a804183c88d9b0e00
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7 HTTP/1.1
Host: cafexstock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cafexstock.com/wp-login.php
Connection: keep-alive
Cookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=6706c8100b9d604e3fff1cc9c71d477c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 17:58:56 GMT
content-type: application/javascript
last-modified: Sun, 29 Aug 2021 04:52:39 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3711
date: Sun, 25 Sep 2022 17:58:56 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
cafexstock.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
45.252.248.16200 OK 7.4 kB URL HTTP/2 cafexstock.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 45.252.248.16:0
ASN #63760 AZDIGI Corporation
File type Unicode text, UTF-8 text, with very long lines (18560)
Hash ad80f1ed5771d0a0d61d6cc615dceee7
67621e03af80e95a9d8e7a67d543bf276b0e58ab
b63967285f2892a6c5497a4249b7ee77ef1c0e87a8231626f550ad9e1a811ccb
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: cafexstock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cafexstock.com/wp-login.php
Connection: keep-alive
Cookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=6706c8100b9d604e3fff1cc9c71d477c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 17:58:56 GMT
content-type: application/javascript
last-modified: Sun, 29 Aug 2021 04:52:39 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7393
date: Sun, 25 Sep 2022 17:58:56 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
cafexstock.com/wp-includes/js/dist/hooks.min.js?ver=a7edae857aab69d69fa10d5aef23a5de
45.252.248.16200 OK 3.1 kB URL HTTP/2 cafexstock.com/wp-includes/js/dist/hooks.min.js?ver=a7edae857aab69d69fa10d5aef23a5de
IP 45.252.248.16:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (7642)
Hash 7b95ee333265b227c01b74ddb2e50bff
2970ccbff916b505e1475c3c16470e9fffa8e8d1
936fc6d06cf898dd8beae1b195acab95c62c9f882d018640297d44b14f3effec
GET /wp-includes/js/dist/hooks.min.js?ver=a7edae857aab69d69fa10d5aef23a5de HTTP/1.1
Host: cafexstock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cafexstock.com/wp-login.php
Connection: keep-alive
Cookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=6706c8100b9d604e3fff1cc9c71d477c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 17:58:56 GMT
content-type: application/javascript
last-modified: Sun, 29 Aug 2021 04:52:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3097
date: Sun, 25 Sep 2022 17:58:56 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
cafexstock.com/wp-includes/js/dist/i18n.min.js?ver=5f1269854226b4dd90450db411a12b79
45.252.248.16200 OK 5.2 kB URL HTTP/2 cafexstock.com/wp-includes/js/dist/i18n.min.js?ver=5f1269854226b4dd90450db411a12b79
IP 45.252.248.16:0
ASN #63760 AZDIGI Corporation
Hash 3c6509d35e0985e8f8d35a21331616c6
5120e82c118bedae8240805dfd734a7195a5ae3c
b66f70fa23fbaee583d6f22bb25106b5ac282d96230c01e826aa7290fe984899
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/i18n.min.js?ver=5f1269854226b4dd90450db411a12b79 HTTP/1.1
Host: cafexstock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cafexstock.com/wp-login.php
Connection: keep-alive
Cookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=6706c8100b9d604e3fff1cc9c71d477c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 17:58:56 GMT
content-type: application/javascript
last-modified: Sun, 29 Aug 2021 04:52:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5180
date: Sun, 25 Sep 2022 17:58:56 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
cafexstock.com/wp-admin/js/password-strength-meter.min.js?ver=5.8
45.252.248.16200 OK 1.9 kB URL HTTP/2 cafexstock.com/wp-admin/js/password-strength-meter.min.js?ver=5.8
IP 45.252.248.16:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (3325)
Hash a6563e2050d5a0302514f13646da9381
1997a9b9ddde79d4f2094bcdda031b83ea5552b5
69d99ab971dc7e77d765985a7583ac83c0ddc53d9e1db517e3d8a40f25c64e8a
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/js/password-strength-meter.min.js?ver=5.8 HTTP/1.1
Host: cafexstock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cafexstock.com/wp-login.php
Connection: keep-alive
Cookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=6706c8100b9d604e3fff1cc9c71d477c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 17:58:56 GMT
content-type: application/javascript
last-modified: Sun, 29 Aug 2021 04:52:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1857
date: Sun, 25 Sep 2022 17:58:56 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
cafexstock.com/wp-includes/js/underscore.min.js?ver=1.8.3
45.252.248.16200 OK 8.9 kB URL HTTP/2 cafexstock.com/wp-includes/js/underscore.min.js?ver=1.8.3
IP 45.252.248.16:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (21278)
Hash 87d228ad53474fe1308a56788e432eec
84b6a17271b3fba07c92a8d7d03e24dbafa5858e
32bc1345aad2b6e7451803df79cfc1729df74eaf9fc66861625bb3f196720492
GET /wp-includes/js/underscore.min.js?ver=1.8.3 HTTP/1.1
Host: cafexstock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cafexstock.com/wp-login.php
Connection: keep-alive
Cookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=6706c8100b9d604e3fff1cc9c71d477c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 17:58:56 GMT
content-type: application/javascript
last-modified: Sun, 29 Aug 2021 04:52:39 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8894
date: Sun, 25 Sep 2022 17:58:56 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
cafexstock.com/wp-includes/js/wp-util.min.js?ver=5.8
45.252.248.16200 OK 1.9 kB URL HTTP/2 cafexstock.com/wp-includes/js/wp-util.min.js?ver=5.8
IP 45.252.248.16:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (3542)
Hash c9413f0964de7242afe514ca16fe0ad8
e6e184254b73690f9cbb68529bd81c75419dd9ef
815b716fb828cfb10939fa1e183aa86713d17e42fcd33d531cea46faa90975c4
GET /wp-includes/js/wp-util.min.js?ver=5.8 HTTP/1.1
Host: cafexstock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cafexstock.com/wp-login.php
Connection: keep-alive
Cookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=6706c8100b9d604e3fff1cc9c71d477c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 17:58:56 GMT
content-type: application/javascript
last-modified: Sun, 29 Aug 2021 04:52:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1949
date: Sun, 25 Sep 2022 17:58:56 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
cafexstock.com/wp-admin/js/user-profile.min.js?ver=5.8
45.252.248.16200 OK 3.5 kB URL HTTP/2 cafexstock.com/wp-admin/js/user-profile.min.js?ver=5.8
IP 45.252.248.16:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (8282)
Hash af77a57db6351da3ab4a412e33b7bfc2
1174753043b7446a63b7d5e65159d32f003a21f2
36d841c34dd4328aa9cf9a58f0410dca01b97f0e7c690528a1cd1b22459d9035
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/js/user-profile.min.js?ver=5.8 HTTP/1.1
Host: cafexstock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cafexstock.com/wp-login.php
Connection: keep-alive
Cookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=6706c8100b9d604e3fff1cc9c71d477c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 17:58:56 GMT
content-type: application/javascript
last-modified: Sun, 29 Aug 2021 04:52:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3492
date: Sun, 25 Sep 2022 17:58:56 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa43fecfd-7ebd-4a19-85fe-29bd0f3c5033.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa43fecfd-7ebd-4a19-85fe-29bd0f3c5033.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca8f8393365641de380e9443b37a8581
2fde9899cf74129d7df8868008b323a527dc1170
dbcc05dcbbbf4b89bf0f10999c0f5679e822cce6f9e3437f2cafb913606bd8c3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa43fecfd-7ebd-4a19-85fe-29bd0f3c5033.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9042
x-amzn-requestid: 8c2e6356-2b43-4162-94b9-efd45249047c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--PmHRtIAMFwaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7730-034b1944694141f04debec31;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k1hcUfebiQMb8IRsmeAOkyI02F1vUvh7J9GxgU4qO8Ebp3TQUC2fQQ==
via: 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:24:40 GMT
age: 70463
etag: "2fde9899cf74129d7df8868008b323a527dc1170"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2