group-cnm.com/wp-content/uploads/slider/cache/12bc812074cfb2a9cb09334460894f09/.jvil
172.104.29.37301 Moved Permanently 300 B URL HTTP/1.1 group-cnm.com/wp-content/uploads/slider/cache/12bc812074cfb2a9cb09334460894f09/.jvil
IP 172.104.29.37:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8940ae3f0158124935b6db2f6914f3a5
458ec5a12d125f663408e034c9290e608e2bc5e8
c333a5420b29950abeb7c2144e04ba208240916d00a29d8fbc67995cdfb5a5a3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/slider/cache/12bc812074cfb2a9cb09334460894f09/.jvil HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 29 Jan 2023 03:24:42 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 300
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Security-Policy: upgrade-insecure-requests
Location: https://group-cnm.com/wp-content/uploads/slider/cache/12bc812074cfb2a9cb09334460894f09/.jvil
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3525
Expires: Sun, 29 Jan 2023 04:23:28 GMT
Date: Sun, 29 Jan 2023 03:24:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3131
Expires: Sun, 29 Jan 2023 04:16:54 GMT
Date: Sun, 29 Jan 2023 03:24:43 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 02:35:33 GMT
content-type: application/json
age: 2950
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15490
Expires: Sun, 29 Jan 2023 07:42:53 GMT
Date: Sun, 29 Jan 2023 03:24:43 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8qteyR+3LVr9dbDDZwihAeYmVMHr/QfoIE3xdQQDqkTNEqokC7iPgOrjU69dwYNzKHcfUzh+1mAM8XMB5sh7Sw==
x-amz-request-id: G165XMCBHE8ZZ4SD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 03:21:14 GMT
age: 209
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:43 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 65a966d0b96f166237be1bbb10b33a00
d440996b16d3303e25147508d54335283bb9acd9
15abbbcdd01149d7b5663be4b57aad2df168d346998689b7fbe5bb5228f9ad71
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "15ABBBCDD01149D7B5663BE4B57AAD2DF168D346998689B7FBE5BB5228F9AD71"
Last-Modified: Thu, 26 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21565
Expires: Sun, 29 Jan 2023 09:24:08 GMT
Date: Sun, 29 Jan 2023 03:24:43 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 02:49:03 GMT
age: 2140
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21312
Expires: Sun, 29 Jan 2023 09:19:55 GMT
Date: Sun, 29 Jan 2023 03:24:43 GMT
Connection: keep-alive
group-cnm.com/wp-content/uploads/slider/cache/12bc812074cfb2a9cb09334460894f09/.jvil
172.104.29.37301 Moved Permanently 0 B URL HTTP/2 group-cnm.com/wp-content/uploads/slider/cache/12bc812074cfb2a9cb09334460894f09/.jvil
IP 172.104.29.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/slider/cache/12bc812074cfb2a9cb09334460894f09/.jvil HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 29 Jan 2023 03:24:43 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://group-cnm.com
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: Rank Math
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.10.3.114101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.10.3.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1YZRIw8XneeGM6k+nrpQlA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Xo25BXNnvVkpNJuKfpdqYid7eLU=
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 03:24:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 86352d15c37831cf9bf1e41325029224
ac8b28bcc1e6dd026e1f62d1ef8b9f80a42eee21
154f5f5e116df41f5d3bd414c671138b2afc198071529a0f3573109277566cd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 03:24:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 03:24:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?onload=wpformsRecaptchaLoad&render=explicit
142.250.74.132200 OK 582 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=wpformsRecaptchaLoad&render=explicit
IP 142.250.74.132:0
File type ASCII text, with very long lines (915), with no line terminators
Hash d8b928922cde201da25df13090a4a9ee
01e20291a5380c755795c755c6e0ca4fb66507db
6d786e18539107b5ee8dcf718327878eaaaaafff30cdb3014aa0f8cc3fc4aa77
GET /recaptcha/api.js?onload=wpformsRecaptchaLoad&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 29 Jan 2023 03:24:44 GMT
date: Sun, 29 Jan 2023 03:24:44 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 582
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A500%2C700%2Cregular%7CRubik%3A700&display=swap&ver=1.0
216.58.207.202200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A500%2C700%2Cregular%7CRubik%3A700&display=swap&ver=1.0
IP 216.58.207.202:0
Hash ca5e98c937ca4332a78f8aaff89bd79f
ef11f38edbe53bc95de1b7bcdd2eb2a084f63871
e81aeceadf6cd9aa4a1f34a79e5e0b1d92b8b3cc553a283ba48c62d4a4e3dbc3
GET /css?family=Roboto%3A500%2C700%2Cregular%7CRubik%3A700&display=swap&ver=1.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 03:24:44 GMT
date: Sun, 29 Jan 2023 03:24:44 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 03:24:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
group-cnm.com/wp-content/plugins/wordpress-popup/assets/hustle-ui/fonts/hustle-icons-font.woff2
172.104.29.37200 OK 6.3 kB URL HTTP/2 group-cnm.com/wp-content/plugins/wordpress-popup/assets/hustle-ui/fonts/hustle-icons-font.woff2
IP 172.104.29.37:0
File type Web Open Font Format (Version 2), TrueType, length 6284, version 1.0\012- data
Hash 1ac13c6e41e0b159ac1e0ebcba74d348
28bea94f503f06dd50c49208b957021e648c16f5
69f370353fef12fbaceef8e636067f722fec5761595ad354e6bcea5e07393f01
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wordpress-popup/assets/hustle-ui/fonts/hustle-icons-font.woff2 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: font/woff2
content-length: 6284
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 08 Jun 2022 13:38:22 GMT
expires: Thu, 30 Mar 2023 03:24:44 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
group-cnm.com/wp-content/uploads/2022/05/VIP_Party_Facebook_Cover-removebg-preview.png
172.104.29.37200 OK 44 kB URL HTTP/2 group-cnm.com/wp-content/uploads/2022/05/VIP_Party_Facebook_Cover-removebg-preview.png
IP 172.104.29.37:0
File type PNG image data, 666 x 375, 8-bit/color RGBA, non-interlaced\012- data
Hash 536788546fb154f8be0f846c08b4a777
b383445914991e7616ce422b4aef8444bbebacd0
b41f01f22189a56146df21c4a6bbe7d7f94e3aaee87536bc391cf051f04a1d27
GET /wp-content/uploads/2022/05/VIP_Party_Facebook_Cover-removebg-preview.png HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: image/png
content-length: 44422
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 24 May 2022 15:24:28 GMT
expires: Thu, 30 Mar 2023 03:24:44 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
group-cnm.com/wp-content/uploads/2022/05/2-removebg-preview-3.png
172.104.29.37200 OK 19 kB URL HTTP/2 group-cnm.com/wp-content/uploads/2022/05/2-removebg-preview-3.png
IP 172.104.29.37:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 116936b70623ead4a7cf6288f429b944
673a1fae78be3359d523d5d0f537f5cb38772b5d
fee77b4068356dc6308feeff8ae80262eafcee805e902baf88ebacca31561263
GET /wp-content/uploads/2022/05/2-removebg-preview-3.png HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: image/png
content-length: 19095
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 25 May 2022 13:25:28 GMT
expires: Thu, 30 Mar 2023 03:24:44 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
group-cnm.com/wp-content/uploads/2022/05/3-ALTADOS-removebg-preview-1.png
172.104.29.37200 OK 7.6 kB URL HTTP/2 group-cnm.com/wp-content/uploads/2022/05/3-ALTADOS-removebg-preview-1.png
IP 172.104.29.37:0
File type PNG image data, 272 x 185, 8-bit/color RGBA, non-interlaced\012- data
Hash 4cc58e4b51cef515586007a8d7bbee81
6cdd10149aef9b26277c7030e9a24dfe53a150ee
369f1405120677d82e96e1c2f6a49524c57bfe1613e35593c35288a05decbb9e
GET /wp-content/uploads/2022/05/3-ALTADOS-removebg-preview-1.png HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: image/png
content-length: 7631
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 25 May 2022 13:25:30 GMT
expires: Thu, 30 Mar 2023 03:24:44 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
group-cnm.com/wp-content/uploads/2022/05/6-removebg-preview-1.png
172.104.29.37200 OK 23 kB URL HTTP/2 group-cnm.com/wp-content/uploads/2022/05/6-removebg-preview-1.png
IP 172.104.29.37:0
File type PNG image data, 223 x 226, 8-bit/color RGBA, non-interlaced\012- data
Hash 116edab2b415b7f0bfc5aa4674f019ca
6700cc8f910eab2de1e05ce3b10ef1dbdc9cf27c
10d69d2b32bb8220f3a4d9012743f57fb7082a7101c320ce7ec7ddd3e264a4dc
GET /wp-content/uploads/2022/05/6-removebg-preview-1.png HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: image/png
content-length: 22739
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 25 May 2022 13:25:30 GMT
expires: Thu, 30 Mar 2023 03:24:44 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
group-cnm.com/wp-content/uploads/2022/05/8-1.png
172.104.29.37200 OK 9.6 kB URL HTTP/2 group-cnm.com/wp-content/uploads/2022/05/8-1.png
IP 172.104.29.37:0
File type PNG image data, 153 x 53, 8-bit/color RGBA, non-interlaced\012- data
Hash 9a3d8f81576bdab4848618371ddbd727
3b1b431a9032fdaec97fa428208a53eeda6741b4
0aa609f08cc66c29829f5b70e1e56e0f0e8509dc1f4854e24fcf4028522acdca
GET /wp-content/uploads/2022/05/8-1.png HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: image/png
content-length: 9603
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 25 May 2022 13:25:34 GMT
expires: Thu, 30 Mar 2023 03:24:44 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
group-cnm.com/wp-content/uploads/2022/05/14-GER_ASSISTANCE-removebg-preview-1.png
172.104.29.37200 OK 15 kB URL HTTP/2 group-cnm.com/wp-content/uploads/2022/05/14-GER_ASSISTANCE-removebg-preview-1.png
IP 172.104.29.37:0
File type PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced\012- data
Hash 92497c0a83491aa3d083df1893f1be7f
f46cad879c3750fb5abf05c5161b55e87025c221
ffb444417924466c543b563577edc5f5531f0ac7fa9f09e994629619ad9af006
GET /wp-content/uploads/2022/05/14-GER_ASSISTANCE-removebg-preview-1.png HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: image/png
content-length: 15010
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 25 May 2022 13:25:36 GMT
expires: Thu, 30 Mar 2023 03:24:44 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 03:24:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.google.com/maps?q=Immeuble%2035%2C%20Appartement%208%2C%20Avenue%20Fal%20Ould%20Oumeir%2C%20Agdal%2C%20Rabat&t=m&z=15&output=embed&iwloc=near
142.250.74.46301 Moved Permanently 333 B URL HTTP/2 maps.google.com/maps?q=Immeuble%2035%2C%20Appartement%208%2C%20Avenue%20Fal%20Ould%20Oumeir%2C%20Agdal%2C%20Rabat&t=m&z=15&output=embed&iwloc=near
IP 142.250.74.46:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 8f1d4ef885e598760891d855b2fd8766
4bc9100edde4a6b82abc77d73820871679933dfe
6a6f40ecf482c7d6dba5dd9053dd5291b3813e7194d64cf35fc12614cfac4fed
GET /maps?q=Immeuble%2035%2C%20Appartement%208%2C%20Avenue%20Fal%20Ould%20Oumeir%2C%20Agdal%2C%20Rabat&t=m&z=15&output=embed&iwloc=near HTTP/1.1
Host: maps.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 29 Jan 2023 03:24:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sImmeuble+35,+Appartement+8,+Avenue+Fal+Ould+Oumeir,+Agdal,+Rabat!5e0!6i15
content-type: text/html; charset=UTF-8
server: mafe
content-length: 333
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
group-cnm.com/wp-content/plugins/wordpress-popup/assets/hustle-ui/css/hustle-popup.min.css?ver=4.4.13.1
172.104.29.37200 OK 3.9 kB URL HTTP/2 group-cnm.com/wp-content/plugins/wordpress-popup/assets/hustle-ui/css/hustle-popup.min.css?ver=4.4.13.1
IP 172.104.29.37:0
Hash 575322cc7ba3d8d1cbd0843904c9eb38
56c24785f21974a1252a5ed549e1c3b8f86b2c82
5a84b65928779d804ce076e4c5b148789435e239859b67eff78fe275cfae70e4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wordpress-popup/assets/hustle-ui/css/hustle-popup.min.css?ver=4.4.13.1 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 08 Jun 2022 13:38:22 GMT
expires: Tue, 28 Feb 2023 03:24:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 03:24:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
group-cnm.com/wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js?ver=1.7.4.2
172.104.29.37200 OK 9.9 kB URL HTTP/2 group-cnm.com/wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js?ver=1.7.4.2
IP 172.104.29.37:0
Hash 2e07ccb3f1a2c4cda915551068ec7856
2627ae9c887858442cee137f9200233b99ae888a
a6a6f6b3a96ae0be155e1de627ab2b33cdf583dda40ad321d75b10962f8352b5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js?ver=1.7.4.2 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 25 May 2022 13:49:52 GMT
expires: Tue, 28 Feb 2023 03:24:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/uploads/2022/05/16-Capgnini-removebg-preview.png
172.104.29.37200 OK 49 kB URL HTTP/2 group-cnm.com/wp-content/uploads/2022/05/16-Capgnini-removebg-preview.png
IP 172.104.29.37:0
File type PNG image data, 500 x 281, 8-bit/color RGBA, non-interlaced\012- data
Hash 353b85d91e2fb9d5ed962bc2fa6b532f
37436ea067108bf53c359c58cdde500291ace375
25c2a53d290f83aa139b3fd6153754dd5d55606b6cb92f79bef55cf36cbfe970
GET /wp-content/uploads/2022/05/16-Capgnini-removebg-preview.png HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: image/png
content-length: 49233
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 25 May 2022 13:25:38 GMT
expires: Thu, 30 Mar 2023 03:24:44 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
group-cnm.com/wp-content/uploads/2022/05/1-BDSI-Groupe-1-removebg-preview.png
172.104.29.37200 OK 49 kB URL HTTP/2 group-cnm.com/wp-content/uploads/2022/05/1-BDSI-Groupe-1-removebg-preview.png
IP 172.104.29.37:0
File type PNG image data, 627 x 398, 8-bit/color RGBA, non-interlaced\012- data
Hash 0c08caa93a0b2e2bd9a96e05ded55ad3
f55cc0904a281b884f78b074ec7ecd5da9051005
0a147f603dcc78c4d19e1893ba506c1457744bd3ef6711405185fc871cb78cc5
GET /wp-content/uploads/2022/05/1-BDSI-Groupe-1-removebg-preview.png HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: image/png
content-length: 49125
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 25 May 2022 13:26:54 GMT
expires: Thu, 30 Mar 2023 03:24:44 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
group-cnm.com/wp-content/uploads/2022/05/5-Circet-removebg-preview.png
172.104.29.37200 OK 53 kB URL HTTP/2 group-cnm.com/wp-content/uploads/2022/05/5-Circet-removebg-preview.png
IP 172.104.29.37:0
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Hash 6740ac4713f43ee946fa5df856855276
7a9220ddc706de69fd08c3a64600225ed85d2dac
eeaa6b24d3c307af70b2fdaf113d111ab9ea3d9f71c5ce0f399d7f44604f7aa7
GET /wp-content/uploads/2022/05/5-Circet-removebg-preview.png HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: image/png
content-length: 53218
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 25 May 2022 13:26:56 GMT
expires: Thu, 30 Mar 2023 03:24:44 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://group-cnm.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:33:54 GMT
expires: Thu, 25 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 287451
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
group-cnm.com/wp-content/uploads/2022/05/7-rbtech-removebg-preview.png
172.104.29.37200 OK 9.0 kB URL HTTP/2 group-cnm.com/wp-content/uploads/2022/05/7-rbtech-removebg-preview.png
IP 172.104.29.37:0
File type PNG image data, 106 x 66, 8-bit/color RGBA, non-interlaced\012- data
Hash 62f1302195118dceb0920b30321b5e4f
7055057b6812e3833715c39bc621d84d29fe5273
55aad3e7a79461edd4108bba8a77a6a3f084c7e801433bcccc0b817f5ad52239
GET /wp-content/uploads/2022/05/7-rbtech-removebg-preview.png HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: image/png
content-length: 9036
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 25 May 2022 13:27:00 GMT
expires: Thu, 30 Mar 2023 03:24:44 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
group-cnm.com/wp-content/uploads/2022/05/9-deltadrone-removebg-preview.png
172.104.29.37200 OK 58 kB URL HTTP/2 group-cnm.com/wp-content/uploads/2022/05/9-deltadrone-removebg-preview.png
IP 172.104.29.37:0
File type PNG image data, 645 x 387, 8-bit/color RGBA, non-interlaced\012- data
Hash f2c81cd3f5236a42692e3202a33bf655
2782c31aa0b115df21c19153c6ea6b2ca93e3fb0
569d4218757bc3a137b32a0fa8c4cb6234a69c1bf513519cccef79224fa6475e
GET /wp-content/uploads/2022/05/9-deltadrone-removebg-preview.png HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: image/png
content-length: 58319
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 25 May 2022 13:27:02 GMT
expires: Thu, 30 Mar 2023 03:24:44 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
group-cnm.com/wp-content/uploads/2022/05/10-cdsinfo-removebg-preview.png
172.104.29.37200 OK 23 kB URL HTTP/2 group-cnm.com/wp-content/uploads/2022/05/10-cdsinfo-removebg-preview.png
IP 172.104.29.37:0
File type PNG image data, 389 x 129, 8-bit/color RGBA, non-interlaced\012- data
Hash 90098b069dcf5c8c3930c41bbf9434a4
88b74570fc93bf678996fe19143a5a90455e12be
ddde76d6517079dc24a9e99c0fb85e29802b4ad7fbeb655f5d1672cc50108a9e
GET /wp-content/uploads/2022/05/10-cdsinfo-removebg-preview.png HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: image/png
content-length: 23045
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 25 May 2022 13:27:04 GMT
expires: Thu, 30 Mar 2023 03:24:44 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://group-cnm.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 07:51:59 GMT
expires: Thu, 25 Jan 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 329566
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
216.58.207.227200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 35904, version 1.0\012- data
Hash c26b97e7f5bb7a34d190703522d75e16
69d9e5aea0544dbaf9b78c1b65139c03eceece8f
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://group-cnm.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 22 Jan 2023 07:32:20 GMT
expires: Mon, 22 Jan 2024 07:32:20 GMT
cache-control: public, max-age=31536000
age: 589945
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 03:24:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 25ddd0659665cd846a67a77d14ed49c6
fe6478e4c02155cc3bd6f7a6ee8c20f6299ca81a
3e2e66e22bfe3e8881b7e3052e15d51c0b8cd90fed52d8805b9db16f2d8a16d5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=135003
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 03:24:45 GMT
Etag: "63d55358-117"
Expires: Mon, 30 Jan 2023 16:54:48 GMT
Last-Modified: Sat, 28 Jan 2023 16:54:48 GMT
Server: nginx
Content-Length: 279
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://group-cnm.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:52:41 GMT
expires: Tue, 23 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 462724
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
group-cnm.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
172.104.29.37200 OK 7.6 kB URL HTTP/2 group-cnm.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 172.104.29.37:0
Hash b33f35e84f963a8be28e88a7ef404c1f
dec093a08c45faf0541c8091b2bf00116d18c935
a8681df47e6b52594b14df719baef7d3546a14466cbd42f9e364cb961bd2bb9c
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 25 May 2022 13:22:06 GMT
expires: Tue, 28 Feb 2023 03:24:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/uploads/2022/05/15-HACA-Maroc-removebg-preview.png
172.104.29.37200 OK 46 kB URL HTTP/2 group-cnm.com/wp-content/uploads/2022/05/15-HACA-Maroc-removebg-preview.png
IP 172.104.29.37:0
File type PNG image data, 285 x 115, 8-bit/color RGBA, non-interlaced\012- data
Hash 2e5a78505975709b20848046b9ec2466
4e97d4f972781e67c9766560e95f250fbb502fcd
2ed7c661e8946c7812e9dbe17b98b31808f2ea68745d4c7e9d4c23a0502781d4
GET /wp-content/uploads/2022/05/15-HACA-Maroc-removebg-preview.png HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: image/png
content-length: 45747
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 25 May 2022 13:27:10 GMT
expires: Thu, 30 Mar 2023 03:24:44 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
group-cnm.com/wp-content/uploads/2022/05/16-Capgnini-removebg-preview-1.png
172.104.29.37200 OK 49 kB URL HTTP/2 group-cnm.com/wp-content/uploads/2022/05/16-Capgnini-removebg-preview-1.png
IP 172.104.29.37:0
File type PNG image data, 500 x 281, 8-bit/color RGBA, non-interlaced\012- data
Hash 353b85d91e2fb9d5ed962bc2fa6b532f
37436ea067108bf53c359c58cdde500291ace375
25c2a53d290f83aa139b3fd6153754dd5d55606b6cb92f79bef55cf36cbfe970
GET /wp-content/uploads/2022/05/16-Capgnini-removebg-preview-1.png HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: image/png
content-length: 49233
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 25 May 2022 13:27:12 GMT
expires: Thu, 30 Mar 2023 03:24:45 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
group-cnm.com/wp-content/uploads/2022/05/11-APERFORMANCES-removebg-preview.png
172.104.29.37200 OK 79 kB URL HTTP/2 group-cnm.com/wp-content/uploads/2022/05/11-APERFORMANCES-removebg-preview.png
IP 172.104.29.37:0
File type PNG image data, 861 x 249, 8-bit/color RGBA, non-interlaced\012- data
Hash 9d56dc111459a6ac40e44b313d8d9ee1
7a115d25227d2b2f263e931e9b21c219083d9932
03e815debec0d2bb9b414936e29aad7cfc43b2fdb9071cdb200f2bc137b2fb6e
GET /wp-content/uploads/2022/05/11-APERFORMANCES-removebg-preview.png HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: image/png
content-length: 78763
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 25 May 2022 13:27:06 GMT
expires: Thu, 30 Mar 2023 03:24:44 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
group-cnm.com/wp-content/uploads/2022/05/13-geoassistance-removebg-preview.png
172.104.29.37200 OK 75 kB URL HTTP/2 group-cnm.com/wp-content/uploads/2022/05/13-geoassistance-removebg-preview.png
IP 172.104.29.37:0
File type PNG image data, 226 x 223, 8-bit/color RGBA, non-interlaced\012- data
Hash 85f1186bfecb9f2de63306f52256524d
1514956982aa35d8e5d167c1da8e905f0254c0f4
28e6cf7b1ac746ac54f09850e0d8b8551a222baf689d43872719ad39d613829f
GET /wp-content/uploads/2022/05/13-geoassistance-removebg-preview.png HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: image/png
content-length: 74919
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 25 May 2022 13:27:08 GMT
expires: Thu, 30 Mar 2023 03:24:44 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
group-cnm.com/wp-includes/js/wp-util.min.js?ver=6.0.3
172.104.29.37200 OK 984 B URL HTTP/2 group-cnm.com/wp-includes/js/wp-util.min.js?ver=6.0.3
IP 172.104.29.37:0
Hash d43f7a690e0889c6ad79ae407c2bfd7a
8d0fc149c9f558f7bd13e45b143e1438f90f470e
4a67f6f7c2b4a59da941456cf1c642973ad157218819691fb294784690e201e7
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-util.min.js?ver=6.0.3 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 25 Jun 2021 19:50:58 GMT
expires: Tue, 28 Feb 2023 03:24:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/uploads/2022/06/give-away-image.jpg
172.104.29.37200 OK 78 kB URL HTTP/2 group-cnm.com/wp-content/uploads/2022/06/give-away-image.jpg
IP 172.104.29.37:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x1100, components 3\012- data
Hash 171ea5d7fc8eb9cca3bb3109fa78a46a
5ab955496f9b429b5dd6bf17595eabc81f79f574
39529a6ea6ccac6fd770d68a4811b30d9fa504fcea4cd3a997491de93caf49c6
GET /wp-content/uploads/2022/06/give-away-image.jpg HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: image/jpeg
content-length: 77480
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 08 Jun 2022 16:48:00 GMT
expires: Thu, 30 Mar 2023 03:24:45 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
group-cnm.com/wp-content/themes/blocksy/static/bundle/main.js?ver=1.8.36
172.104.29.37200 OK 101 kB URL HTTP/2 group-cnm.com/wp-content/themes/blocksy/static/bundle/main.js?ver=1.8.36
IP 172.104.29.37:0
Size 101 kB (101041 bytes)
Hash 25c3553c33db09619f8b48184bf8a6ed
c7d3650d6f715842b7e59abe3a905e051061281f
f92d57bb19f5d8fd9480b857de688ff06270d19acd47613b94259b56f1511ca8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/blocksy/static/bundle/main.js?ver=1.8.36 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 09 Jun 2022 22:09:06 GMT
expires: Tue, 28 Feb 2023 03:24:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
172.104.29.37200 OK 78 kB URL HTTP/2 group-cnm.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 172.104.29.37:0
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://group-cnm.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: font/woff2
content-length: 78196
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 09 Jun 2022 14:17:44 GMT
expires: Thu, 30 Mar 2023 03:24:45 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13649
Expires: Sun, 29 Jan 2023 07:12:14 GMT
Date: Sun, 29 Jan 2023 03:24:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13649
Expires: Sun, 29 Jan 2023 07:12:14 GMT
Date: Sun, 29 Jan 2023 03:24:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13649
Expires: Sun, 29 Jan 2023 07:12:14 GMT
Date: Sun, 29 Jan 2023 03:24:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13649
Expires: Sun, 29 Jan 2023 07:12:14 GMT
Date: Sun, 29 Jan 2023 03:24:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13649
Expires: Sun, 29 Jan 2023 07:12:14 GMT
Date: Sun, 29 Jan 2023 03:24:45 GMT
Connection: keep-alive
group-cnm.com/wp-content/plugins/blocksy-companion/framework/extensions/cookies-consent/static/bundle/main.js?ver=1.8.34
172.104.29.37200 OK 11 kB URL HTTP/2 group-cnm.com/wp-content/plugins/blocksy-companion/framework/extensions/cookies-consent/static/bundle/main.js?ver=1.8.34
IP 172.104.29.37:0
Hash b2cac2bb57ea5f0bce1d140355e4c8be
15c1507f75885f38eadf8be5b38161aa06ffb52e
0c1f41b61e9918db4074454283ea0049e10126a4b5653363695b44da1610cf13
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/blocksy-companion/framework/extensions/cookies-consent/static/bundle/main.js?ver=1.8.34 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 09 Jun 2022 14:16:36 GMT
expires: Tue, 28 Feb 2023 03:24:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
collectcdn.com/launcher.js
104.21.21.78200 OK 35 kB URL HTTP/2 collectcdn.com/launcher.js
IP 104.21.21.78:0
Hash f5f94cbb3316ba9af8ead8ea46b88456
a090295cc73f08dc20de98e6659ab3f47addb386
25d174fd159ebb1932656ca18fab2e5db297f991728d086050f4935ebaea185f
GET /launcher.js HTTP/1.1
Host: collectcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=94118
etag: W/"f74c85137d1560125cb84c3d777a5463"
last-modified: Thu, 05 Jan 2023 04:11:19 GMT
x-amz-id-2: hOsZCha02pS6GN2J1OoVquvsmP7FSm+NArWJulqtVOQwhRKe9qb31y7ODGhFevedTXJJrA2b25A=
x-amz-request-id: S7R5GE6MYDCH0ESD
x-amz-version-id: u6SRZXPoIssdUrVjhJyJJtjfX5JyrEYQ
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4818
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G0a5%2F8tmfhj9GzfR9LKo1qcFNVSh3fqf470VHbPV%2BPU4%2FwH3wjqBlS1yKCPWFdBns6R3FCg3uVzENuLYA1Z79fqYnkOGbwMN9bW%2FhI4l1q%2BNpW4bN%2F53Nd9GJ5RjQ%2FaHFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790edb4f7a021c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dd6ccbb-893e-4aca-b08e-b16283e4ee58.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dd6ccbb-893e-4aca-b08e-b16283e4ee58.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6d617843cc1f7df21950fe7d4add160
4b7b2e07f0c4667f9c83d99c1481f81ac6e531f9
facb5e8beed1bf0b0ae02cba77278767f211717097803b3966312dfe0822646b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dd6ccbb-893e-4aca-b08e-b16283e4ee58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7790
x-amzn-requestid: 19b7ae0c-7ce9-4d01-96c3-9259e6f2b1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fH88xFpKIAMF_gg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cca851-0d4a98a74200cb962d434f82;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ORGO0m0bJJzpWpxLCewm0J1vp8khEZlPzL58syBdlhyQniN8em5Qzg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:53:11 GMT
age: 19894
etag: "4b7b2e07f0c4667f9c83d99c1481f81ac6e531f9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6af6f32397882f56d14d22348e44a9f1
5a626376807e7507fa3a204c4e4e9e44aa074a37
478f32e98c0a1f0d62fa337795ca88b7927e14b684b681f7629b648bc2d709a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7417
x-amzn-requestid: 53032353-8613-49b0-944d-3742236cf50c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fYcMmFeQIAMF3Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d340b6-7fe2226327d90db014527c08;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 03:10:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zd8cTO2N1JO-OK3hCDwVO8naClCsg0raJLboRFle-DPSKhR_7k8-Yg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 03:16:35 GMT
age: 490
etag: "5a626376807e7507fa3a204c4e4e9e44aa074a37"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7f65e9-ca75-4ecb-ba7c-ae70877eaf01.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7f65e9-ca75-4ecb-ba7c-ae70877eaf01.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f73f114f8dc452fc0b16825570ad50c
6bb1b3db6c36e2c9d23b6cb7d1c8616eeec19575
23fd69e6ccdd2ce2b5d3d8b3f075a07cdb36efd663a4119b5dca22165e7b2090
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7f65e9-ca75-4ecb-ba7c-ae70877eaf01.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10030
x-amzn-requestid: 0c6c82b5-f91b-4468-bb25-d87d4d7dedd5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVAbgERRIAMFdcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1e116-7f17c79047447dff2de3ab67;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 02:10:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pHTs5LN29bSjD8GAXY_vstXiEQ7iy9qXsq23Pxl-GdXX16_5H5QKCQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 16:13:35 GMT
age: 40270
etag: "6bb1b3db6c36e2c9d23b6cb7d1c8616eeec19575"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
group-cnm.com/wp-content/uploads/essential-addons-elementor/cb70d11b8.min.js?ver=1674962684
172.104.29.37200 OK 14 kB URL HTTP/2 group-cnm.com/wp-content/uploads/essential-addons-elementor/cb70d11b8.min.js?ver=1674962684
IP 172.104.29.37:0
Hash ac91227b6101faf579d189194554cb19
9b2eb36b28b6c0a8f71350689082f9db7453cc8b
48adfb3bcce526dee8dd5842b0064b0483dfba93566a9903ede0ef5a73e31594
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/essential-addons-elementor/cb70d11b8.min.js?ver=1674962684 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 22 Oct 2022 10:46:42 GMT
expires: Tue, 28 Feb 2023 03:24:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.6
172.104.29.37200 OK 814 kB URL HTTP/2 group-cnm.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.6
IP 172.104.29.37:0
Size 814 kB (814208 bytes)
Hash 26da75051cb11746a14f8ff2384738ed
b52a7749521d1a565f530d2e590b757ba4b4f04d
2238ec847c7414ebf8ec7085950a9bebaad072808126076e2c74fcc1d0ad7c36
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.6 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 09 Jun 2022 14:17:42 GMT
expires: Tue, 28 Feb 2023 03:24:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 1.0 MB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type PNG image data, 1024 x 768, 8-bit/color RGBA, non-interlaced\012- data
Size 1.0 MB (1042836 bytes)
Hash 993cf89f8d1553938d70cad3508c5f5c
c505caddeee92b518d3215a2db283b675c84345b
121569fad5374009f5e99769fca69dc2bb080d61b309cd6b0deac441084dc51f
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://group-cnm.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 13:09:06 GMT
expires: Wed, 24 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 396939
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
group-cnm.com/wp-content/uploads/2022/05/7.png
172.104.29.37200 OK 537 kB URL HTTP/2 group-cnm.com/wp-content/uploads/2022/05/7.png
IP 172.104.29.37:0
File type PNG image data, 1024 x 768, 8-bit/color RGBA, non-interlaced\012- data
Size 537 kB (536854 bytes)
Hash 8d9ad302be1d131512ebc4dccca07d31
59b374d8588d40fa5899fe64281511307e7e34c7
2a4a0a139dad8796db1349df05cea1b89168e7ccfcd1399c1877f607756d6bf3
GET /wp-content/uploads/2022/05/7.png HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: image/png
content-length: 536854
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 20 May 2022 16:08:36 GMT
expires: Thu, 30 Mar 2023 03:24:45 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad
142.250.74.42200 OK 56 kB URL HTTP/2 maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad
IP 142.250.74.42:0
File type ASCII text, with very long lines (2469)
Hash 5518e44041f6695cd15376d7e2abee46
b886a7f1892e01b8a6808606e654089c16b5329d
9863f4ca24179e10d6041507dc7ba016ea322626e0a092ce3bb9db3d40b2bb07
GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56002
x-xss-protection: 0
x-frame-options: SAMEORIGIN
date: Sun, 29 Jan 2023 03:05:06 GMT
expires: Sun, 29 Jan 2023 03:35:06 GMT
cache-control: public, max-age=1800
content-type: text/javascript; charset=UTF-8
age: 1179
server-timing: gfet4t7; dur=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maps.gstatic.com/maps-api-v3/embed/js/51/7/init_embed.js
142.250.74.3200 OK 71 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/51/7/init_embed.js
IP 142.250.74.3:0
File type ASCII text, with very long lines (2772)
Hash 77905e9004dad59ff170dea486ea7394
bb4d4ddf00c7f738f6e7eb17eee6f3f7a4759cf5
593632666580636de2eb9f32bd2ab36693dcf9f7008fb8bac826393dba6188ae
GET /maps-api-v3/embed/js/51/7/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 69373
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 03:51:36 GMT
expires: Sun, 28 Jan 2024 03:51:36 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Jan 2023 21:48:16 GMT
content-type: text/javascript
age: 84789
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
group-cnm.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
172.104.29.37200 OK 84 kB URL HTTP/2 group-cnm.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 172.104.29.37:0
File type Unicode text, UTF-8 text, with very long lines (8738)
Hash e2e58ba9277e0de92b392eb37d2a4f22
21d51ce337b6c1d42e834360f7b13292ecf7e39c
ad408305e10481ac575b4b463ecd4c4df395522b4580bbe008302e93dad8fd2f
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 25 May 2022 13:22:08 GMT
expires: Tue, 28 Feb 2023 03:24:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
142.250.74.35200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (771)
Size 164 kB (163774 bytes)
Hash 57c909ab73fc27ec24f737bbf1cb1de8
89b2c02e9e7a9a764518fca545d3eec2044fd6d9
7e407e2b00bb7c238c71d96472f7ab030de4e610b1048f0f77b25cb85c2d166b
GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://group-cnm.com
Connection: keep-alive
Referer: https://group-cnm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 17:09:34 GMT
expires: Tue, 23 Jan 2024 17:09:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
age: 468912
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
group-cnm.com/wp-content/uploads/2022/05/51757597_2007350252705547_4720183626833068032_n-removebg-preview.png
172.104.29.37200 OK 46 kB URL HTTP/2 group-cnm.com/wp-content/uploads/2022/05/51757597_2007350252705547_4720183626833068032_n-removebg-preview.png
IP 172.104.29.37:0
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Hash 91f719b29fe4100d0190dabc1aa784f7
fb32541e3e9a4867be744221edd6c25ae1193972
d0d2d4b932c50fb77b01cc36802b8ab4869cfc19f37968e86a5c025a479095d8
GET /wp-content/uploads/2022/05/51757597_2007350252705547_4720183626833068032_n-removebg-preview.png HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045; collect_chat_page_load=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:46 GMT
content-type: image/png
content-length: 45555
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 23 May 2022 18:57:30 GMT
expires: Thu, 30 Mar 2023 03:24:46 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 1633816cf894a953d5aee0057209522c
60c3bd9f536e2442b0a422804c2f064d77ba1788
da26ba2ac5270b8299319e41633428b1c93da08990757b08486f7d4e385df306
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=101514
Date: Sun, 29 Jan 2023 03:24:46 GMT
Etag: "63d4d088-1d7"
Expires: Mon, 30 Jan 2023 07:36:40 GMT
Last-Modified: Sat, 28 Jan 2023 07:36:40 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -NvEX7RTmlnQvAamd0AWs7tVAuKGW1ABNafb03N8qJQuPS367aRRlw==
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 21:48:03 GMT
expires: Fri, 26 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 193003
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
load.collect.chat/bots/62a1f33b7fd5da5e20c63bd9
54.230.111.4200 OK 1.4 kB URL HTTP/2 load.collect.chat/bots/62a1f33b7fd5da5e20c63bd9
IP 54.230.111.4:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (3033), with no line terminators
Hash dff559fac2e90b3578211ed8c9e17dee
6814769654026c55b7837ca284baa80a5ada81df
729acac26f0126942e37cfe27f7643dc3915bb453ec51e4cc4ac96c1a28b8f7b
GET /bots/62a1f33b7fd5da5e20c63bd9 HTTP/1.1
Host: load.collect.chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://group-cnm.com
Connection: keep-alive
Referer: https://group-cnm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 1401
date: Sun, 29 Jan 2023 03:24:46 GMT
x-amzn-requestid: b5fafab2-e17a-4ecf-8297-751c3bee1c01
access-control-allow-origin: *
content-encoding: gzip
x-amz-apigw-id: ffEHzFWFoAMFSXw=
x-amzn-trace-id: Root=1-63d5e6fe-282283071cfe2421238dae2f;Sampled=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RwMv2ghTJDzWfYgfSW5WqmoX2xpDkEwV_cAJ5DIc50dQFCe1Irif8g==
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e24a75c6142d741320c2e4b043b0e0fe
c4a16210f0c7952157dae4f21f2352b4005a5557
e5151df2d5054ec02ccbde2d23b2e192d5bbd09c504acaffc7c7eab181598d4e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E5151DF2D5054EC02CCBDE2D23B2E192D5BBD09C504ACAFFC7C7EAB181598D4E"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8606
Expires: Sun, 29 Jan 2023 05:48:12 GMT
Date: Sun, 29 Jan 2023 03:24:46 GMT
Connection: keep-alive
api.collect.chat/details
104.26.11.119200 OK 36 B IP 104.26.11.119:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6f805925944ef9fa79bd0a02e00e2e99
ceb834e8fd10d2f4c8f2b1e6d8800b9e845834df
3ef013039e6df373c7ef0730658c403527318c307c67145ac08c728492392800
GET /details HTTP/1.1
Host: api.collect.chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://group-cnm.com
Connection: keep-alive
Referer: https://group-cnm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 03:24:46 GMT
content-type: application/json; charset=utf-8
content-length: 36
x-powered-by: Express
x-ratelimit-limit: 50
x-ratelimit-remaining: 49
x-ratelimit-reset: 1674962711
access-control-allow-origin: *
etag: W/"24-zrg06P0Q0vTI8rHm2IALnoRYNN8"
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2BE5aup1rea9KZpumcGGVUrtSThXdCiXcgG5A8VRC2DIJAUglSZB6k2iSsvWQyq7MWzogJWIWntP%2FVwrOcnIGVm%2F1Eqwqrbzsnr5NzXCgXOUzZoo43jdvdmGArimjk4etww%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790edb58f91fb506-OSL
X-Firefox-Spdy: h2
avatars.collectcdn.com/62a1f33b7fd5da5e20c63bd7-62a1f33b7fd5da5e20c63bd9.png?t=1654781110980
188.114.96.1200 OK 46 kB URL HTTP/2 avatars.collectcdn.com/62a1f33b7fd5da5e20c63bd7-62a1f33b7fd5da5e20c63bd9.png?t=1654781110980
IP 188.114.96.1:0
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Hash 3f5a08381ca8c2fae5ce1a41ee6e0239
63515a3c0cebb517073661658dcd368ec7c38af6
5fec6d665f8968785fdfe4241dee612bab752e13a0b4aa93c778ecc02ec40a47
GET /62a1f33b7fd5da5e20c63bd7-62a1f33b7fd5da5e20c63bd9.png?t=1654781110980 HTTP/1.1
Host: avatars.collectcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 03:24:47 GMT
content-type: image/png
content-length: 46275
x-amz-id-2: KEEzfLnqDXaSEgATKtBlR2gqRkR6hoZ7zOHvR70kl9JwBdV1Pz2Ed/Iulm3ip38EZeu10SnYMXY=
x-amz-request-id: 2KKNJ5XGARH2CQD5
last-modified: Thu, 09 Jun 2022 13:25:11 GMT
etag: "3f5a08381ca8c2fae5ce1a41ee6e0239"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pjmSS1d0R6fNX3B1DzNayJ%2FRGplLNlZfTDOH7%2BuERILk9bIfaXiGc9jOE7j9RtZfzHDtGx6jzmIVNg9pBd06w3NwCDAEJSfZdmg%2BiwdU5mW6GA5lwM7AP6GorsD5ghUKR4ZdH6Xe%2BzqP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790edb59e896b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/rubik/v23/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-FV0U1.woff2
216.58.207.227200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/rubik/v23/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-FV0U1.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 17480, version 1.0\012- data
Hash 8ea4809b4bc36cc7605708a7373eb244
85b57a1d638d598694dc506ff1f7b36d635f3c4e
8447428d852526668a9953ac87c4b14eb126a122d1dbe967a1ae5c1d9153fdf7
GET /s/rubik/v23/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-FV0U1.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://group-cnm.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17480
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 10:05:14 GMT
expires: Sat, 27 Jan 2024 10:05:14 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Dec 2022 18:42:00 GMT
content-type: font/woff2
age: 148775
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
group-cnm.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
IP 172.104.29.37:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 09 Jun 2022 14:17:44 GMT
expires: Tue, 28 Feb 2023 03:24:44 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/plugins/wpforms-lite/assets/images/submit-spin.svg
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/plugins/wpforms-lite/assets/images/submit-spin.svg
IP 172.104.29.37:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wpforms-lite/assets/images/submit-spin.svg HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: image/svg+xml
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 25 May 2022 13:49:50 GMT
expires: Thu, 30 Mar 2023 03:24:45 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/plugins/wordpress-popup/assets/hustle-ui/js/hustle-ui.min.js?ver=4.4.13.1
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/plugins/wordpress-popup/assets/hustle-ui/js/hustle-ui.min.js?ver=4.4.13.1
IP 172.104.29.37:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wordpress-popup/assets/hustle-ui/js/hustle-ui.min.js?ver=4.4.13.1 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 08 Jun 2022 13:38:22 GMT
expires: Tue, 28 Feb 2023 03:24:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.6
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.6
IP 172.104.29.37:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.6 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 09 Jun 2022 14:17:42 GMT
expires: Tue, 28 Feb 2023 03:24:44 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/uploads/elementor/css/post-8.css?ver=1654767098
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/uploads/elementor/css/post-8.css?ver=1654767098
IP 172.104.29.37:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-8.css?ver=1654767098 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 09 Jun 2022 14:31:40 GMT
expires: Tue, 28 Feb 2023 03:24:44 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 172.104.29.37:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 10 Mar 2021 21:07:24 GMT
expires: Tue, 28 Feb 2023 03:24:44 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.6.6
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.6.6
IP 172.104.29.37:0
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.6.6 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 09 Jun 2022 14:17:42 GMT
expires: Tue, 28 Feb 2023 03:24:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1
IP 172.104.29.37:0
GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 25 May 2022 13:22:08 GMT
expires: Tue, 28 Feb 2023 03:24:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/
172.104.29.37200 OK 0 B IP 172.104.29.37:0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
link: <https://group-cnm.com/wp-json/>; rel="https://api.w.org/", <https://group-cnm.com/wp-json/wp/v2/pages/17>; rel="alternate"; type="application/json", <https://group-cnm.com/>; rel=shortlink
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045; path=/
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.4.2
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.4.2
IP 172.104.29.37:0
GET /wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.4.2 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 25 May 2022 13:49:48 GMT
expires: Tue, 28 Feb 2023 03:24:44 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CNunito%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3
216.58.207.202200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CNunito%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3
IP 216.58.207.202:0
GET /css?family=Open+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CNunito%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 03:24:44 GMT
date: Sun, 29 Jan 2023 03:24:44 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
group-cnm.com/wp-content/uploads/elementor/css/post-17.css?ver=1654767101
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/uploads/elementor/css/post-17.css?ver=1654767101
IP 172.104.29.37:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-17.css?ver=1654767101 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 09 Jun 2022 14:31:42 GMT
expires: Tue, 28 Feb 2023 03:24:44 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/uploads/essential-addons-elementor/cb70d11b8.min.css?ver=1674962684
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/uploads/essential-addons-elementor/cb70d11b8.min.css?ver=1674962684
IP 172.104.29.37:0
GET /wp-content/uploads/essential-addons-elementor/cb70d11b8.min.css?ver=1674962684 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 22 Oct 2022 10:46:42 GMT
expires: Tue, 28 Feb 2023 03:24:44 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1
IP 172.104.29.37:0
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 25 May 2022 13:47:42 GMT
expires: Tue, 28 Feb 2023 03:24:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/plugins/elementor/assets/css/widget-icon-box.min.css
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/plugins/elementor/assets/css/widget-icon-box.min.css
IP 172.104.29.37:0
GET /wp-content/plugins/elementor/assets/css/widget-icon-box.min.css HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 09 Jun 2022 14:17:42 GMT
expires: Tue, 28 Feb 2023 03:24:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.6
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.6
IP 172.104.29.37:0
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.6 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 09 Jun 2022 14:17:42 GMT
expires: Tue, 28 Feb 2023 03:24:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.4.2
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.4.2
IP 172.104.29.37:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.4.2 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 25 May 2022 13:49:52 GMT
expires: Tue, 28 Feb 2023 03:24:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/plugins/wpforms-lite/assets/js/mailcheck.min.js?ver=1.1.2
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/plugins/wpforms-lite/assets/js/mailcheck.min.js?ver=1.1.2
IP 172.104.29.37:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wpforms-lite/assets/js/mailcheck.min.js?ver=1.1.2 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 25 May 2022 13:49:52 GMT
expires: Tue, 28 Feb 2023 03:24:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 172.104.29.37:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 18 Nov 2020 15:06:06 GMT
expires: Tue, 28 Feb 2023 03:24:44 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 172.104.29.37:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 25 May 2022 13:22:06 GMT
expires: Tue, 28 Feb 2023 03:24:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/plugins/wordpress-popup/assets/js/front.min.js?ver=4.4.13.1
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/plugins/wordpress-popup/assets/js/front.min.js?ver=4.4.13.1
IP 172.104.29.37:0
GET /wp-content/plugins/wordpress-popup/assets/js/front.min.js?ver=4.4.13.1 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 08 Jun 2022 13:38:22 GMT
expires: Tue, 28 Feb 2023 03:24:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/themes/blocksy/static/bundle/main.min.css?ver=1.8.36
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/themes/blocksy/static/bundle/main.min.css?ver=1.8.36
IP 172.104.29.37:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/blocksy/static/bundle/main.min.css?ver=1.8.36 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 09 Jun 2022 22:09:06 GMT
expires: Tue, 28 Feb 2023 03:24:44 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/themes/blocksy/static/bundle/cf-7.min.css?ver=1.8.36
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/themes/blocksy/static/bundle/cf-7.min.css?ver=1.8.36
IP 172.104.29.37:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/blocksy/static/bundle/cf-7.min.css?ver=1.8.36 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 09 Jun 2022 22:09:06 GMT
expires: Tue, 28 Feb 2023 03:24:44 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 172.104.29.37:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 09 Jun 2022 14:17:44 GMT
expires: Tue, 28 Feb 2023 03:24:44 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/plugins/elementor/assets/js/text-editor.289ae80d76f0c5abea44.bundle.min.js
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/plugins/elementor/assets/js/text-editor.289ae80d76f0c5abea44.bundle.min.js
IP 172.104.29.37:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/text-editor.289ae80d76f0c5abea44.bundle.min.js HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045; collect_chat_page_load=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 09 Jun 2022 14:17:42 GMT
expires: Tue, 28 Feb 2023 03:24:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/plugins/wpforms-lite/assets/js/punycode.min.js?ver=1.0.0
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/plugins/wpforms-lite/assets/js/punycode.min.js?ver=1.0.0
IP 172.104.29.37:0
GET /wp-content/plugins/wpforms-lite/assets/js/punycode.min.js?ver=1.0.0 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 25 May 2022 13:49:52 GMT
expires: Tue, 28 Feb 2023 03:24:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1
IP 172.104.29.37:0
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 25 May 2022 13:47:42 GMT
expires: Tue, 28 Feb 2023 03:24:44 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/plugins/wordpress-popup/assets/hustle-ui/css/hustle-global.min.css?ver=4.4.13.1
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/plugins/wordpress-popup/assets/hustle-ui/css/hustle-global.min.css?ver=4.4.13.1
IP 172.104.29.37:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wordpress-popup/assets/hustle-ui/css/hustle-global.min.css?ver=4.4.13.1 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 08 Jun 2022 13:38:22 GMT
expires: Tue, 28 Feb 2023 03:24:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-includes/js/underscore.min.js?ver=1.13.3
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-includes/js/underscore.min.js?ver=1.13.3
IP 172.104.29.37:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/underscore.min.js?ver=1.13.3 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 25 May 2022 13:22:08 GMT
expires: Tue, 28 Feb 2023 03:24:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/themes/blocksy/static/bundle/elementor-frontend.min.css?ver=1.8.36
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/themes/blocksy/static/bundle/elementor-frontend.min.css?ver=1.8.36
IP 172.104.29.37:0
GET /wp-content/themes/blocksy/static/bundle/elementor-frontend.min.css?ver=1.8.36 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 09 Jun 2022 22:09:06 GMT
expires: Tue, 28 Feb 2023 03:24:44 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 172.104.29.37:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 09 Jun 2022 14:17:44 GMT
expires: Tue, 28 Feb 2023 03:24:44 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/themes/blocksy/static/bundle/non-critical-styles.min.css
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/themes/blocksy/static/bundle/non-critical-styles.min.css
IP 172.104.29.37:0
GET /wp-content/themes/blocksy/static/bundle/non-critical-styles.min.css HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045; collect_chat_page_load=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:46 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 09 Jun 2022 22:09:06 GMT
expires: Tue, 28 Feb 2023 03:24:46 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-admin/admin-ajax.php?action=hustle_module_viewed
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-admin/admin-ajax.php?action=hustle_module_viewed
IP 172.104.29.37:0
Analyzer Verdict Alert fortinet Phishing
POST /wp-admin/admin-ajax.php?action=hustle_module_viewed HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 54
Origin: https://group-cnm.com
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045; collect_chat_page_load=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:49 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: https://group-cnm.com
access-control-allow-credentials: true
x-robots-tag: noindex
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff, nosniff
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 172.104.29.37:0
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 09 Jun 2022 14:17:44 GMT
expires: Tue, 28 Feb 2023 03:24:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/themes/blocksy/static/bundle/wpforms.min.css?ver=1.8.36
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/themes/blocksy/static/bundle/wpforms.min.css?ver=1.8.36
IP 172.104.29.37:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/blocksy/static/bundle/wpforms.min.css?ver=1.8.36 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 09 Jun 2022 22:09:06 GMT
expires: Tue, 28 Feb 2023 03:24:44 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/plugins/wordpress-popup/assets/hustle-ui/css/hustle-info.min.css?ver=4.4.13.1
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/plugins/wordpress-popup/assets/hustle-ui/css/hustle-info.min.css?ver=4.4.13.1
IP 172.104.29.37:0
GET /wp-content/plugins/wordpress-popup/assets/hustle-ui/css/hustle-info.min.css?ver=4.4.13.1 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 08 Jun 2022 13:38:22 GMT
expires: Tue, 28 Feb 2023 03:24:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.6
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.6
IP 172.104.29.37:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.6 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 09 Jun 2022 14:17:42 GMT
expires: Tue, 28 Feb 2023 03:24:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/uploads/blocksy/css/global.css?ver=12578
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/uploads/blocksy/css/global.css?ver=12578
IP 172.104.29.37:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/blocksy/css/global.css?ver=12578 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 09 Jun 2022 22:09:38 GMT
expires: Tue, 28 Feb 2023 03:24:44 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/plugins/blocksy-companion/framework/extensions/cookies-consent/static/bundle/main.min.css?ver=1.8.34
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/plugins/blocksy-companion/framework/extensions/cookies-consent/static/bundle/main.min.css?ver=1.8.34
IP 172.104.29.37:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/blocksy-companion/framework/extensions/cookies-consent/static/bundle/main.min.css?ver=1.8.34 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 09 Jun 2022 14:16:36 GMT
expires: Tue, 28 Feb 2023 03:24:44 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/plugins/wordpress-popup/assets/hustle-ui/css/hustle-icons.min.css?ver=4.4.13.1
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/plugins/wordpress-popup/assets/hustle-ui/css/hustle-icons.min.css?ver=4.4.13.1
IP 172.104.29.37:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wordpress-popup/assets/hustle-ui/css/hustle-icons.min.css?ver=4.4.13.1 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 08 Jun 2022 13:38:22 GMT
expires: Tue, 28 Feb 2023 03:24:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/plugins/wpforms-lite/assets/js/jquery.validate.min.js?ver=1.19.3
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/plugins/wpforms-lite/assets/js/jquery.validate.min.js?ver=1.19.3
IP 172.104.29.37:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wpforms-lite/assets/js/jquery.validate.min.js?ver=1.19.3 HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:45 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 25 May 2022 13:49:52 GMT
expires: Tue, 28 Feb 2023 03:24:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
group-cnm.com/wp-content/uploads/2022/05/12-ORONE-removebg-preview.png
172.104.29.37200 OK 0 B URL HTTP/2 group-cnm.com/wp-content/uploads/2022/05/12-ORONE-removebg-preview.png
IP 172.104.29.37:0
GET /wp-content/uploads/2022/05/12-ORONE-removebg-preview.png HTTP/1.1
Host: group-cnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://group-cnm.com/
Cookie: PHPSESSID=04a5d907dd84bc86a455efeae23e1045
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:24:44 GMT
content-type: image/png
content-length: 54932
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 25 May 2022 13:27:06 GMT
expires: Thu, 30 Mar 2023 03:24:44 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2