| demo2.cloudwp.dev/trial-46961z22/wp-content/plugins | 151.139.128.10 | 301 Moved Permanently | 0 B |
URL HTTP/1.1demo2.cloudwp.dev/trial-46961z22/wp-content/plugins IP151.139.128.10:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | openphish | Generic/Spear Phishing | | fortinet | Phishing | |
GET /trial-46961z22/wp-content/plugins HTTP/1.1
Host: demo2.cloudwp.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 10 Jan 2023 07:38:42 GMT
Accept-Ranges: bytes
Cache-Control: max-age=0
Location: https://demo2.cloudwp.dev/trial-46961z22/wp-content/plugins
X-HW: 1673336322.cds013.sk1.h2,1673336322.cds261.sk1.c
Link: <http://demo2.cloudwp.dev/trial-46961z22/wp-content/plugins>; rel="canonical"
Access-Control-Allow-Origin: *
x-sp-metadata: HS256.CJLI9J0GEksKJDMxMzQzMGI1LTFkZTQtNDIwZS05NTRmLTAxMjY1ZjUwNjE3YRDYn4qBp9n7AhoGCIKs9J0GIgw5MS45MC40Mi4xNTQo9IABMAIaKAgBEiQ3ODgwMDE3ZS03NzFjLTQ2NWQtOTcxNy1jYmNhNzcxZDE2YzkiGAgCEhRjZHMyNjEuc2sxLmh3Y2RuLm5ldA==.364h5E+6bxi6TR8VCGGZC4jo1vEHZ5aVPSyQMolfnwA=
Connection: keep-alive
Content-Length: 0
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe6b7a72139d0ef7688330456e9be9a4c e130a94e7d531768300071764dd1e81fee5bbbcb d3818afd1493030105341b4cfb91037acbf27085c96068b3ef91c5071277c8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3818AFD1493030105341B4CFB91037ACBF27085C96068B3EF91C5071277C8E5"
Last-Modified: Mon, 09 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11399
Expires: Tue, 10 Jan 2023 10:48:41 GMT
Date: Tue, 10 Jan 2023 07:38:42 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash1f67827b21be68d925837dd729590f2d dc24511141f5352e496b300d7d7e81b0cffb7475 afb1850e7c16f02d267a1310f1681367ecf598816fc62bd02447ffcd26117a9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AFB1850E7C16F02D267A1310F1681367ECF598816FC62BD02447FFCD26117A9F"
Last-Modified: Mon, 09 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2175
Expires: Tue, 10 Jan 2023 08:14:57 GMT
Date: Tue, 10 Jan 2023 07:38:42 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash89a058935fd04697c87e9441fbb466a9 59b5b08119374b1da34cff7e43a7c6dc80103f6e 3a3261f495323ff0f60067b2930b8d0e5e4e5cd6ae9b14929a88047587b735da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A3261F495323FF0F60067B2930B8D0E5E4E5CD6AE9B14929A88047587B735DA"
Last-Modified: Sat, 07 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6205
Expires: Tue, 10 Jan 2023 09:22:07 GMT
Date: Tue, 10 Jan 2023 07:38:42 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashff250d3ef3fa45322bf05039a0122a9f b3e7a2c383bce1bab807dbe1a03c375258b51f1d d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 10 Jan 2023 06:48:28 GMT
content-type: application/json
age: 3014
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashb1fcd419a4245617397846e8d17233f6 2a037ce244587640b27ead9a0ec2af4f862d91b2 e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: vaitaDGh4q5qitoCLUl+iqbkvCVgnDPgRkl9aRfQ898EvM5xnWhf7eGc0lDp5alPH27YwwZN6Rj4l4LNmJ6Q/A==
x-amz-request-id: K8HWQ5JF97KM7HZJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 10 Jan 2023 07:01:33 GMT
age: 2229
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 10 Jan 2023 07:38:42 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 10 Jan 2023 07:17:24 GMT
age: 1278
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashe8e0c910ffff02061a1806b1aa8cf9d2 c5bf0e7ad96e89b17a657fcb1e1cd1aa6d15ab89 896f08fa0030a1313df1f05ef47c5d1f11caa9094380fc026b95193164005448
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3273
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 10 Jan 2023 07:38:43 GMT
Last-Modified: Tue, 10 Jan 2023 06:44:10 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
|
|
| demo2.cloudwp.dev/favicon.ico | 151.139.128.10 | 200 OK | 1.2 kB |
URL HTTP/2demo2.cloudwp.dev/favicon.ico IP151.139.128.10:0
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Hash6af2b6286c753a22bf1dd95100bd3093 004c513c359ae3c57ed85910f27804def11e2d26 9a187b9fc2a7a7ebeae725b685c4a33848f94b2cf69d276a227401c10a268058
GET /favicon.ico HTTP/1.1
Host: demo2.cloudwp.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.cloudwp.dev/trial-46961z22/wp-content/plugins
Cookie: DSR=y2UR3uTfTU0eMM3ZHgTo9Zb7qdoo8LnvcSSbVU2TK0G5tPrcptH1FZKgscgJ3+NFJ/FSWeijm2M+tOtBuD5xFw==; DCSS=8A4C5112626F38B7EDDD7B182E03E15A9A1410B; DGCC=xzJ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 10 Jan 2023 07:38:43 GMT
cache-control: max-age=30
content-length: 1189
content-type: image/x-icon
last-modified: Tue, 21 Apr 2015 20:19:14 GMT
accept-ranges: bytes
etag: "5536b0c2-4a5"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
x-robots-tag: noindex, nofollow, noarchive, nosnippet
strict-transport-security: max-age=31536000; includeSubDomains
server: fbs
set-cookie: DCST=pE9; path=/; HttpOnly; SameSite=Lax;
SPSI=5750f9ea28494f7412ca0d3010f3bc81; path=/; HttpOnly; SameSite=Lax;
SPSE=Ew72pDSYaZ49qs0/7EtGcto/XviwkSVIYNicwHuXpcfN+NPkx9+Zq9ePedtcx2AlZRjgN8T5DerOZT+qhi+9+Q==; path=/; HttpOnly; SameSite=Lax;
x-sp-metadata: HS256.CJPI9J0GEoYBCiQyZmYzY2UyZS04ODRhLTRlYmItOTQ2My05NWFiYjM3ZDg3ZmUQ2J+KgafZ+wIaBgiCrPSdBiIMOTEuOTAuNDIuMTU0KJQ/MAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYjJlMzIxNDYwN2MyNzRlM2I3MmYxNDQ3MWEwYWRkOWQaKRIkYmE4ZjQxNGUtYmVhYy00NzZhLTlmMWItNzBiY2MxZGY1ZTY5GKUJIhoIAhIUY2RzMDE1LnNrMS5od2Nkbi5uZXQYCA==.Sq2zVOhPmaGsI/YeyJr0szJ0kWjNxmPxn5t4KpKq/hA=
x-hw: 1673336322.cds248.sk1.hc,1673336322.cds015.sk1.sc,1673336323.cds015.sk1.pr
link: <https://demo2.cloudwp.dev/favicon.ico>; rel="canonical"
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 54.148.77.40 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.148.77.40:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: my+EHdvesKo+oZvBArIjvg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: aEcuRYtFG5euzza/sY+e2ih02AU=
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hash2c4b7b4dc5383dd277a7c79aae915be1 308dc2d2ad250a4e05fdbbe7520558f77959490a ddf86e1a0a2912dc58e41cf439e09b522aeffec51399311c7483ff493b79a2cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 10 Jan 2023 07:38:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hash2c4b7b4dc5383dd277a7c79aae915be1 308dc2d2ad250a4e05fdbbe7520558f77959490a ddf86e1a0a2912dc58e41cf439e09b522aeffec51399311c7483ff493b79a2cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 10 Jan 2023 07:38:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/exo2/v3/-A4eIjQkAwKL411pgtQ4VA.woff2 | 142.250.74.35 | 200 OK | 20 kB |
URL HTTP/2fonts.gstatic.com/s/exo2/v3/-A4eIjQkAwKL411pgtQ4VA.woff2 IP142.250.74.35:0
File typeWeb Open Font Format (Version 2), TrueType, length 19516, version 1.65\012- data Hashd4ca8d74b0e60bc12aff23761498c73d 403689d08005fec559afc2f3070d5d2817d62595 25706f2aee8b387e4ce26b4cbcf4a6b79d385c1415f21baa41706fc7ed4520ea
GET /s/exo2/v3/-A4eIjQkAwKL411pgtQ4VA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://demo2.cloudwp.dev
Connection: keep-alive
Referer: https://demo2.cloudwp.dev/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19516
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 07 Jan 2023 18:07:42 GMT
expires: Sun, 07 Jan 2024 18:07:42 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Aug 2014 15:24:19 GMT
content-type: font/woff2
age: 221462
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/josefinsans/v9/C6HYlRF50SGJq1XyXj04z04GofcKVZz6wtzX_QUIqsI.woff2 | 142.250.74.35 | 200 OK | 22 kB |
URL HTTP/2fonts.gstatic.com/s/josefinsans/v9/C6HYlRF50SGJq1XyXj04z04GofcKVZz6wtzX_QUIqsI.woff2 IP142.250.74.35:0
File typeWeb Open Font Format (Version 2), TrueType, length 22244, version 1.0\012- data Hash6a6b4d48d3990297f8feb86f96e8386e beef652f807f9bb675aed8738aead08fdea31611 70716a99384f70e8f55280615bf0ddf84d17c5561769e1671ee736bda8c2796a
GET /s/josefinsans/v9/C6HYlRF50SGJq1XyXj04z04GofcKVZz6wtzX_QUIqsI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://demo2.cloudwp.dev
Connection: keep-alive
Referer: https://demo2.cloudwp.dev/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 09 Jan 2023 10:04:49 GMT
expires: Tue, 09 Jan 2024 10:04:49 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 06 Oct 2014 20:36:34 GMT
content-type: font/woff2
age: 77635
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hash2c4b7b4dc5383dd277a7c79aae915be1 308dc2d2ad250a4e05fdbbe7520558f77959490a ddf86e1a0a2912dc58e41cf439e09b522aeffec51399311c7483ff493b79a2cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 10 Jan 2023 07:38:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash385fbe651dc747111b979f40f9583702 a69fa58ffc6e2b15222f17ad6345b2bec9d75106 c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18442
Expires: Tue, 10 Jan 2023 12:46:06 GMT
Date: Tue, 10 Jan 2023 07:38:44 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash385fbe651dc747111b979f40f9583702 a69fa58ffc6e2b15222f17ad6345b2bec9d75106 c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18442
Expires: Tue, 10 Jan 2023 12:46:06 GMT
Date: Tue, 10 Jan 2023 07:38:44 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash385fbe651dc747111b979f40f9583702 a69fa58ffc6e2b15222f17ad6345b2bec9d75106 c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18442
Expires: Tue, 10 Jan 2023 12:46:06 GMT
Date: Tue, 10 Jan 2023 07:38:44 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash385fbe651dc747111b979f40f9583702 a69fa58ffc6e2b15222f17ad6345b2bec9d75106 c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18442
Expires: Tue, 10 Jan 2023 12:46:06 GMT
Date: Tue, 10 Jan 2023 07:38:44 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash385fbe651dc747111b979f40f9583702 a69fa58ffc6e2b15222f17ad6345b2bec9d75106 c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18442
Expires: Tue, 10 Jan 2023 12:46:06 GMT
Date: Tue, 10 Jan 2023 07:38:44 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg | 34.120.237.76 | 200 OK | 9.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha23d61d610c7b55d943fcb2636a01b65 82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065 28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: 9f388939-cfb7-432e-a921-e9188736bb45
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eTw5QGZ6oAMFxQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7c83b-4f9d5bfc30e5ee126333d54e;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 07:05:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hYVWaQnzP-UnHWvrvXDoy_0YErGDaS7hVjDTVHWVoSKqAEjDIdG1Tg==
via: 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 01:31:23 GMT
age: 22041
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafe713be-1c84-4820-ac74-bdcf12a854d4.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafe713be-1c84-4820-ac74-bdcf12a854d4.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash0fb07eed296f5106e7b0f40702adddc2 24f637156c37dce6ee8c94f40ce41c1f6ce57dca ed656dadbcc659a4342b1c04d615adb92ef8a5f69092225e04890400951dddf3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafe713be-1c84-4820-ac74-bdcf12a854d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12190
x-amzn-requestid: 3ab3f00d-2464-445e-8004-9efc440798e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: efo63HseIAMFgMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bc8845-584746e11b0c570a215e5221;Sampled=0
x-amzn-remapped-date: Mon, 09 Jan 2023 21:33:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cwz3dynd4J7K_JzcpnsqaU89GZTWoo6q7AccSalqORPJFT2Pm0hZwg==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 21:58:29 GMT
age: 34815
etag: "24f637156c37dce6ee8c94f40ce41c1f6ce57dca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff850da01-f29c-40c8-a4f5-8274939ba610.jpeg | 34.120.237.76 | 200 OK | 9.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff850da01-f29c-40c8-a4f5-8274939ba610.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash9c0edcdac4c3b3a94dbe82a274363f73 668dc0188d75cbf82bc8ba0e622ea63d8d9438b6 55e74389f68e33d8bc8fe8ba29f3f787374a410e9219bccc0ea060cdd2345f43
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff850da01-f29c-40c8-a4f5-8274939ba610.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8999
x-amzn-requestid: 985cb7b8-ca04-498e-9cc3-e7427c6987de
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: efoYNHpxIAMF1Cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bc8767-3a33a1120a00500614486163;Sampled=0
x-amzn-remapped-date: Mon, 09 Jan 2023 21:30:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qSTzT7TCB1fgktSz58LpgTpllcuvE7wiNeDN3dOPGE-9GqTcF4wUEg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 22:01:02 GMT
age: 34662
etag: "668dc0188d75cbf82bc8ba0e622ea63d8d9438b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0774af32-1dbf-4d66-b3a7-1cccd1db4f67.jpeg | 34.120.237.76 | 200 OK | 3.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0774af32-1dbf-4d66-b3a7-1cccd1db4f67.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3827d397bfe69e8c3c22f1391ad9e268 0ffa2ccf283c1b05c73dcb7e45564d12bdd98f21 09d05dfd2372dfcc4bef9cf38b18db5d5697faed030ec17add68a614a6372d80
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0774af32-1dbf-4d66-b3a7-1cccd1db4f67.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3320
x-amzn-requestid: edfd7a7b-8b9d-4933-8df8-670072ae3bab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: efoXmHfKIAMFmrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bc8763-132c4ca901289c4972cf43a3;Sampled=0
x-amzn-remapped-date: Mon, 09 Jan 2023 21:30:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FjibXo5xBfb97Z0OMVjlrfhxq0Zne5atXVsZsRg7dVHCLdK2QJkGJQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 21:58:34 GMT
age: 34810
etag: "0ffa2ccf283c1b05c73dcb7e45564d12bdd98f21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8bd889ec-302d-44e9-a290-89266ee38381.jpeg | 34.120.237.76 | 200 OK | 8.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8bd889ec-302d-44e9-a290-89266ee38381.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashdb3c7aaa80c366124e52b9da9aa710e2 ac50f2b47dd387175f838d4606e33fb91fec37b1 d4e19635e7ad010d0bc8eb1c34084e9174026df4e36e9a972318b9f6b7957834
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8bd889ec-302d-44e9-a290-89266ee38381.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7981
x-amzn-requestid: aef01bcd-4752-4435-a6a8-a33c78cb7d42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZ1FIFQVIAMFTmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba3553-2d2e650374cb35a322f96153;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 03:15:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qB9_IbgBxOPhMFxZzxb5k2c32_TW4MTYKyOCwZZ07dqnmGP7sDl9cw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 03:49:54 GMT
age: 13730
etag: "ac50f2b47dd387175f838d4606e33fb91fec37b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F231b20e9-b883-4d22-a499-0edffa21d837.jpeg | 34.120.237.76 | 200 OK | 9.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F231b20e9-b883-4d22-a499-0edffa21d837.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4753795f36012ff993f492314aa210ec d5c8f6896fda40fc34dbc7554ce1ece173dd2d09 cbf28b1d51aae0e01fbe9228bfb1afead400ca7cc69875ffaef573f9e068a51f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F231b20e9-b883-4d22-a499-0edffa21d837.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9052
x-amzn-requestid: 51cb3d41-07e4-499a-b7a7-b4ee4963c587
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: efp7aGB-oAMF-0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bc89e2-7bb9960c3f0116240e5ba086;Sampled=0
x-amzn-remapped-date: Mon, 09 Jan 2023 21:40:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _Uj03bFs1JcsW67nDiC001HBFPRKWTas3EFwGDpU5LnGIKDINZ3mqQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 22:01:08 GMT
age: 34656
etag: "d5c8f6896fda40fc34dbc7554ce1ece173dd2d09"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| demo2.cloudwp.dev/favicon.ico | 151.139.128.10 | 200 OK | 1.2 kB |
URL HTTP/2demo2.cloudwp.dev/favicon.ico IP151.139.128.10:0
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Hash6af2b6286c753a22bf1dd95100bd3093 004c513c359ae3c57ed85910f27804def11e2d26 9a187b9fc2a7a7ebeae725b685c4a33848f94b2cf69d276a227401c10a268058
GET /favicon.ico HTTP/1.1
Host: demo2.cloudwp.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.cloudwp.dev/trial-46961z22/wp-content/plugins/
Cookie: DSR=y2UR3uTfTU0eMM3ZHgTo9Zb7qdoo8LnvcSSbVU2TK0G5tPrcptH1FZKgscgJ3+NFJ/FSWeijm2M+tOtBuD5xFw==; DCSS=8A4C5112626F38B7EDDD7B182E03E15A9A1410B; DGCC=xzJ; DCST=pE9; SPSI=5750f9ea28494f7412ca0d3010f3bc81; SPSE=Ew72pDSYaZ49qs0/7EtGcto/XviwkSVIYNicwHuXpcfN+NPkx9+Zq9ePedtcx2AlZRjgN8T5DerOZT+qhi+9+Q==; spcsrf=d0ce3044bd3bc66ec9c363950f567e95; UTGv2=h4e0c98463ac51d8b9e46756b3d1f4a42128; sp_lit=18afjy4EELe1sfFzyRAbhA==; PRLST=Dz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 10 Jan 2023 07:38:44 GMT
cache-control: max-age=29
content-length: 1189
content-type: image/x-icon
last-modified: Tue, 21 Apr 2015 20:19:14 GMT
accept-ranges: bytes
etag: "5536b0c2-4a5"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
x-robots-tag: noindex, nofollow, noarchive, nosnippet
strict-transport-security: max-age=31536000; includeSubDomains
server: fbs
x-sp-metadata: HS256.CJTI9J0GEocBCiRiYzhmZjcxNy0zN2M3LTQ2MmItOGUwNC00NDA5MDlmODFlOTEQ2J+KgafZ+wIaBgiErPSdBiIMOTEuOTAuNDIuMTU0KJvSAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGIyZTMyMTQ2MDdjMjc0ZTNiNzJmMTQ0NzFhMGFkZDlkGisIARIkNWNiN2U3ZGMtOTk3YS00YTE1LWEwZDMtODkzZDAyZjRmN2ZlGKUJIhgIAhIUY2RzMDE1LnNrMS5od2Nkbi5uZXQ=.98DthtGJo06g8YuX4SAtCVLXXQwRP0I3b2N8Bbj8RGo=
x-hw: 1673336324.cds257.sk1.hc,1673336324.cds015.sk1.c
link: <https://demo2.cloudwp.dev/favicon.ico>; rel="canonical"
X-Firefox-Spdy: h2
|
|
| demo2.cloudwp.dev/trial-46961z22/wp-content/plugins | 151.139.128.10 | 200 OK | 0 B |
URL HTTP/2demo2.cloudwp.dev/trial-46961z22/wp-content/plugins IP151.139.128.10:0
Analyzer | Verdict | Alert | openphish | Generic/Spear Phishing | | fortinet | Phishing | |
GET /trial-46961z22/wp-content/plugins HTTP/1.1
Host: demo2.cloudwp.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 10 Jan 2023 07:38:42 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html
last-modified: Fri, 02 Jan 1970 08:00:00 GMT
set-cookie: DSR=y2UR3uTfTU0eMM3ZHgTo9Zb7qdoo8LnvcSSbVU2TK0G5tPrcptH1FZKgscgJ3+NFJ/FSWeijm2M+tOtBuD5xFw==; path=/; SameSite=Lax;
DCSS=8A4C5112626F38B7EDDD7B182E03E15A9A1410B; path=/; SameSite=Lax;
x-accel-expires: 0
server: fbs
link: <https://demo2.cloudwp.dev/trial-46961z22/wp-content/plugins>; rel="canonical"
x-hw: 1673336322.cds230.sk1.hn,1673336322.cds261.sk1.sc,1673336322.cdn2-wafbe02-arn1.stackpath.systems.-.w,1673336322.cds261.sk1.p
access-control-allow-origin: *
x-sp-metadata: HS256.CJLI9J0GEocBCiRiZmNkNzVjMC04Y2JmLTQwMmMtYmUzYS01Y2M4YmE4N2FkNWUQ2J+KgafZ+wIaBgiCrPSdBiIMOTEuOTAuNDIuMTU0KMCJAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiYSJDQ2OWRiZWVmLTI1NzItNDgwNS1hOTNkLTc0MTNiNjFiMWFhYyIaCAISFGNkczI2MS5zazEuaHdjZG4ubmV0GAg=.+fJYVFfqwXnk/fSyZyXP0D+uACg5Q0kWW5b5Em7PN7w=
X-Firefox-Spdy: h2
|
|
| demo2.cloudwp.dev/trial-46961z22/wp-content/plugins | 151.139.128.10 | 301 Moved Permanently | 0 B |
URL HTTP/2demo2.cloudwp.dev/trial-46961z22/wp-content/plugins IP151.139.128.10:0
Analyzer | Verdict | Alert | openphish | Generic/Spear Phishing | | fortinet | Phishing | |
GET /trial-46961z22/wp-content/plugins HTTP/1.1
Host: demo2.cloudwp.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: DSR=y2UR3uTfTU0eMM3ZHgTo9Zb7qdoo8LnvcSSbVU2TK0G5tPrcptH1FZKgscgJ3+NFJ/FSWeijm2M+tOtBuD5xFw==; DCSS=8A4C5112626F38B7EDDD7B182E03E15A9A1410B; DGCC=xzJ
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Tue, 10 Jan 2023 07:38:43 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=iso-8859-1
set-cookie: DCST=pE9; path=/; HttpOnly; SameSite=Lax;
SPSI=3cd10e43a3a94909a8a2659cd564a535; path=/; HttpOnly; SameSite=Lax;
SPSE=Ew72pDSYaZ49qs0/7EtGcqTSUmLqHKLOO64HRDEscSaKBBz2RHZ5UfN2ZHqVpdEzYhAWqMJsdA7QsBWXheIGbw==; path=/; HttpOnly; SameSite=Lax;
spcsrf=a19c69b492bfde5618868db56d6fbb25; path=/; SameSite=Strict; HttpOnly; expires=Tue, 10-Jan-23 09:38:42 GMT
adOtr=obsvl; path=/; SameSite=Lax; expires=Thu, 2 Aug 2001 20:47:11 UTC
UTGv2=D-h468a88de5ad245fa65f69efafb1793ff659; path=/; SameSite=Lax; expires=Sun, 09-Jul-23 07:38:42 GMT
location: https://demo2.cloudwp.dev/trial-46961z22/wp-content/plugins/
x-proxy-cache: MISS
x-robots-tag: noindex, nofollow, noarchive, nosnippet
strict-transport-security: max-age=31536000; includeSubDomains
server: fbs
link: <https://demo2.cloudwp.dev/trial-46961z22/wp-content/plugins>; rel="canonical"
x-hw: 1673336322.cds248.sk1.hc,1673336322.cds261.sk1.sc,1673336323.cdn2-wafbe02-arn1.stackpath.systems.-.wx,1673336323.cds261.sk1.p
access-control-allow-origin: *
x-sp-metadata: HS256.CJPI9J0GEoYBCiRkN2I5YjQ5Mi02MTJkLTQ3ZDItYTJmNi02ZDU4ZGJkZTQyMzEQ2J+KgafZ+wIaBgiCrPSdBiIMOTEuOTAuNDIuMTU0KJQ/MAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYjJlMzIxNDYwN2MyNzRlM2I3MmYxNDQ3MWEwYWRkOWQaKRIkM2M5Y2Q2NzktN2U1Mi00YTFhLWIxNzgtZWVlMDBmYTg1ZWEwGIwCIhoIAhIUY2RzMjYxLnNrMS5od2Nkbi5uZXQYCA==.nrx5GQtZ6fx35j32Rl7KEBUGfSucf7upIawdXIBw8tI=
X-Firefox-Spdy: h2
|
|
| demo2.cloudwp.dev/trial-46961z22/wp-content/plugins/ | 151.139.128.10 | 403 Forbidden | 0 B |
URL HTTP/2demo2.cloudwp.dev/trial-46961z22/wp-content/plugins/ IP151.139.128.10:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /trial-46961z22/wp-content/plugins/ HTTP/1.1
Host: demo2.cloudwp.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: DSR=y2UR3uTfTU0eMM3ZHgTo9Zb7qdoo8LnvcSSbVU2TK0G5tPrcptH1FZKgscgJ3+NFJ/FSWeijm2M+tOtBuD5xFw==; DCSS=8A4C5112626F38B7EDDD7B182E03E15A9A1410B; DGCC=xzJ; DCST=pE9; SPSI=3cd10e43a3a94909a8a2659cd564a535; SPSE=Ew72pDSYaZ49qs0/7EtGcqTSUmLqHKLOO64HRDEscSaKBBz2RHZ5UfN2ZHqVpdEzYhAWqMJsdA7QsBWXheIGbw==; spcsrf=a19c69b492bfde5618868db56d6fbb25; UTGv2=D-h468a88de5ad245fa65f69efafb1793ff659
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Tue, 10 Jan 2023 07:38:44 GMT
cache-control: private
content-encoding: gzip
content-type: text/html; charset=utf-8
last-modified: Fri, 09 Jul 2021 17:46:24 GMT
vary: Accept-Encoding
server: fbs
set-cookie: spcsrf=d0ce3044bd3bc66ec9c363950f567e95; path=/; SameSite=Strict; HttpOnly; expires=Tue, 10-Jan-23 09:38:43 GMT
UTGv2=D-h4e0c98463ac51d8b9e46756b3d1f4a42128; path=/; SameSite=Lax; expires=Sun, 09-Jul-23 07:38:43 GMT
sp_lit=18afjy4EELe1sfFzyRAbhA==; path=/; SameSite=Strict; HttpOnly; expires=Tue, 10-Jan-23 07:43:44 GMT
link: <https://demo2.cloudwp.dev/trial-46961z22/wp-content/plugins/>; rel="canonical"
x-hw: 1673336323.cds257.sk1.hc,1673336323.cds017.sk1.sc,1673336324.cdn2-wafbe03-arn1.stackpath.systems.-.wx,1673336324.cds017.sk1.p
access-control-allow-origin: *
x-sp-metadata: HS256.CJTI9J0GEocBCiQ3NTA2NWIxMC1iYjMwLTRiMmYtODAyYy04ZTNkMmNmZjIwZjgQ2J+KgafZ+wIaBgiDrPSdBiIMOTEuOTAuNDIuMTU0KJvSAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGIyZTMyMTQ2MDdjMjc0ZTNiNzJmMTQ0NzFhMGFkZDlkGiYSJDRlNjk1OTliLWU3NmMtNDFlNC1iZmIzLWI5MjI3MTZkNTY3YiIaCAISFGNkczAxNy5zazEuaHdjZG4ubmV0GAg=.6lHZ/ycXMlgiUh3Tp6ghU57k6aTeT8nvyjqYFwmIbTk=
X-Firefox-Spdy: h2
|
|
| demo2.cloudwp.dev/sbbi/?sbbpg=utMedia&vii=3hc4de100ce94834a633aa9c45910d98ab89ae24665795c6db536d41af543a54y2r1l2g8 | 151.139.128.10 | 200 OK | 0 B |
URL HTTP/2demo2.cloudwp.dev/sbbi/?sbbpg=utMedia&vii=3hc4de100ce94834a633aa9c45910d98ab89ae24665795c6db536d41af543a54y2r1l2g8 IP151.139.128.10:0
GET /sbbi/?sbbpg=utMedia&vii=3hc4de100ce94834a633aa9c45910d98ab89ae24665795c6db536d41af543a54y2r1l2g8 HTTP/1.1
Host: demo2.cloudwp.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.cloudwp.dev/trial-46961z22/wp-content/plugins/
Cookie: DSR=y2UR3uTfTU0eMM3ZHgTo9Zb7qdoo8LnvcSSbVU2TK0G5tPrcptH1FZKgscgJ3+NFJ/FSWeijm2M+tOtBuD5xFw==; DCSS=8A4C5112626F38B7EDDD7B182E03E15A9A1410B; DGCC=xzJ; DCST=pE9; SPSI=5750f9ea28494f7412ca0d3010f3bc81; SPSE=Ew72pDSYaZ49qs0/7EtGcto/XviwkSVIYNicwHuXpcfN+NPkx9+Zq9ePedtcx2AlZRjgN8T5DerOZT+qhi+9+Q==; spcsrf=d0ce3044bd3bc66ec9c363950f567e95; UTGv2=h4e0c98463ac51d8b9e46756b3d1f4a42128; sp_lit=18afjy4EELe1sfFzyRAbhA==; PRLST=Dz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 10 Jan 2023 07:38:44 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-type: image/gif
server: fbs
x-accel-expires: 0
link: <https://demo2.cloudwp.dev/sbbi/>; rel="canonical"
x-hw: 1673336324.cds257.sk1.hc,1673336324.cds245.sk1.sc,1673336324.cdn2-redis01-arn1.stackpath.systems.-.i,1673336324.cds245.sk1.p
access-control-allow-origin: *
x-sp-metadata: HS256.CJTI9J0GEocBCiQ0MzA5Mjc2My1jOTMxLTQ0M2MtOWU5NS1kNmFkYzBhYTdlNDIQ2J+KgafZ+wIaBgiErPSdBiIMOTEuOTAuNDIuMTU0KJvSAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGIyZTMyMTQ2MDdjMjc0ZTNiNzJmMTQ0NzFhMGFkZDlkGiYSJDRkOTFmNTU2LWFiYzAtNDQwZC05MzQzLWVhMDkwMjQ5OTJkZSIaCAISFGNkczI0NS5zazEuaHdjZG4ubmV0GAg=.0rrLMTty6UeNA+YSPrw81g1se0uf8ebB5v49YqAy7bM=
X-Firefox-Spdy: h2
|
|
| demo2.cloudwp.dev/images/boldgrid-logo-vertical-black.svg | 151.139.128.10 | 200 OK | 0 B |
URL HTTP/2demo2.cloudwp.dev/images/boldgrid-logo-vertical-black.svg IP151.139.128.10:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /images/boldgrid-logo-vertical-black.svg HTTP/1.1
Host: demo2.cloudwp.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.cloudwp.dev/trial-46961z22/wp-content/plugins/
Cookie: DSR=y2UR3uTfTU0eMM3ZHgTo9Zb7qdoo8LnvcSSbVU2TK0G5tPrcptH1FZKgscgJ3+NFJ/FSWeijm2M+tOtBuD5xFw==; DCSS=8A4C5112626F38B7EDDD7B182E03E15A9A1410B; DGCC=xzJ; DCST=pE9; SPSI=5750f9ea28494f7412ca0d3010f3bc81; SPSE=Ew72pDSYaZ49qs0/7EtGcto/XviwkSVIYNicwHuXpcfN+NPkx9+Zq9ePedtcx2AlZRjgN8T5DerOZT+qhi+9+Q==; spcsrf=d0ce3044bd3bc66ec9c363950f567e95; UTGv2=h4e0c98463ac51d8b9e46756b3d1f4a42128; sp_lit=18afjy4EELe1sfFzyRAbhA==; PRLST=Dz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 10 Jan 2023 07:38:44 GMT
etag: "1480711858"
cache-control: max-age=30
content-encoding: gzip
content-type: image/svg+xml
last-modified: Fri, 02 Dec 2016 20:50:58 GMT
accept-ranges: bytes
x-proxy-cache: MISS
x-robots-tag: noindex, nofollow, noarchive, nosnippet
strict-transport-security: max-age=31536000; includeSubDomains
server: fbs
x-sp-metadata: HS256.CJTI9J0GEocBCiRmY2NjZGQ1My05MDYwLTQ2YzgtODg3Ni0wN2EyNmY4OTI2M2YQ2J+KgafZ+wIaBgiErPSdBiIMOTEuOTAuNDIuMTU0KJvSAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGIyZTMyMTQ2MDdjMjc0ZTNiNzJmMTQ0NzFhMGFkZDlkGikSJDc4NzU1ZjYwLTgyYjMtNDkwMy04ZWIyLTcwNmFhODYwZmY1MRisIiIaCAISFGNkczAxNi5zazEuaHdjZG4ubmV0GAg=.Dhs08olZqYGIIWGLrRIm6tYqqPVdW1wHu5cZjvMkuNU=
x-hw: 1673336324.cds257.sk1.hc,1673336324.cds016.sk1.sc,1673336324.cds016.sk1.pr
link: <https://demo2.cloudwp.dev/images/boldgrid-logo-vertical-black.svg>; rel="canonical"
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| demo2.cloudwp.dev/images/no-grid.svg | 151.139.128.10 | 200 OK | 0 B |
URL HTTP/2demo2.cloudwp.dev/images/no-grid.svg IP151.139.128.10:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /images/no-grid.svg HTTP/1.1
Host: demo2.cloudwp.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.cloudwp.dev/trial-46961z22/wp-content/plugins/
Cookie: DSR=y2UR3uTfTU0eMM3ZHgTo9Zb7qdoo8LnvcSSbVU2TK0G5tPrcptH1FZKgscgJ3+NFJ/FSWeijm2M+tOtBuD5xFw==; DCSS=8A4C5112626F38B7EDDD7B182E03E15A9A1410B; DGCC=xzJ; DCST=pE9; SPSI=5750f9ea28494f7412ca0d3010f3bc81; SPSE=Ew72pDSYaZ49qs0/7EtGcto/XviwkSVIYNicwHuXpcfN+NPkx9+Zq9ePedtcx2AlZRjgN8T5DerOZT+qhi+9+Q==; spcsrf=d0ce3044bd3bc66ec9c363950f567e95; UTGv2=h4e0c98463ac51d8b9e46756b3d1f4a42128; sp_lit=18afjy4EELe1sfFzyRAbhA==; PRLST=Dz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 10 Jan 2023 07:38:44 GMT
etag: "1480970958"
cache-control: max-age=30
content-encoding: gzip
content-type: image/svg+xml
last-modified: Mon, 05 Dec 2016 20:49:18 GMT
accept-ranges: bytes
x-proxy-cache: MISS
x-robots-tag: noindex, nofollow, noarchive, nosnippet
strict-transport-security: max-age=31536000; includeSubDomains
server: fbs
x-sp-metadata: HS256.CJTI9J0GEocBCiRkYTEyODUxYS0wMzE5LTQ0ZWMtOWZkZi1lNjNkM2I2ODJlOGIQ2J+KgafZ+wIaBgiErPSdBiIMOTEuOTAuNDIuMTU0KJvSAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGIyZTMyMTQ2MDdjMjc0ZTNiNzJmMTQ0NzFhMGFkZDlkGikSJDAyNDgyZDk0LWU0NDctNDBkMi04MzZkLTkxNjYzNjA4NGMwMRjQGiIaCAISFGNkczIyMi5zazEuaHdjZG4ubmV0GAg=.T4DbJySLXQOCHahagtrYoQyroiLi2t6WHRLjqReHq4c=
x-hw: 1673336324.cds257.sk1.hc,1673336324.cds222.sk1.sc,1673336324.cds222.sk1.pr
link: <https://demo2.cloudwp.dev/images/no-grid.svg>; rel="canonical"
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|