Report - megamartpromos.com/

Report Overview

Submitted URL
megamartpromos.com/
IP
172.67.221.155
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-26 15:43:18
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
46

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	797 B	93.184.220.29
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	4.2 kB	142.250.74.3
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	984 B	65 kB	216.58.207.195
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	53 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
megamartpromos.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	12 kB	2.5 MB	172.67.221.155
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.215.94.42
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	468 B	746 B	142.250.74.10
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-26	medium	megamartpromos.com/	Phishing
2022-11-26	medium	megamartpromos.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.1	Phishing
2022-11-26	medium	megamartpromos.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.1	Phishing
2022-11-26	medium	megamartpromos.com/wp-content/themes/betheme/css/base.css?ver=22.0.2.1	Phishing
2022-11-26	medium	megamartpromos.com/wp-content/themes/betheme/css/shortcodes.css?ver=22.0.2.1	Phishing
2022-11-26	medium	megamartpromos.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.3	Phishing
2022-11-26	medium	megamartpromos.com/wp-content/themes/betheme/assets/animations/animations.min.css?ver=22.0.2.1	Phishing
2022-11-26	medium	megamartpromos.com/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=22.0.2.1	Phishing
2022-11-26	medium	megamartpromos.com/wp-content/themes/betheme/css/responsive.css?ver=22.0.2.1	Phishing
2022-11-26	medium	megamartpromos.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1	Phishing
2022-11-26	medium	megamartpromos.com/wp-content/themes/betheme-child/style.css?ver=22.0.2.1	Phishing
2022-11-26	medium	megamartpromos.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1	Phishing
2022-11-26	medium	megamartpromos.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.3	Phishing
2022-11-26	medium	megamartpromos.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1	Phishing
2022-11-26	medium	megamartpromos.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.1	Phishing
2022-11-26	medium	megamartpromos.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4	Phishing
2022-11-26	medium	megamartpromos.com/wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=22.0.2.1	Phishing
2022-11-26	medium	megamartpromos.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.3	Phishing
2022-11-26	medium	megamartpromos.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.12.1	Phishing
2022-11-26	medium	megamartpromos.com/wp-content/themes/betheme/js/plugins.js?ver=22.0.2.1	Phishing
2022-11-26	medium	megamartpromos.com/wp-content/themes/betheme/js/menu.js?ver=22.0.2.1	Phishing
2022-11-26	medium	megamartpromos.com/wp-content/themes/betheme/js/scripts.js?ver=22.0.2.1	Phishing
2022-11-26	medium	megamartpromos.com/wp-includes/js/wp-embed.min.js?ver=5.7.1	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (23)

	URL	Size	First Seen	Last Seen
	megamartpromos.com/	1.3 kB	2023-03-11	2023-03-11
Pretty URL megamartpromos.com/ IP 172.67.221.155 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:47:47 Last Seen2023-03-11 20:47:47 Times Seen1 Hash 760b0b806522616faeeb0b2c6ba5195a b362a15d041aee109101683cfdc6c380b9810c98 45ff09d1ac8dc32ceb03299cb9c97d16e12c22e564bfa20dd7e3c686d26bfe50 Loading...

	megamartpromos.com/wp-content/themes/betheme/js/scripts.js?ver=22.0.2.1	70 kB	2023-03-07	2024-04-04
Pretty URL megamartpromos.com/wp-content/themes/betheme/js/scripts.js?ver=22.0.2.1 IP 172.67.221.155 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:17 Last Seen2024-04-04 12:46:22 Times Seen133 Hash 7d7451e00ec12dc3aefe1f692bb0f215 b3f887dd3973b8fae0b8a10e47a645fb8aadcae0 4f28b767fcad95b314e1e9b9e2d846932b8effee3a9c0536e35d35e2fd9fe9fe Loading...

	megamartpromos.com/wp-content/themes/betheme/js/parallax/translate3d.js?ver=22.0.2.1	4.0 kB	2023-03-07	2024-04-15
Pretty URL megamartpromos.com/wp-content/themes/betheme/js/parallax/translate3d.js?ver=22.0.2.1 IP 172.67.221.155 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:17 Last Seen2024-04-15 15:07:48 Times Seen633 Hash ea5cd057172e6bce5718f823cfcbb1bd 47ed4723d9da06b3c4aa26174dc2acf36480aeea c0a00439e0c82d42a9b64c694698665bd924252eb48e86b1c95a4d40dac471a4 Loading...

	megamartpromos.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1	90 kB	2023-03-07	2024-04-25
Pretty URL megamartpromos.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1 IP 172.67.221.155 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:17 Last Seen2024-04-25 12:50:40 Times Seen9448 Hash b6f7093369a0e8b83703914ce731b13c d1889f5c173c2a4b20288f1f84758599afd346ef 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827 Loading...

	megamartpromos.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.1	14 kB	2023-03-07	2024-04-20
Pretty URL megamartpromos.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.1 IP 172.67.221.155 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:27 Last Seen2024-04-20 20:44:42 Times Seen1281 Hash daca149c46601376ce5db68f3658323c 21e17b71d1bcd6c62274d21ad8015a105a0385d2 927d5436967ebce8a52c4bdcd27cc056c910a72270f74990dfbd1d554840c12d Loading...

	megamartpromos.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.12.1	8.7 kB	2023-03-07	2024-04-25
Pretty URL megamartpromos.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.12.1 IP 172.67.221.155 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:17 Last Seen2024-04-25 12:50:40 Times Seen730 Hash bace1eb365db6f2d91a69efed971087f 7cc4b836a34e985b607daf9b15372a332c9c150d 638caa40d39dec20d95e4119187482e3c5939616252d96ded196b05c2e1cfc27 Loading...

	megamartpromos.com/wp-content/themes/betheme/js/menu.js?ver=22.0.2.1	2.4 kB	2023-03-07	2024-04-24
Pretty URL megamartpromos.com/wp-content/themes/betheme/js/menu.js?ver=22.0.2.1 IP 172.67.221.155 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:18 Last Seen2024-04-24 21:41:00 Times Seen849 Hash d2acee736603de298edf90c0c64694c5 7299c74c02a6363cf24dd55e27c7dd2351b33ba4 c22005bbdf738de61a4c2ee99c2b3c4fe52f336dfc8aa274860c58c845027d50 Loading...

	megamartpromos.com/wp-includes/js/wp-embed.min.js?ver=5.7.1	1.4 kB	2023-03-07	2024-04-25
Pretty URL megamartpromos.com/wp-includes/js/wp-embed.min.js?ver=5.7.1 IP 172.67.221.155 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:18 Last Seen2024-04-25 08:07:38 Times Seen6876 Hash 905225d5711b559d3092387d5ffbedbd 6f6c39075263bafb9e8c10f1b34a1a0f7ee03c9d 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991 Loading...

	megamartpromos.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4	99 kB	2023-03-07	2024-04-25
Pretty URL megamartpromos.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4 IP 172.67.221.155 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:18 Last Seen2024-04-25 12:50:40 Times Seen3536 Hash 5090bae2c114802440412e301bdf5174 3850afd52816ee686eccd881df06764b426cd86a d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3 Loading...

	megamartpromos.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.12.1	25 kB	2023-03-07	2024-04-25
Pretty URL megamartpromos.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.12.1 IP 172.67.221.155 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:18 Last Seen2024-04-25 12:50:40 Times Seen376 Hash 151e4dece13ac73729937293d388f96b 2965ea03b973983aa01e7be7865c1f969742d3ff 60a11aa8aff6983ea43c28b1741c1b73b4b1e696db79d426f039b14572182e2f Loading...

	megamartpromos.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.12.1	3.4 kB	2023-03-07	2024-04-25
Pretty URL megamartpromos.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.12.1 IP 172.67.221.155 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:17 Last Seen2024-04-25 12:50:40 Times Seen1141 Hash f5fec54ae43bea19a01d7479cdd6d0ee 3abf306a1352402f2b0fae989eb3211c4af0bede 93ffe8a780b4034c7b14ac0d57d752368b53eafc734d906c8cdf3d3642a9eb36 Loading...

	megamartpromos.com/	131 B	2023-03-11	2023-03-11
Pretty URL megamartpromos.com/ IP 172.67.221.155 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:47:47 Last Seen2023-03-11 20:47:47 Times Seen1 Hash 07e814ccf5441354dc5b739487b315c5 6f818cdcc2f3573538ce78cda4d9ce4f73614053 c3a2bbe6052b85352ec6e9f7ecfa14315a3d8e608ed891a7eeb0fefb755ddf68 Loading...

	megamartpromos.com/	2.1 kB	2023-03-11	2023-03-11
Pretty URL megamartpromos.com/ IP 172.67.221.155 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:47:48 Last Seen2023-03-11 20:47:48 Times Seen1 Hash 18d8fcb67f54cf38d942d9bdd932cf56 e98a303996b2967976887327077e0f8daea8b0ec 90b9818ed191a5252d856f897c1e2115f510133d46bf411caeca3aa45c503c51 Loading...

	megamartpromos.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1	14 kB	2023-03-07	2024-04-25
Pretty URL megamartpromos.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1 IP 172.67.221.155 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:17 Last Seen2024-04-25 12:50:40 Times Seen7905 Hash eaa8641bcda2371f4024a71fbb67de3b 0e46c39d3821683c856605a82254115f9a6a7792 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c Loading...

	megamartpromos.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.3	124 kB	2023-03-07	2024-04-25
Pretty URL megamartpromos.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.3 IP 172.67.221.155 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:51 Last Seen2024-04-25 08:34:07 Times Seen2246 Hash 04f0a5790668162c9241bfd598d6400c dd55a501364bbd8a0b43eca3cd681748cd89a03e 463f24ed151c0bc8775c09e92c3885fd96dc17f1e91ca64d70f3ba9600e0eb86 Loading...

	megamartpromos.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.12.1	12 kB	2023-03-07	2024-04-25
Pretty URL megamartpromos.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.12.1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:17 Last Seen2024-04-25 12:50:40 Times Seen870 Hash c10761607ca4fa5e283d6016c6db6876 35f1057ae807f3b1c42d88bfcbe501a94e4cad37 d75561e1329acbfb10dd90ae27ac97aac6d6081e89700a8eaba0ae5ab0156c5f Loading...

	megamartpromos.com/	2.3 kB	2023-03-07	2024-04-25
Pretty URL megamartpromos.com/ IP 172.67.221.155 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:18 Last Seen2024-04-25 08:34:06 Times Seen4795 Hash 6f740b956919fbaa673bb496be184ac1 fa7d2aef8069f1be31c655fb889c897eae36757a c8d83f1bd6a850a6f197b9bcce38828132ad627358b9c2c78e7c4bef4d22c304 Loading...

	megamartpromos.com/	345 B	2023-03-11	2023-03-11
Pretty URL megamartpromos.com/ IP 172.67.221.155 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:47:48 Last Seen2023-03-11 20:47:48 Times Seen1 Hash 6895ec00faa4c3e42d99c852f39eb1fd 6e9482b2c577ca5d7b133053519d912315becb6c 2ef65373d5189f94069626e5e87c790552bb12a1a65d369bfb42fdf1a7999833 Loading...

	megamartpromos.com/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=22.0.2.1	53 kB	2023-03-07	2024-04-24
Pretty URL megamartpromos.com/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=22.0.2.1 IP 172.67.221.155 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:18 Last Seen2024-04-24 19:47:12 Times Seen1532 Hash 0ba3e2243f42575817b07fcadacf8269 50ed3259514f428897730c9d429974bdc72eb988 6e6c69ba30da65996fe5cfd06a9248ad71966d7f05781b646d87358a7e202511 Loading...

	megamartpromos.com/wp-content/themes/betheme/assets/animations/animations.min.js?ver=22.0.2.1	1.8 kB	2023-03-07	2024-04-15
Pretty URL megamartpromos.com/wp-content/themes/betheme/assets/animations/animations.min.js?ver=22.0.2.1 IP 172.67.221.155 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:17 Last Seen2024-04-15 15:07:48 Times Seen805 Hash 6d1ef4ab8b112c1e2642e61424bd46b4 9fb2f893a18752e5123314c41c453636ec77e390 d1bbd7ecc1eb2490fa89949a1af779e82a0817587e19a8396936ed86e430550b Loading...

	megamartpromos.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-25
Pretty URL megamartpromos.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 172.67.221.155 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-25 12:50:40 Times Seen68622 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	megamartpromos.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1	21 kB	2023-03-07	2024-04-25
Pretty URL megamartpromos.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1 IP 172.67.221.155 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:18 Last Seen2024-04-25 12:50:40 Times Seen5713 Hash 49fa677b9cd7ddf221dc06537b35e10f 7485f3f99c3c1a57197f2b099f3f8d68b8609d06 0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 14:25:30 Times Seen37064073 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (62)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5060
Expires: Sat, 26 Nov 2022 17:07:26 GMT
Date: Sat, 26 Nov 2022 15:43:06 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3377
Cache-Control: max-age=157459
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 15:43:06 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:27:25 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15025
Expires: Sat, 26 Nov 2022 19:53:31 GMT
Date: Sat, 26 Nov 2022 15:43:06 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 15:19:13 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1433
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: tLYECE1joTLU8aDwMh+M2aKJv4e3769fTFZSBoH6x/bVdhmcpGnIi8zUX/88k9XuB9OrYLEq1vg=
x-amz-request-id: Z8EJM1RE02GE66VS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 15:41:16 GMT
age: 110
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

megamartpromos.com/

172.67.221.155

200 OK

20 kB

URL HTTP/1.1
megamartpromos.com/
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (59877)
Size
20 kB (19669 bytes)
Hash
733b29cde3712a584e5396b1a4267c7a
52e4db1fef5d7118b62bb47c2135dabb9decd242
27918f5ea68dd37d30da10b0ed002ffa9e6d6f0209551c2210ebb6d5315d6a59

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Link: <http://megamartpromos.com/wp-json/>; rel="https://api.w.org/", <http://megamartpromos.com/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json", <http://megamartpromos.com/>; rel=shortlink
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opH5JcC0h1KJFuyhvKqWsaSPtyVb5p8ryca3hcbbt8ze55bkUCdTKFgUogJxkgKJteFxXu3i3lri5q1o0%2F1PsSZaDnSnapwl%2Bn2bBVFSvRSKq4w3MjvI%2B7EH8XgVIQWEDDLZFFk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7703bcdfd8eab505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 15:43:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 15:43:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

megamartpromos.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.1

172.67.221.155

200 OK

8.6 kB

URL HTTP/1.1
megamartpromos.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.1
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (29677)
Size
8.6 kB (8609 bytes)
Hash
9fb5134f2a659735f48ff96b78196847
9c39894b8e981273e4a45754f8f3ad93e8955522
28d1eb4db568bac23b22b4f660dce0bbf0adbf2de7114fffa8249b4e2f59acc1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=5.7.1 HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 16:53:27 GMT
ETag: W/"6079c107-e33b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2QfnzHc7zvCIOoR5BvayQqxTcGQHwYzA4pJpdT%2BeU3VUYr5QpcCWfDkPxOpFyEprzNhXTpd8FDCpt%2BtLw2gRxmiv2DeXBPvpkYl3aUTVobQGAvD%2FTMAV%2FlaF99Nlr7CCBV1QhsU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce33db0b505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

megamartpromos.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.1

172.67.221.155

200 OK

931 B

URL HTTP/1.1
megamartpromos.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.1
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
931 B (931 bytes)
Hash
070e58dd5626a7818b95a45186b09f03
a8435734724f8c1f6a12a79dcfca74b8dfc74fdd
f54992341e21cecbeaed29bc649c7eb3a9cd1f1db7e3a4cb083b46bb5ae5eec2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.1 HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 01 May 2021 10:34:56 GMT
ETag: W/"608d2ed0-a50"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8BCXvBCJ%2BE6nYBq5txjWITghnm5hRdQY1lcqE2kW9b3z9M4ckFPaZl9u%2BfbeWH7%2B22BnRbGYwA1JOt6Rmm5QPlRnlfYf9Q166OC7o6PI8uT76erWFRZkM%2F%2FvBXwZKaSc0TaYZ0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce34e19b511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

megamartpromos.com/wp-content/themes/betheme/css/base.css?ver=22.0.2.1

172.67.221.155

200 OK

12 kB

URL HTTP/1.1
megamartpromos.com/wp-content/themes/betheme/css/base.css?ver=22.0.2.1
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (464)
Size
12 kB (12164 bytes)
Hash
6b383666bde5f372c46de3647a65902a
338bcac7114415df117f5324060caae7e66a080b
b65eb9a1757d1112d6716391b2f23b727b3af4e8bf16509e26f5050340634857

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/betheme/css/base.css?ver=22.0.2.1 HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 16:53:27 GMT
ETag: W/"6079c107-da37"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38zZqB5t9%2Fb0CzCLIu81OUSzYHkvFAgYiED3EANaPLjdDOp5l8q1vBLwg6HHWDO%2F%2F%2B%2FKjmCoMgYwU9BD1ECKu3HEZ56xrUpKL1AdtlsUoj0X1ZtRRj%2BOg9%2BvQNCai0DHSZEKT7E%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce34ebd1c02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

megamartpromos.com/wp-content/themes/betheme/css/layout.css?ver=22.0.2.1

172.67.221.155

200 OK

20 kB

URL HTTP/1.1
megamartpromos.com/wp-content/themes/betheme/css/layout.css?ver=22.0.2.1
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (393)
Size
20 kB (20045 bytes)
Hash
4d7da415c4537fb49e2638a445c1e919
32f903ce8c4cc0a6301a29744fcea502d89b663d
32cb1cb2e0378ba44c8fab3804cb7e16eabc42112a9c252a516858c5136ae98c

HTTP Headers

GET /wp-content/themes/betheme/css/layout.css?ver=22.0.2.1 HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 16:53:27 GMT
ETag: W/"6079c107-1cdb6"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Be1%2BmIzQxeH2lz1zUl%2Bih%2B%2Bey9jU0T1yHxMOVN0046uV3NW3CAJmaLa%2B2FYlrbFV99R6yXUJZz8t51vztXlZtcxZIv7nPJKbbwd2dslmuVGnf7W8gjAGES7B6A1nPS42qSX2nnE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce34db5b50b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

megamartpromos.com/wp-content/themes/betheme/css/shortcodes.css?ver=22.0.2.1

172.67.221.155

200 OK

22 kB

URL HTTP/1.1
megamartpromos.com/wp-content/themes/betheme/css/shortcodes.css?ver=22.0.2.1
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (404)
Size
22 kB (22386 bytes)
Hash
d5ea3456a9e23b7a25a696e49188ab0c
b4cfafe2d6f9c5ba586be1c62a2efe8ac4d318ac
c58cb407bce60838dca9d83c93b718cc81b47ce39db83842efac3861f8917b04

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/betheme/css/shortcodes.css?ver=22.0.2.1 HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 16:53:27 GMT
ETag: W/"6079c107-20dd1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFpwSiNuL7l1GbWZe79B6MQH%2FvMuxxbrLAaSS6A4d524faYi9YdbD8HEuYRMm%2Fpdhw4oEV1ZIISOmxaq7X%2FK50SwEm2ramafdzQoC4xSBR42vzC763sBETwc5ZlK1h6kcfKXBpg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce34cfd0b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

megamartpromos.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.3

172.67.221.155

200 OK

13 kB

URL HTTP/1.1
megamartpromos.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.3
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Size
13 kB (12897 bytes)
Hash
d4311f654e528cd6ca63698520f73ee2
585f28636a7f5653dfaff711a5d26cbac4f3f4c3
2ad51112a0e667544113d56543e64e0fd7b58171a9bf042250f27834d6ba0e96

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.3 HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 16:53:27 GMT
ETag: W/"6079c107-ee74"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cRnN9GaykJtvzjCCqYam25GZqtrGskPAF4i2qPbBVjFygzUYoKLFf4wZsd6QA0gyk9sMOPrbe7YQUUKgHNEbNQ1aMZCv0vpTSxO620jdl%2FwY7GEJ4%2FHPwsfDoq1IYERzrf89%2FIw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce34bde0b69-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

megamartpromos.com/wp-content/themes/betheme/assets/animations/animations.min.css?ver=22.0.2.1

172.67.221.155

200 OK

5.0 kB

URL HTTP/1.1
megamartpromos.com/wp-content/themes/betheme/assets/animations/animations.min.css?ver=22.0.2.1
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (58528)
Size
5.0 kB (5011 bytes)
Hash
829ec5b505b16c44139edfa2d845dee7
dcffdff1526768605e59e15b50d0095956c27967
17d04b160edfcea07bdf62019dd672f741f9515754d26fb5f73c37f5c1e8e1e9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/betheme/assets/animations/animations.min.css?ver=22.0.2.1 HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 16:53:27 GMT
ETag: W/"6079c107-e4a1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L3%2B4bAYRCJvJ7etpr%2B3dHqCNRqzsx5HKF3YWHGJ4MkGwqvSEQVWHmYfCHCt5EDjAx5w9maprAyRP7jltF%2BdfqpqQTTck386I9F40wnrne64RpJgqksIDL1P2v%2BjPfi56QimXExE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce3fec2b505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

megamartpromos.com/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=22.0.2.1

172.67.221.155

200 OK

2.1 kB

URL HTTP/1.1
megamartpromos.com/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=22.0.2.1
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
2.1 kB (2085 bytes)
Hash
cee483f4382760566b598402bde77ffa
77b02cf540b0326316489a87d788d6b265c35327
f7ce3b2afe8345e8755e29f44168751d2cf508998821119fad8b5030a48c65ce

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=22.0.2.1 HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:07 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 16:53:27 GMT
ETag: W/"6079c107-266a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tNxzHnKPDQHR7XN%2Bs0QT8UCf0Bz7HLlN0SGoYi%2FqsXPyZ8vv8rJBeIzQjxzciEKvuRn9ku%2B%2F45VIQ6QT%2Fr3Usnab4mYZF8%2FGyy9Mo%2FialmQlvXxkU80M9649V7q8%2FO%2BT1hOVzU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce40f701c02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

megamartpromos.com/wp-content/themes/betheme/css/responsive.css?ver=22.0.2.1

172.67.221.155

200 OK

10 kB

URL HTTP/1.1
megamartpromos.com/wp-content/themes/betheme/css/responsive.css?ver=22.0.2.1
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (612)
Size
10 kB (10230 bytes)
Hash
f160d385688fba9c70f44bfe9b4330ac
980f82e425c74e770b799df8dc7b8c98ca47838c
a2087c3d6a980be6e13aafa186f4d33fdd6a5decff83fd4d1c0e61b594326af3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/betheme/css/responsive.css?ver=22.0.2.1 HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:07 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 16:53:27 GMT
ETag: W/"6079c107-e1ba"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7Mw2HXh%2FPNAg34oVBcn3kIAe25wWuFpLqtQP2pIyAQJMI8iDE92iDyxZut%2BSzAASnFxIgkFaNd4TTd2pQpJdBPJSJf%2Fo4U81cJrlSPT6qVHjAebcpXjsxM9Ohkjv42Px%2B%2FqSUQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce40e98b50b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

megamartpromos.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1

172.67.221.155

200 OK

4.7 kB

URL HTTP/1.1
megamartpromos.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (11272)
Size
4.7 kB (4657 bytes)
Hash
71b6d75cd4e93368516cec04a93790f8
d274862e4ee8bea24bf1d6d6f8f1e231abd778c2
7f1d272195370f3d6541779815b23d961b1cb9474d3bf57786f9844840083596

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=5.7.1 HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 16:53:27 GMT
ETag: W/"6079c107-3795"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XvL8ETBtlvmTo2dPIM%2F%2BYdFifouHPiWl7nftmLitE3qOLEM5XS%2FwRNOAhU0ssnt3z362jQa5uBzvZSK41EB4JaznzJNP2qUWnyDDCu6s5jNQz1nZvnK6y4Uh0BkxygENPAgFgLc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce41dab0b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 15:43:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

megamartpromos.com/wp-content/themes/betheme-child/style.css?ver=22.0.2.1

172.67.221.155

200 OK

151 B

URL HTTP/1.1
megamartpromos.com/wp-content/themes/betheme-child/style.css?ver=22.0.2.1
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
151 B (151 bytes)
Hash
a5ac87127a9526ae657bd3bcc145ecb5
e12d3f17fbefda2913025f7bebedb0eb25a6edc3
2d365f6f5db1a8d9312a1ef5eedf6ef83e8544b5cb14c2c7abb49b09607e0b86

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/betheme-child/style.css?ver=22.0.2.1 HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:07 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 16:53:27 GMT
ETag: W/"6079c107-d1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vICGQGVQ7W3Y8j8NLglSolol7ZgSzr91zZDdnGQb%2FgRXF1lz2clCHX9DGdfkGPqEcQ%2Flk3ysyVhtcdhvrtwl2lngQ8ejvpvdJapwD%2FQNLOeSc4pr%2BXJehMAeAYAKX8DJ0m1mzWU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce45cdc0b69-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

megamartpromos.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

172.67.221.155

200 OK

4.2 kB

URL HTTP/1.1
megamartpromos.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (11126)
Size
4.2 kB (4165 bytes)
Hash
0d5bb2a36d1fc2e095235bc201eb5579
98f0154e2ed5322a9f65077f954868d6c800b337
fe6382620c35c12aa4f3f96fe395e5813defe330c1d95fd3de1e94f8f5d1f0a5

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 16:53:27 GMT
ETag: W/"6079c107-2bd8"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KI5xv8xoABqgjvyCT3sqifhMeGN%2F%2BJA0VFRHIZM2ndW7aDPvYLslFCyO63InrkmCE9aNk5l4ohaWQaLEu0Mi5CJHbJ%2FFvTtKN3WEAkJcoK8dJrgQC%2FFhyMlrimzl9kOIk6Guvj4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce4cfed1c02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

megamartpromos.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

172.67.221.155

200 OK

31 kB

URL HTTP/1.1
megamartpromos.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65451)
Size
31 kB (30908 bytes)
Hash
de51a7f2c2c244ceb7103216144f03dc
9545e4547e01b6fcabebdfa08c2d75089808fbee
10b58517301b7a47ed1354030c9b652a1d96259d24e1e1b4c4b1aa33b94682ee

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.5.1 HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 16:53:27 GMT
ETag: W/"6079c107-15d98"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vb%2BQUKtEleThdlWOmp1I6d3N9mmByYsnIdk4HkOUl75KMXZiidAgW5hpAqs5pLgRMiml7AQQT9bbrztz7v7AVBslGKuXA%2FS%2BMYwjV2olIcqfVUPW5L8ca4z2KN2HY%2FfMvhqd6tg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce4bfcab505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

megamartpromos.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.3

172.67.221.155

200 OK

47 kB

URL HTTP/1.1
megamartpromos.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.3
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (42889)
Size
47 kB (46962 bytes)
Hash
00e409fef6ecf1ea4c9c7b571978bf3f
b2e48c9062ff3d4c48a1863b0a2dff37d57a6d0d
f166f7881901936cfe1e44f9ac31ce087f833a47a270f804afd2f2d008532bf0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.3 HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 16:53:27 GMT
ETag: W/"6079c107-1e437"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TISGWb3%2BtwIq0pQUrBrTAFkozcCobPExdE6GIS9zWESps7Le%2BmtNpOEvbJbYi%2B8P7NKjaa6i2%2BP%2F12ZQvw%2Bm%2Fqelktd89VgCUgvMziDagsJaagsJ%2Bzax4dncBo2otBI36j%2FKSF8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce4df7fb50b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 15:11:12 GMT
cache-control: public,max-age=3600
age: 1915
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

megamartpromos.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1

172.67.221.155

200 OK

6.9 kB

URL HTTP/1.1
megamartpromos.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (7973)
Size
6.9 kB (6859 bytes)
Hash
97427162a3287e2a44e758b14839c6de
9b38ec9f301d54a3eb2ea1da12a5f1464e1a19b2
bd5550423958f5eba378c8fb77c628f67ecfbf654d1be7b54a3f2fb7183dbe20

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min.js?ver=1.12.1 HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 16:53:27 GMT
ETag: W/"6079c107-5133"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wG5gkIg2qGM2uziX%2FCFCy%2BjwD8DPBlzkM4q2B%2BJ4T2i25n2XQNJnDkkY8H0M9e7gt1VODTsks3sgJeCoCauM0%2BnhCLeIv9gf%2FiMXYhQuLoDVDSosVSY8O23EeKtLhhnZbYZ6fj0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce58906b505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

megamartpromos.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.1

172.67.221.155

200 OK

4.0 kB

URL HTTP/1.1
megamartpromos.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.1
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (13485), with no line terminators
Size
4.0 kB (3976 bytes)
Hash
52f8adb981f1c9978a1c93e06dd6464c
ff42e8ed3e39ceadab9f5802d244ea860cb1dfef
3d2845eb4da7777b45627df42f595b1510d560b1ff219331fd467bfb4dfdeed7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.1 HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 01 May 2021 10:34:56 GMT
ETag: W/"608d2ed0-34ad"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=euJ46VERm7leCXCemYXfqhWChqQbo5b%2BGVHbyb6gYBAeKNjUHMjUrsO2EI3w4fZM2JZduwIeBS%2Ft5Gk4rUVzIWU%2BDP1AUf9%2BiNxprn4up9shTD67CTHzkSiHZhQM8tQ08OSO4xI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce578a41c02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

megamartpromos.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4

172.67.221.155

200 OK

34 kB

URL HTTP/1.1
megamartpromos.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (34729), with NEL line terminators
Size
34 kB (34213 bytes)
Hash
7700052880938fe98594cdf1e2ba3054
ea7e60afdb107fda98f82f917b819eaee23ccb80
e142ee6e547fe3ed111e22f803b1c56adbb8a3b3355ac2984ef7d8b1bae70f5b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4 HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 16:53:27 GMT
ETag: W/"6079c107-183ee"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6vg2DrRBiMjPBMI96mSGPbh2fCcmp7iu3sEPzZ4nJ%2BApKc4PGBmwEOsVY5XLUnO0NNfB4VbrAQU6be6A54AAZUUuP6xYa3q0hRihSVS0u3tmeXRyHdJfL3nlei93VHu5k3020c%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce52dcd0b69-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

megamartpromos.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.12.1

172.67.221.155

200 OK

1.1 kB

URL HTTP/1.1
megamartpromos.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.12.1
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (3202)
Size
1.1 kB (1071 bytes)
Hash
4ac49fb5b52ec8795e4931a624590273
68b9634cc3b9a71b72a4fc3373c92e81e2b1b94e
9369581069383c3d73ed8dcde832390154accf24433bdd7e87125bafac06e4b9

HTTP Headers

GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.12.1 HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 16:53:27 GMT
ETag: W/"6079c107-d34"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8opIVn7jZl5VYO2ZLI%2Fj9UmTCFYIX9SZel%2FeMrxFlAFXCqgISFZe%2FG%2FA2HyHUf9y9xKiL6TeVfyMFGNWxd4N4UGR5WEYBrvoCUzm%2FM9dUiNfRPP3j9iyyq1Xy4mrBdKDInBxgQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce5986cb50b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

megamartpromos.com/wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=22.0.2.1

172.67.221.155

200 OK

3.3 kB

URL HTTP/1.1
megamartpromos.com/wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=22.0.2.1
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (365)
Size
3.3 kB (3284 bytes)
Hash
d8faf901c994171bc66fac62ec08fe8c
5824bdc8d5adf9aedd532fdd1f15cae1ca5e14b9
4d708cf7a7a94f79b5561de8308725329a40495b80f843332546200066df4004

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=22.0.2.1 HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:07 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 16:53:27 GMT
ETag: W/"6079c107-48eb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lo%2BCj7j9JKtKjxOyCpjdQ6Y3L%2F3Rj%2FjK1mVT6R5IyNn%2Bvkynx%2FgiaH9LHSmevECiY1pjMZM4HJdYQkUYZ52nNh2u47GYFxjhKVX5dU4czui4dp59rqqrHX%2FDxHtf333ona8UvJk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce40ecbb511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

megamartpromos.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.3

172.67.221.155

200 OK

93 kB

URL HTTP/1.1
megamartpromos.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.3
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (64270)
Size
93 kB (92754 bytes)
Hash
c9bc68a54f8f4d26bb1bb7e78147ffcf
f88731e4eb511453055730bc174bfca4372ca11d
c8576a771ab28dc6af1ed3781c3759bb18a853bfd68b7423c425257d9cd1987c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.3 HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 16:53:27 GMT
ETag: W/"6079c107-56d47"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NNxzJC6ZUZiy7KehrG%2BOYg1692FoQ9Q8yXgbNFByd%2FC62eE3u1%2FecCznjkO0jOLdJTxKk9EjlCs5ZmT58Bss%2BTyhqAVmniIHWZynKo97XYv%2FPstAzt%2FmPKWKD2ZEHtI%2F8Gz8K94%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce4ee840b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

megamartpromos.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.12.1

172.67.221.155

200 OK

6.4 kB

URL HTTP/1.1
megamartpromos.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.12.1
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (24601)
Size
6.4 kB (6404 bytes)
Hash
ecaff73f0b29b161e0e01a47f37813de
cd509442f93552e5d1c503ca693d918baf816c88
d48b09b12921e27946ceea1b549220ff99d3abc9dd977777b68bfecfe92abf1d

HTTP Headers

GET /wp-includes/js/jquery/ui/sortable.min.js?ver=1.12.1 HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 16:53:27 GMT
ETag: W/"6079c107-60ce"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rrUUw0hpKcNE0y4aSiZDnh6KYPJjq5dICwYjdx3uaNcbnnACYMmUOF5Bbn7QcYnxGD01nu65%2BKWu8e8LcvvIEDnOeu76Ih3Ru%2BzL0SeQeSTbI%2BUiR8CNEFSYwUtEgYP5xkJuoB8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce649f6b505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

megamartpromos.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.12.1

172.67.221.155

200 OK

2.7 kB

URL HTTP/1.1
megamartpromos.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.12.1
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (8481)
Size
2.7 kB (2722 bytes)
Hash
8ca6a1f7deee3cc4e3ffd8640eac6503
042a3324d6f6b203969aebba85573d83b850dfff
3ea3ba58ad4d6a29d6515973c56a01b2ebbfaf1c57c4aa290aa1713445b3db20

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.12.1 HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 16:53:27 GMT
ETag: W/"6079c107-21d7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2YOUXOV7bIzrOa4D2adrDVXHVctt74%2FoZgqh%2BllnpgJFKcaBFBY%2B95hd%2B%2FeTaVuIpkQmG%2FL6%2FH0eDqI9ISIjN5ZyIk%2FzQJkHBhQfgNiHEVxIjKQvAgEO%2FogGL4G3ypyc%2BQIQdrg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce65f000b69-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

megamartpromos.com/wp-content/themes/betheme/js/plugins.js?ver=22.0.2.1

172.67.221.155

200 OK

55 kB

URL HTTP/1.1
megamartpromos.com/wp-content/themes/betheme/js/plugins.js?ver=22.0.2.1
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32019)
Size
55 kB (55125 bytes)
Hash
69ca01bd11adcce0be7815c739e06660
98ccceed423d7aff867edc9342b3bcaaa90f595d
7c8e339c6e3bb78e44fc783b965a7e424bd99328d181413651b22dc7e00a3898

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/betheme/js/plugins.js?ver=22.0.2.1 HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 16:53:27 GMT
ETag: W/"6079c107-31077"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2pCIM%2BFMbjF%2F%2FTiAxgQ0K0czuqpWUDSdG5CuxzZaBlVf%2BRBhMG8u2F4vw5TXI%2FnCL%2F0bZ8mo%2BKBHaGx5B8Ps1hBYj7a96TadxHpgEAPftx1fQJrcccvyvroYQCFmHCDZT2cZoIE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce679a5b50b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

megamartpromos.com/wp-content/themes/betheme/js/menu.js?ver=22.0.2.1

172.67.221.155

200 OK

827 B

URL HTTP/1.1
megamartpromos.com/wp-content/themes/betheme/js/menu.js?ver=22.0.2.1
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
827 B (827 bytes)
Hash
d6da4e961358e937789556df7b854d7c
a92f1052a0bb386d9f4a93cc7575eea83cfffe3b
14167bc5e111cf35d665209e30294a1daff31688351db15fdfc5c6043016ce11

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/betheme/js/menu.js?ver=22.0.2.1 HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 16:53:27 GMT
ETag: W/"6079c107-98d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3NDPHly0534yCH1d0wJC4twu9Q9PfqCwVCfENNhWVX9WJClt5QJrObf3N78GQl%2F0LQgutA57sVMVmRvN74kRX0E%2F89wE4itA7wHeZY8VpA3e1q0EASi%2FVm3imzTVGatcvgkE5k%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce6a9c9b511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

megamartpromos.com/wp-content/themes/betheme/js/parallax/translate3d.js?ver=22.0.2.1

172.67.221.155

200 OK

1.3 kB

URL HTTP/1.1
megamartpromos.com/wp-content/themes/betheme/js/parallax/translate3d.js?ver=22.0.2.1
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
1.3 kB (1292 bytes)
Hash
0a7052f0e364035fd503fcbe3ad8858a
18fcd3f33823eb7b557d643c2d8fc53a7d810be7
2b0302a46df7248ff554d49a37652ca056165b579b97a25125fcbcb1664ef695

HTTP Headers

GET /wp-content/themes/betheme/js/parallax/translate3d.js?ver=22.0.2.1 HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 16:53:27 GMT
ETag: W/"6079c107-f7b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0W3PYjFTSJqEmdnzC1QAdp3KnyZGTPlOUXcmXUPULBNOGUo8fonurQyvsRSduRDMXan0xQ9boS1FcsBAupff2YrWm2t27H96gHlpeE5jPz50B9VDqqFy43CwnhM3Kal2W%2B%2BsVz0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce71f9f0b69-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

megamartpromos.com/wp-content/themes/betheme/assets/animations/animations.min.js?ver=22.0.2.1

172.67.221.155

200 OK

626 B

URL HTTP/1.1
megamartpromos.com/wp-content/themes/betheme/assets/animations/animations.min.js?ver=22.0.2.1
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1733)
Size
626 B (626 bytes)
Hash
91b6b0ba832b2390e0930759fb9a866b
e967368b271f862c28ec3e5bd50f0fba15299673
5b8a99e5bb38374577ac7d161f20f406257423df4cbdf09d6a3c156581695833

HTTP Headers

GET /wp-content/themes/betheme/assets/animations/animations.min.js?ver=22.0.2.1 HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 16:53:27 GMT
ETag: W/"6079c107-727"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5VfUP0QNwOGftDSgQHzSoNZxQ3oY18wMmHkMu0cjJ7XkV5Zm97x7r%2FF9UIrgOYJvK6G12E5x4HucNc3RSUWwsi1BhNkKY5U7lIsgUkxhw8tL%2BhalujiXmRZQWZbgbyfFcXYzHw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce718450b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

megamartpromos.com/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=22.0.2.1

172.67.221.155

200 OK

13 kB

URL HTTP/1.1
megamartpromos.com/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=22.0.2.1
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (634)
Size
13 kB (12679 bytes)
Hash
821688c4b6c4c769c69ccfadf1cc21fb
786485874f86efa4e961a3ad5d47ffea3d41e8d9
cfda6b16dd7e0cc9bdac3131e0d80c014d9ec8272b17b4bde4d1225af0bf9b63

HTTP Headers

GET /wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=22.0.2.1 HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 16:53:27 GMT
ETag: W/"6079c107-cd61"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ud9cpPJPPJ5le8zWvtHhwk5iZxWPgdT4CnvvBwn02IM0Gi4jKrQd1SOmVqCyymFcisRWsV%2BBZBV6w%2BshnqSUbtW7VWvMJpiW3RyjjTkxaCNNiOl0qFIR8ti7KKZRp%2FpmwBoxSas%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce71b09b505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

megamartpromos.com/wp-content/themes/betheme/js/scripts.js?ver=22.0.2.1

172.67.221.155

200 OK

14 kB

URL HTTP/1.1
megamartpromos.com/wp-content/themes/betheme/js/scripts.js?ver=22.0.2.1
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
14 kB (14446 bytes)
Hash
b96382715748348567f17dba9b2af1f4
be3d705cfa9b7b301238a6e20af474f9c59c3c05
0f8d4a31676cc9ab6091880e6459f957bc11a350b0b855bea71d6ac68b647cd2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/betheme/js/scripts.js?ver=22.0.2.1 HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 16:53:27 GMT
ETag: W/"6079c107-11342"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2i4CbPnaoxATeZieJeHBM59qCXdx%2BGeT9Da%2BhlBtc7PTF0bR5mqQlOC3fIGykXriepBW8gnoDatrcBBwapqEmXNZHVqbmmdGBif2gfx5uZiIV4RoCGOiL%2B%2BYnImvgyhtvkgKkvU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce74a4d1c02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

megamartpromos.com/wp-includes/js/wp-embed.min.js?ver=5.7.1

172.67.221.155

200 OK

769 B

URL HTTP/1.1
megamartpromos.com/wp-includes/js/wp-embed.min.js?ver=5.7.1
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1391)
Size
769 B (769 bytes)
Hash
82e67f050afdb38c20ac6eb305f97c17
df1349df76d66a9cf64377cf335c67c337d85470
5f6c33116e2106cd0f2f28c16062f1d584e74b8539a14ed45e17957634d71b7e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-embed.min.js?ver=5.7.1 HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 16:53:27 GMT
ETag: W/"6079c107-592"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BYqjaBsaSXRktEkXXYO915W1l9aW%2BXyJFE62GtULOflwnxI0WA1kl2UtIkIJx4CT7BuHb0OXyt1fECbX%2FHcTzujyTp6nHXgKv%2Bm%2BHSlCs2crGxN5SnBF2QA4U3koqpmivb57wBI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce75aa3b50b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

megamartpromos.com/wp-content/uploads/2021/04/promotions_logo.png

172.67.221.155

200 OK

5.2 kB

URL HTTP/1.1
megamartpromos.com/wp-content/uploads/2021/04/promotions_logo.png
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 423 x 97, 8-bit/color RGBA, non-interlaced\012- data
Size
5.2 kB (5161 bytes)
Hash
d86c1fbc53b3d7919f70c67ce1eda367
91513d4c76000571a4dfee5c8079923ce4e72b00
e7752f3a9541768efee02512352a88de403c53eaa6a3fde66c0aecc8eefc7f33

HTTP Headers

GET /wp-content/uploads/2021/04/promotions_logo.png HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:07 GMT
Content-Type: image/png
Content-Length: 5161
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 16:53:27 GMT
ETag: "6079c107-1429"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wjo%2BdokMOF%2Fl0yYCCz6HE7asETLFbqbZme7jOBIHvA13Bkfr%2FaGYbSgqHYGy%2BA4g4vi3z7KHOY9%2FKpQsgQVUQ3kLd6Uc01wdYCJfFf72mkZAPWf9pnJO1ac27AEwCd6NaoDNpD8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce77a7eb511-OSL
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 15:43:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

megamartpromos.com/wp-content/uploads/2021/04/promotions_sm_logo.png

172.67.221.155

200 OK

4.6 kB

URL HTTP/1.1
megamartpromos.com/wp-content/uploads/2021/04/promotions_sm_logo.png
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 229 x 53, 8-bit/color RGBA, non-interlaced\012- data
Size
4.6 kB (4598 bytes)
Hash
638035ee7a4e28e7f004c0336662b860
9a0ab8d9f337d11aba062836a4ac49f2838ed7d3
daef5638199555639cc1044ee838a2f2a1093b191ec4b8e263d3d9aeed5e15d9

HTTP Headers

GET /wp-content/uploads/2021/04/promotions_sm_logo.png HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:07 GMT
Content-Type: image/png
Content-Length: 4598
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 16:53:27 GMT
ETag: "6079c107-11f6"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z5zKIkamqPc04iVnpQO0NdaHBdlkrEn8ZesKsjK60Eh%2B%2Fa0QhbARa2TeEbviZk8RtTR8w3Fc7pnLQE2PAdqAwShmLcXFhFhLfv3jYhVL%2BAqTcf7BGHMT1Xqc8Z2bnuB1slyAxlY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce7c8da0b41-OSL
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 15:43:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 15:43:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.195

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://megamartpromos.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 16:40:18 GMT
expires: Fri, 24 Nov 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 169369
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

megamartpromos.com/wp-content/uploads/2021/04/promotions_logo_blk.png

172.67.221.155

200 OK

4.5 kB

URL HTTP/1.1
megamartpromos.com/wp-content/uploads/2021/04/promotions_logo_blk.png
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 423 x 97, 8-bit/color RGBA, non-interlaced\012- data
Size
4.5 kB (4456 bytes)
Hash
72760b97a109ad66db8a825c7461d9fd
9cccc099f7db94f8a97d9b3e651482217591280b
8451468ec7fb75b15857b49c090b77f045bba4aaf5a645de2b27e2b66de4bee1

HTTP Headers

GET /wp-content/uploads/2021/04/promotions_logo_blk.png HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:07 GMT
Content-Type: image/png
Content-Length: 4456
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 16:53:27 GMT
ETag: "6079c107-1168"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2FwL1KTANEptM6av6gDm2R%2Fk%2FCAXxT6FdzpoYNutKWFK9NILfSvgUNfKizpXLq3ndzYbFssGnriICXTZyKGGTl7BKErjHgPDSugm8GtarCxO4qGbbVSxpAWGa%2FzpVGAo58XxDZo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce7c82c0b69-OSL
alt-svc: h2=":443"; ma=60

fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

216.58.207.195

200 OK

32 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Size
32 kB (31760 bytes)
Hash
fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38

HTTP Headers

GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://megamartpromos.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 22:19:13 GMT
expires: Tue, 21 Nov 2023 22:19:13 GMT
cache-control: public, max-age=31536000
age: 408234
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 15:43:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

34.215.94.42

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.215.94.42:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5QIN0mXH8vZkJZFHtDpw8A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Ts3qfzBi9ZSygZuyJLvg/T69lKo=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7936
Expires: Sat, 26 Nov 2022 17:55:24 GMT
Date: Sat, 26 Nov 2022 15:43:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7936
Expires: Sat, 26 Nov 2022 17:55:24 GMT
Date: Sat, 26 Nov 2022 15:43:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7936
Expires: Sat, 26 Nov 2022 17:55:24 GMT
Date: Sat, 26 Nov 2022 15:43:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7936
Expires: Sat, 26 Nov 2022 17:55:24 GMT
Date: Sat, 26 Nov 2022 15:43:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7936
Expires: Sat, 26 Nov 2022 17:55:24 GMT
Date: Sat, 26 Nov 2022 15:43:08 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4309 bytes)
Hash
841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ezHvyK3va4SioabOjSittTiLQRs_Q8k4TPxkiGp_svtZ8omDPTUN-A==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 05:04:28 GMT
age: 38320
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.5 kB (3502 bytes)
Hash
a783df85f30f9c555f9df6b99f61744d
61f9bed607e81606be78285596acdc5e0e4f4994
19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QS3ZKYetcm87GNwSr34eRPF2d4r8ppwf3fT19aV-u84f7ObX4bU8wQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 07:13:26 GMT
age: 30582
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15818 bytes)
Hash
17ebe470d040a6ea8c57e9b9d4f4e828
1ac7a410cd4f3709f476c776dd5646dd982dcfa8
d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15818
x-amzn-requestid: a6570859-3b03-492e-9f84-e25b01223da2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXrUF3bIAMF8CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381397b-379b1bcf2ac0715835e10e48;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:54:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: HgiyaodE2vJx5JL8QfOiTersSAgAwq74gtsPkpHUhnQ3In2vZ-3rbQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:33:09 GMT
etag: "1ac7a410cd4f3709f476c776dd5646dd982dcfa8"
content-type: image/jpeg
age: 61799
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9914 bytes)
Hash
3b1c6878914466cfece680fa7cb73502
47fac81a2dd809df5c42ca1362f71d553572d2b1
6458883dfa2bdfd483e92e5f847a229508ef00ce1dbd11f49eec369d0bd3160a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9914
x-amzn-requestid: 4db4ed29-20b4-4ca7-8835-2463d0989d5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVFHQYIAMFc4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135b9-613da006118724124e345b29;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7cJmhEGkKqLUQUMqGuYtWBeu_1nlEUAxgTMy4ABekPJYrJP95wE6Jg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:59:05 GMT
age: 63843
etag: "47fac81a2dd809df5c42ca1362f71d553572d2b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9049 bytes)
Hash
c8dc4b8a7e9f7f4f84f0da568b43392b
3d32bff85cb7ec118c4496d0c3802829fdc9af3b
4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9049
x-amzn-requestid: 6cbd9639-c29d-4ff4-8091-3168f64f4c78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVGHzKoAMFSuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135ba-100ea4235fdf1df8491041c8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OJZkZ18TlSgdBWsmSroQPIcYIvBFvz5-7hu9_GravTcz6zqxKXHZrg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:43:36 GMT
age: 64772
etag: "3d32bff85cb7ec118c4496d0c3802829fdc9af3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc537c2d0-d011-4ed0-a5d4-5f5d2190c49b.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4366 bytes)
Hash
abd79421a3c44a8df11ad2cc50083309
8665e5f3026f2c2b9505eb139c478f4d359851c3
3a66b00498fa1322730705b1c4502614b5a520ac3f884f494d65e27a5bb62c3f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc537c2d0-d011-4ed0-a5d4-5f5d2190c49b.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4366
x-amzn-requestid: ce25f5ab-0c92-431e-ae4e-618829594a74
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVNZFjHoAMFXLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813588-6a3a8dff70e717011e3a0606;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:37:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 75AMMfa7oq0Y51YPEC_FEDOoNVc9cgfjg9bOSOXwikONPdhW7OG3uQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:48:10 GMT
age: 64498
etag: "8665e5f3026f2c2b9505eb139c478f4d359851c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

megamartpromos.com/wp-content/uploads/2021/04/megapromo2021.png

172.67.221.155

200 OK

2.1 MB

URL HTTP/1.1
megamartpromos.com/wp-content/uploads/2021/04/megapromo2021.png
IP
172.67.221.155:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1920 x 1088, 8-bit/color RGBA, non-interlaced\012- data
Size
2.1 MB (2055109 bytes)
Hash
8b8da222d3bba00baee853aaa8efe60f
8f50958dc30957a1614b1b54f082a4e03e5fbac7
28ea0437f347b93220210bbacf98269d258721a149e5833da865b838e463e328

HTTP Headers

GET /wp-content/uploads/2021/04/megapromo2021.png HTTP/1.1
Host: megamartpromos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megamartpromos.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:43:07 GMT
Content-Type: image/png
Content-Length: 2055109
Connection: keep-alive
Last-Modified: Tue, 20 Apr 2021 15:02:22 GMT
ETag: "607eecfe-1f5bc5"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9W1vbg902sURFisjKCtLWPs3H%2BtfJ8qyJ9fPhFCH02%2FmaXxXWZmeba0ZBfkX3KrQdDRz6N71VYnM3u%2F51FE%2BX3v55Bcg%2BOzn4RYXRbD1%2F6XWmw%2F1cWvfidXD941L%2F09CmBGv5M%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703bce82b91b50b-OSL
alt-svc: h2=":443"; ma=60

fonts.googleapis.com/css?family=Montserrat%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&display=swap&ver=5.7.1

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Montserrat%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&display=swap&ver=5.7.1
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Montserrat%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&display=swap&ver=5.7.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://megamartpromos.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 15:43:06 GMT
date: Sat, 26 Nov 2022 15:43:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations