r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15748
Expires: Fri, 10 Feb 2023 06:08:16 GMT
Date: Fri, 10 Feb 2023 01:45:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 84247d80b610d0c6da587141b21323ae
46461f8709d099f5295998f41aaafa5be4387ea6
bee5e9e0d7b4a24609950ceb40194bffb482c36152d376bb119e7cc3aba488dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BEE5E9E0D7B4A24609950CEB40194BFFB482C36152D376BB119E7CC3ABA488DC"
Last-Modified: Thu, 09 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10922
Expires: Fri, 10 Feb 2023 04:47:50 GMT
Date: Fri, 10 Feb 2023 01:45:48 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 10 Feb 2023 01:36:52 GMT
content-type: application/json
age: 536
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 50a2f8cdbbd1059f5318753155bba7ef
405e63ea4683be44f876feae34b5cb645ff751f2
f6ac743a5a17d64d2858fec5791050d2dc8074ddd823826c93e67bffdb2f0868
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6AC743A5A17D64D2858FEC5791050D2DC8074DDD823826C93E67BFFDB2F0868"
Last-Modified: Thu, 09 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10943
Expires: Fri, 10 Feb 2023 04:48:11 GMT
Date: Fri, 10 Feb 2023 01:45:48 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: R/MJmjYBi/7HzKHpvoqXke0aNr/hks0ntpLyuRvOhCpJX0rSlV+ahl254TrWjhPuwkHguJsX4OM=
x-amz-request-id: DSPZB27C0BTJ36W6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 10 Feb 2023 01:36:35 GMT
age: 553
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 10 Feb 2023 01:45:48 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 10 Feb 2023 00:51:21 GMT
age: 3267
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 248ce16379b12f11927ecc3142aec450
fa5b189f2d9182479170cb61cc1723571e437bd2
a8d259b331bdefb00625b9bf057d44d0b3290fda0734c57eda187b04e23d59d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8D259B331BDEFB00625B9BF057D44D0B3290FDA0734C57EDA187B04E23D59D4"
Last-Modified: Wed, 08 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8269
Expires: Fri, 10 Feb 2023 04:03:38 GMT
Date: Fri, 10 Feb 2023 01:45:49 GMT
Connection: keep-alive
push.services.mozilla.com/
52.38.198.114101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.198.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fSzd10NzDcOY83+uCfmNhA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fqOJqK4f9B8wJrVzAOi7LEik8XQ=
cardlist.officecab.jp/
119.82.26.176200 OK 81 kB IP 119.82.26.176:0
ASN #63997 Tsukaeru.net, Web Hosting Company, Japan
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381)
Hash c2ab80d08fdba5fa3049c3a21a42533f
df8072a611f4e1b39851b2f4598a607184bae9a5
1941e4d54faffb993d513019a177df8568a41cec130a00a4575ae77f9c2c31ec
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: cardlist.officecab.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Feb 2023 01:45:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Link: <https://cardlist.officecab.jp/index.php/wp-json/>; rel="https://api.w.org/", <https://wp.me/9OEaG>; rel=shortlink
X-Powered-By: PHP/7.2.34, PleskLin
cardlist.officecab.jp/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
119.82.26.176200 OK 4.2 kB URL HTTP/1.1 cardlist.officecab.jp/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
IP 119.82.26.176:0
ASN #63997 Tsukaeru.net, Web Hosting Company, Japan
File type ASCII text, with very long lines (4186), with no line terminators
Hash ea958276b7de454bd3c2873f0dc47e5f
b143f6e8e8f79d8f104c26b0057ef5514d763219
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1 HTTP/1.1
Host: cardlist.officecab.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cardlist.officecab.jp/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Feb 2023 01:45:49 GMT
Content-Type: text/css
Content-Length: 4186
Last-Modified: Wed, 13 Nov 2019 06:20:43 GMT
Connection: keep-alive
ETag: "5dcba0bb-105a"
X-Powered-By: PleskLin
Accept-Ranges: bytes
cardlist.officecab.jp/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
119.82.26.176200 OK 11 kB URL HTTP/1.1 cardlist.officecab.jp/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
IP 119.82.26.176:0
ASN #63997 Tsukaeru.net, Web Hosting Company, Japan
File type ASCII text, with very long lines (11256), with no line terminators
Hash 2b0dd7eecea03b4bdedb94ba622fdb03
703becba85161118dd6fc66af465428ef43f561c
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1
Host: cardlist.officecab.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cardlist.officecab.jp/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Feb 2023 01:45:49 GMT
Content-Type: text/css
Content-Length: 11256
Last-Modified: Wed, 09 Dec 2020 06:11:48 GMT
Connection: keep-alive
ETag: "5fd06aa4-2bf8"
X-Powered-By: PleskLin
Accept-Ranges: bytes
cardlist.officecab.jp/wp-includes/css/classic-themes.min.css?ver=1
119.82.26.176200 OK 217 B URL HTTP/1.1 cardlist.officecab.jp/wp-includes/css/classic-themes.min.css?ver=1
IP 119.82.26.176:0
ASN #63997 Tsukaeru.net, Web Hosting Company, Japan
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: cardlist.officecab.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cardlist.officecab.jp/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Feb 2023 01:45:49 GMT
Content-Type: text/css
Content-Length: 217
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Wed, 02 Nov 2022 05:47:40 GMT
ETag: "d9-5ec7660efc764"
Accept-Ranges: bytes
X-Powered-By: PleskLin
cardlist.officecab.jp/wp-content/plugins/link-library/upvote-downvote/css/style.css?ver=1.0.0
119.82.26.176200 OK 8.9 kB URL HTTP/1.1 cardlist.officecab.jp/wp-content/plugins/link-library/upvote-downvote/css/style.css?ver=1.0.0
IP 119.82.26.176:0
ASN #63997 Tsukaeru.net, Web Hosting Company, Japan
File type ASCII text, with very long lines (786)
Hash d3f034c8ec47eab30fb84812d4d227e5
f219a6283c3aa48468924e2a6f777c29258ba86b
7d800a70cbb513b9c115d15b189ea86022624f7c81bb36adffa53575d132c5b0
GET /wp-content/plugins/link-library/upvote-downvote/css/style.css?ver=1.0.0 HTTP/1.1
Host: cardlist.officecab.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cardlist.officecab.jp/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Feb 2023 01:45:50 GMT
Content-Type: text/css
Content-Length: 8922
Last-Modified: Sat, 15 Oct 2022 08:58:02 GMT
Connection: keep-alive
ETag: "634a761a-22da"
X-Powered-By: PleskLin
Accept-Ranges: bytes
cardlist.officecab.jp/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
119.82.26.176200 OK 95 kB URL HTTP/1.1 cardlist.officecab.jp/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 119.82.26.176:0
ASN #63997 Tsukaeru.net, Web Hosting Company, Japan
File type ASCII text, with very long lines (47826)
Hash 71d925864153f0edf91037f3d31048e8
cc16a0524ac63b5ce29f703a66412224f0dd771a
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: cardlist.officecab.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cardlist.officecab.jp/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Feb 2023 01:45:49 GMT
Content-Type: text/css
Content-Length: 94889
Last-Modified: Wed, 16 Nov 2022 06:07:00 GMT
Connection: keep-alive
ETag: "63747e04-172a9"
X-Powered-By: PleskLin
Accept-Ranges: bytes
cardlist.officecab.jp/wp-content/plugins/whats-new-genarator/whats-new.css?ver=2.0.2
119.82.26.176200 OK 966 B URL HTTP/1.1 cardlist.officecab.jp/wp-content/plugins/whats-new-genarator/whats-new.css?ver=2.0.2
IP 119.82.26.176:0
ASN #63997 Tsukaeru.net, Web Hosting Company, Japan
Hash c2bb7d0452102915fcd20bd2fe54f24b
089b48971d0507455b4a7f897fbf85a1e53e61bb
eafa6a366dd0ba9a67b5626ba349dad3ace7b6ef551697a131265a31f1c70c93
GET /wp-content/plugins/whats-new-genarator/whats-new.css?ver=2.0.2 HTTP/1.1
Host: cardlist.officecab.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cardlist.officecab.jp/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Feb 2023 01:45:50 GMT
Content-Type: text/css
Content-Length: 966
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Mon, 09 Apr 2018 13:13:17 GMT
ETag: "3c6-5696a2b52e826"
Accept-Ranges: bytes
X-Powered-By: PleskLin
cardlist.officecab.jp/wp-content/themes/twentyseventeen/assets/css/blocks.css?ver=20220524
119.82.26.176200 OK 11 kB URL HTTP/1.1 cardlist.officecab.jp/wp-content/themes/twentyseventeen/assets/css/blocks.css?ver=20220524
IP 119.82.26.176:0
ASN #63997 Tsukaeru.net, Web Hosting Company, Japan
Hash ec1104d90f516cca06af5c8744b915d0
df405fba200736808e6bad80640dfc6e5970cb54
e16b1d80468a160382877f64cc3b42f6493af811549b6e3173feb5d5503a02e3
GET /wp-content/themes/twentyseventeen/assets/css/blocks.css?ver=20220524 HTTP/1.1
Host: cardlist.officecab.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cardlist.officecab.jp/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Feb 2023 01:45:50 GMT
Content-Type: text/css
Content-Length: 10741
Last-Modified: Thu, 02 Jun 2022 06:05:45 GMT
Connection: keep-alive
ETag: "62985339-29f5"
X-Powered-By: PleskLin
Accept-Ranges: bytes
cardlist.officecab.jp/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
119.82.26.176200 OK 19 kB URL HTTP/1.1 cardlist.officecab.jp/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 119.82.26.176:0
ASN #63997 Tsukaeru.net, Web Hosting Company, Japan
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: cardlist.officecab.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cardlist.officecab.jp/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Feb 2023 01:45:49 GMT
Content-Type: application/javascript
Content-Length: 18617
Last-Modified: Wed, 25 May 2022 06:56:20 GMT
Connection: keep-alive
ETag: "628dd314-48b9"
X-Powered-By: PleskLin
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8fa4434901b44b661f4753413007d229
cbafd20c258790db8fb54e4898431270564357eb
aa29d8eb0ef6947f53c2b9eae222fdf21df3460cb11b3768cd9b8f10e4324e5c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA29D8EB0EF6947F53C2B9EAE222FDF21DF3460CB11B3768CD9B8F10E4324E5C"
Last-Modified: Fri, 10 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 10 Feb 2023 07:45:50 GMT
Date: Fri, 10 Feb 2023 01:45:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fa3b80f6c5e48935acba628afd26f4ce
f69397ac7d88fc285d79b1a17ec28340c8a5c564
6019b3d5a40f38c020b87c2bc5d25b3646b7cccd3bf005f835cb74b46869100d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6019B3D5A40F38C020B87C2BC5D25B3646B7CCCD3BF005F835CB74B46869100D"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18179
Expires: Fri, 10 Feb 2023 06:48:49 GMT
Date: Fri, 10 Feb 2023 01:45:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fa3b80f6c5e48935acba628afd26f4ce
f69397ac7d88fc285d79b1a17ec28340c8a5c564
6019b3d5a40f38c020b87c2bc5d25b3646b7cccd3bf005f835cb74b46869100d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6019B3D5A40F38C020B87C2BC5D25B3646B7CCCD3BF005F835CB74B46869100D"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18179
Expires: Fri, 10 Feb 2023 06:48:49 GMT
Date: Fri, 10 Feb 2023 01:45:50 GMT
Connection: keep-alive
cardlist.officecab.jp/wp-content/plugins/wp-members/assets/css/forms/generic-no-float.min.css?ver=3.4.5
119.82.26.176200 OK 3.8 kB URL HTTP/1.1 cardlist.officecab.jp/wp-content/plugins/wp-members/assets/css/forms/generic-no-float.min.css?ver=3.4.5
IP 119.82.26.176:0
ASN #63997 Tsukaeru.net, Web Hosting Company, Japan
File type ASCII text, with very long lines (3809), with no line terminators
Hash 2ea1d7f9f569292e791d554f9659992d
770955c185500bc076fab1a5f8c2b49bf874f2cd
5164fed6d3c7543e9b89997c01edbe4edeaa8d22e2bd8cd4e60f007ab15a7bf5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-members/assets/css/forms/generic-no-float.min.css?ver=3.4.5 HTTP/1.1
Host: cardlist.officecab.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cardlist.officecab.jp/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Feb 2023 01:45:50 GMT
Content-Type: text/css
Content-Length: 3809
Last-Modified: Sat, 15 Oct 2022 09:00:45 GMT
Connection: keep-alive
ETag: "634a76bd-ee1"
X-Powered-By: PleskLin
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8976d549-8a7f-4b4c-b90d-c6f652a7d2d3.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8976d549-8a7f-4b4c-b90d-c6f652a7d2d3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 07db2532daa715f88ded93772f298dbc
23f6f2547e3f54cfdd1faefd3a217d8dc7328a20
83899f2e8a65ebee41ba5a043060f3c7d46a89737eda056e59df4bc118c809b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8976d549-8a7f-4b4c-b90d-c6f652a7d2d3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9527
x-amzn-requestid: 02d7255a-b766-40e8-828f-e0655d342ebc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AD1raHF7oAMF18g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e49caf-1823e2493fa11538403f84e8;Sampled=0
x-amzn-remapped-date: Thu, 09 Feb 2023 07:11:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TtEMtEvHPOtB9aO3pEKV4lmO-qB0XaHk68hccJoZS4xAxzZ4SbklDw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Feb 2023 07:36:15 GMT
age: 65375
etag: "23f6f2547e3f54cfdd1faefd3a217d8dc7328a20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d8355b5-6110-4928-a878-535b6bf5c0e2.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d8355b5-6110-4928-a878-535b6bf5c0e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 72fc09b3ec7cb56bcd09a804edaada31
85eefc6a7faf28aa265bc233d81b2dcb4d560bd9
b0303b397bc167c677e88aac531a1d3fdacda498cfe66bcf7abe27a7d0bbcf6c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d8355b5-6110-4928-a878-535b6bf5c0e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9862
x-amzn-requestid: d393e142-1307-4157-9755-b93818e9dae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AGMlKGQtoAMF8NQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e58e20-26f51d077f1b5c5c1a7476da;Sampled=0
x-amzn-remapped-date: Fri, 10 Feb 2023 00:21:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2bhgbaa-3iZPA0TwZtHE2ArSPkQDfH76cnRFQf0WHuhGCO7TxSHWUQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 10 Feb 2023 00:39:43 GMT
age: 3967
etag: "85eefc6a7faf28aa265bc233d81b2dcb4d560bd9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff18889c9-0ffe-4e16-8b23-a567260f8e70.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff18889c9-0ffe-4e16-8b23-a567260f8e70.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bbb0439b722696021369b436571c7abe
3ecd03ad4535d9d92f31cba294a6df79fa37e7da
62f7e02deb38a666d1a2349703d54b409ca8f38b689c3b5b3706571ced9d0c4d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff18889c9-0ffe-4e16-8b23-a567260f8e70.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8195
x-amzn-requestid: 4b28d4d8-5358-404b-bae4-39ffe606ea6a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AF0VoHjMoAMFa-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e56756-4839a573183aae4c6eda6546;Sampled=0
x-amzn-remapped-date: Thu, 09 Feb 2023 21:36:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5QKH7l4G5FzUay-wcmNv4Jf6yGDOFsW_YU_LWY7S32SkMpNezl4PfQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Feb 2023 21:51:50 GMT
age: 14040
etag: "3ecd03ad4535d9d92f31cba294a6df79fa37e7da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 95081172f8e19d19921acc802488e019
8531c150cb11de44361a95624b11cf46b9e0ba02
7a2d8f012c7d590f3f39ad834d4f3f9fb729143b7395bc588bd608b5bdee039b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15019
x-amzn-requestid: 574e3e2c-2fbe-4215-9500-021147338832
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f583LHiioAMFqkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a82d-4f12aac524c39f822ca4f422;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:11:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _3jIo3Giw3zmTmnSkJArAllT6uigN7EEzLPfkGpd6168_mSdqdk_Cg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Feb 2023 07:45:45 GMT
age: 64805
etag: "8531c150cb11de44361a95624b11cf46b9e0ba02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cardlist.officecab.jp/wp-content/plugins/bbpowerpack/assets/css/animate.min.css?ver=3.5.1
119.82.26.176200 OK 53 kB URL HTTP/1.1 cardlist.officecab.jp/wp-content/plugins/bbpowerpack/assets/css/animate.min.css?ver=3.5.1
IP 119.82.26.176:0
ASN #63997 Tsukaeru.net, Web Hosting Company, Japan
File type ASCII text, with very long lines (52592)
Hash 178b651958ceff556cbc5f355e08bbf1
97afa151569f046b2e01f27c1871646e9cd87caf
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/bbpowerpack/assets/css/animate.min.css?ver=3.5.1 HTTP/1.1
Host: cardlist.officecab.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cardlist.officecab.jp/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Feb 2023 01:45:50 GMT
Content-Type: text/css
Content-Length: 52789
Last-Modified: Thu, 02 Jun 2022 06:09:18 GMT
Connection: keep-alive
ETag: "6298540e-ce35"
X-Powered-By: PleskLin
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53156254-151d-41b8-abfc-0826901d7cd0.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53156254-151d-41b8-abfc-0826901d7cd0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6933964b5b158cf2da804a6ff8369e91
95ae13ac5c5a3ea2e78fdbf07137d0b786ea2f0c
fe18606f9f5b52382ac1a48275732cd186a8b7e88480b4515026e6d5b9c8cdd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53156254-151d-41b8-abfc-0826901d7cd0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7745
x-amzn-requestid: 5e7e8f1b-fdb4-4a70-82f1-c14b8eb0ff82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AF0VoF1moAMFYMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e56756-7f4ef3071fa2054913670435;Sampled=0
x-amzn-remapped-date: Thu, 09 Feb 2023 21:36:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EMo6qrDrK4cTDue4LUi_jbo1Q5CcqR5zYzQsbjbBCCxdoVixxIH2-A==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Feb 2023 22:01:14 GMT
age: 13476
etag: "95ae13ac5c5a3ea2e78fdbf07137d0b786ea2f0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3acddf4e-7909-45aa-bacf-377ee2bdb9ae.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3acddf4e-7909-45aa-bacf-377ee2bdb9ae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14255093edf85abdb24b7659405f9e1b
c31ff4177679a1394918af34879c937adc84566c
bf538d0f29993e45231744eeb848a435fa8c347037a5f19e093675e4ebc3c3c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3acddf4e-7909-45aa-bacf-377ee2bdb9ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8439
x-amzn-requestid: e97e3809-0cf6-400e-9c0a-f8560eb7813b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AGJzBHEgIAMFnUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e589ac-124c1ffe59d4a323207be96a;Sampled=0
x-amzn-remapped-date: Fri, 10 Feb 2023 00:02:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Mpo6lTD4iNh7BwCNk4gVeIu1G-nlrAAwQv4MPorUW_3XYFuNtfuojQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 10 Feb 2023 00:14:42 GMT
age: 5468
etag: "c31ff4177679a1394918af34879c937adc84566c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cardlist.officecab.jp/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
119.82.26.176200 OK 11 kB URL HTTP/1.1 cardlist.officecab.jp/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 119.82.26.176:0
ASN #63997 Tsukaeru.net, Web Hosting Company, Japan
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: cardlist.officecab.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cardlist.officecab.jp/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Feb 2023 01:45:50 GMT
Content-Type: application/javascript
Content-Length: 11224
Last-Modified: Wed, 09 Dec 2020 06:11:48 GMT
Connection: keep-alive
ETag: "5fd06aa4-2bd8"
X-Powered-By: PleskLin
Accept-Ranges: bytes
cardlist.officecab.jp/wp-content/plugins/link-library/upvote-downvote/js/general.js?ver=4.0.1
119.82.26.176200 OK 2.2 kB URL HTTP/1.1 cardlist.officecab.jp/wp-content/plugins/link-library/upvote-downvote/js/general.js?ver=4.0.1
IP 119.82.26.176:0
ASN #63997 Tsukaeru.net, Web Hosting Company, Japan
Hash e0015c37a27e9c45e0e899cac29bcb3e
b08e8085b23a96105967c59850e7fb4f79fdf532
261a09cd008c859b7fe397871f8718d588211e4af05e827d1c3ef33fd1c8f485
GET /wp-content/plugins/link-library/upvote-downvote/js/general.js?ver=4.0.1 HTTP/1.1
Host: cardlist.officecab.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cardlist.officecab.jp/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Feb 2023 01:45:50 GMT
Content-Type: application/javascript
Content-Length: 2157
Last-Modified: Sat, 15 Oct 2022 08:58:02 GMT
Connection: keep-alive
ETag: "634a761a-86d"
X-Powered-By: PleskLin
Accept-Ranges: bytes
cardlist.officecab.jp/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
119.82.26.176200 OK 685 B URL HTTP/1.1 cardlist.officecab.jp/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
IP 119.82.26.176:0
ASN #63997 Tsukaeru.net, Web Hosting Company, Japan
File type ASCII text, with very long lines (685), with no line terminators
Hash 24626ac4453bf45fe07e6c5d4e859fbd
9adbe5e7a5e1b5fb19aee82a9d765631b62ecb2f
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07
GET /wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001 HTTP/1.1
Host: cardlist.officecab.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cardlist.officecab.jp/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Feb 2023 01:45:50 GMT
Content-Type: application/javascript
Content-Length: 685
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Sat, 15 Oct 2022 08:57:38 GMT
ETag: "2ad-5eb0eef33e834"
Accept-Ranges: bytes
X-Powered-By: PleskLin
cardlist.officecab.jp/wp-content/themes/twentyseventeen/style.css?ver=20201208
119.82.26.176200 OK 84 kB URL HTTP/1.1 cardlist.officecab.jp/wp-content/themes/twentyseventeen/style.css?ver=20201208
IP 119.82.26.176:0
ASN #63997 Tsukaeru.net, Web Hosting Company, Japan
File type Unicode text, UTF-8 text, with very long lines (463)
Hash 078f909d5d8419b1e4fd7e0c1ab454b6
f41873079c63e92c95edab43112839ab017af5b6
d88399ee06fe5b54f7731f1253503994a15605d3b05953009e7d06ad01ecafe1
GET /wp-content/themes/twentyseventeen/style.css?ver=20201208 HTTP/1.1
Host: cardlist.officecab.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cardlist.officecab.jp/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Feb 2023 01:45:50 GMT
Content-Type: text/css
Content-Length: 84159
Last-Modified: Thu, 02 Jun 2022 06:05:45 GMT
Connection: keep-alive
ETag: "62985339-148bf"
X-Powered-By: PleskLin
Accept-Ranges: bytes
cardlist.officecab.jp/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
119.82.26.176200 OK 9.7 kB URL HTTP/1.1 cardlist.officecab.jp/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP 119.82.26.176:0
ASN #63997 Tsukaeru.net, Web Hosting Company, Japan
File type ASCII text, with very long lines (9680), with no line terminators
Hash 490c29d6776fc430c23403fd845b34b0
817129906b7fef1011895a76f047c7693a852e21
29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: cardlist.officecab.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cardlist.officecab.jp/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Feb 2023 01:45:50 GMT
Content-Type: application/javascript
Content-Length: 9680
Last-Modified: Sat, 15 Oct 2022 08:54:48 GMT
Connection: keep-alive
ETag: "634a7558-25d0"
X-Powered-By: PleskLin
Accept-Ranges: bytes
cardlist.officecab.jp/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
119.82.26.176200 OK 12 kB URL HTTP/1.1 cardlist.officecab.jp/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
IP 119.82.26.176:0
ASN #63997 Tsukaeru.net, Web Hosting Company, Japan
File type HTML document, ASCII text, with very long lines (12211), with no line terminators
Hash 3f3fc23f477a3849aa5677c585b2a2b4
ccf0865ebd37f76c450c7a377a86ff2448288db3
985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: cardlist.officecab.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cardlist.officecab.jp/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Feb 2023 01:45:50 GMT
Content-Type: application/javascript
Content-Length: 12211
Last-Modified: Sat, 15 Oct 2022 08:54:48 GMT
Connection: keep-alive
ETag: "634a7558-2fb3"
X-Powered-By: PleskLin
Accept-Ranges: bytes
cardlist.officecab.jp/wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=20161114
119.82.26.176200 OK 683 B URL HTTP/1.1 cardlist.officecab.jp/wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=20161114
IP 119.82.26.176:0
ASN #63997 Tsukaeru.net, Web Hosting Company, Japan
Hash 75abd4cd8807b312f9f7faeb77ee774b
e7b7a7ed06d0123ab8667a1d1eeb23de9f2bece7
ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=20161114 HTTP/1.1
Host: cardlist.officecab.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cardlist.officecab.jp/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Feb 2023 01:45:50 GMT
Content-Type: application/javascript
Content-Length: 683
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Thu, 02 Jun 2022 06:05:45 GMT
ETag: "2ab-5e070cbe70806"
Accept-Ranges: bytes
X-Powered-By: PleskLin
cardlist.officecab.jp/wp-content/plugins/jetpack/css/jetpack.css?ver=11.4
119.82.26.176200 OK 86 kB URL HTTP/1.1 cardlist.officecab.jp/wp-content/plugins/jetpack/css/jetpack.css?ver=11.4
IP 119.82.26.176:0
ASN #63997 Tsukaeru.net, Web Hosting Company, Japan
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 65412aff3e6e876c1c5b2ae6637a7413
42b60a85c16b31b804e4a507e28e4fa763dadf62
7fa4abb686798756bc90d4d6d1e4da75137160ecf2bc7ff6c103263f9842c444
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=11.4 HTTP/1.1
Host: cardlist.officecab.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cardlist.officecab.jp/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Feb 2023 01:45:50 GMT
Content-Type: text/css
Content-Length: 85752
Last-Modified: Sat, 15 Oct 2022 08:57:38 GMT
Connection: keep-alive
ETag: "634a7602-14ef8"
X-Powered-By: PleskLin
Accept-Ranges: bytes
cardlist.officecab.jp/wp-content/themes/twentyseventeen/assets/js/global.js?ver=20190121
119.82.26.176200 OK 7.8 kB URL HTTP/1.1 cardlist.officecab.jp/wp-content/themes/twentyseventeen/assets/js/global.js?ver=20190121
IP 119.82.26.176:0
ASN #63997 Tsukaeru.net, Web Hosting Company, Japan
Hash b05f10be5dc47940fc74ad56a9495aaf
97c3e00962157773e293e0715dc533e221f62b18
75d7fd1066c67dfe078b0cf1fe3863d2b883076cb6f4e41988708179f7e18488
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/twentyseventeen/assets/js/global.js?ver=20190121 HTTP/1.1
Host: cardlist.officecab.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cardlist.officecab.jp/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Feb 2023 01:45:50 GMT
Content-Type: application/javascript
Content-Length: 7825
Last-Modified: Thu, 02 Jun 2022 06:05:45 GMT
Connection: keep-alive
ETag: "62985339-1e91"
X-Powered-By: PleskLin
Accept-Ranges: bytes
cardlist.officecab.jp/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
119.82.26.176200 OK 90 kB URL HTTP/1.1 cardlist.officecab.jp/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 119.82.26.176:0
ASN #63997 Tsukaeru.net, Web Hosting Company, Japan
File type ASCII text, with very long lines (65447)
Hash 17738318d61d394f1de8890d589afaec
f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: cardlist.officecab.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cardlist.officecab.jp/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Feb 2023 01:45:50 GMT
Content-Type: application/javascript
Content-Length: 89684
Last-Modified: Wed, 02 Nov 2022 05:47:40 GMT
Connection: keep-alive
ETag: "6362047c-15e54"
X-Powered-By: PleskLin
Accept-Ranges: bytes
cardlist.officecab.jp/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.2
119.82.26.176200 OK 5.8 kB URL HTTP/1.1 cardlist.officecab.jp/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.2
IP 119.82.26.176:0
ASN #63997 Tsukaeru.net, Web Hosting Company, Japan
Hash 16fb1664ddebf663a909c51d40ad7914
2308baa783d4f9ba97f18ace350b7033dcc3c2d3
d6a2ec240f8adc5052cb9df96a33199c65de4c58457de2aca485120f70e53c89
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.2 HTTP/1.1
Host: cardlist.officecab.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cardlist.officecab.jp/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Feb 2023 01:45:51 GMT
Content-Type: application/javascript
Content-Length: 5836
Last-Modified: Thu, 02 Jun 2022 06:05:45 GMT
Connection: keep-alive
ETag: "62985339-16cc"
X-Powered-By: PleskLin
Accept-Ranges: bytes
cardlist.officecab.jp/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
119.82.26.176200 OK 2.7 kB URL HTTP/1.1 cardlist.officecab.jp/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP 119.82.26.176:0
ASN #63997 Tsukaeru.net, Web Hosting Company, Japan
Hash e6fae855021a88a0067fcc58121c594f
6299ac3987b5e81725781799dad361d19ac3b99d
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: cardlist.officecab.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cardlist.officecab.jp/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Feb 2023 01:45:51 GMT
Content-Type: text/css
Content-Length: 2731
Last-Modified: Sat, 15 Oct 2022 08:54:48 GMT
Connection: keep-alive
ETag: "634a7558-aab"
X-Powered-By: PleskLin
Accept-Ranges: bytes
pixel.wp.com/g.gif?v=ext&j=1%3A11.4&blog=145057846&post=0&tz=9&srv=cardlist.officecab.jp&host=cardlist.officecab.jp&ref=&fcp=0&rand=0.04348912137304173
192.0.76.3200 OK 50 B URL HTTP/1.1 pixel.wp.com/g.gif?v=ext&j=1%3A11.4&blog=145057846&post=0&tz=9&srv=cardlist.officecab.jp&host=cardlist.officecab.jp&ref=&fcp=0&rand=0.04348912137304173
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A11.4&blog=145057846&post=0&tz=9&srv=cardlist.officecab.jp&host=cardlist.officecab.jp&ref=&fcp=0&rand=0.04348912137304173 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cardlist.officecab.jp/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Feb 2023 01:45:51 GMT
Content-Type: image/gif
Content-Length: 50
Connection: keep-alive
Cache-Control: no-cache
Access-Control-Allow-Origin: *
platform.twitter.com/widgets.js
192.229.233.25200 OK 28 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP 192.229.233.25:0
File type Unicode text, UTF-8 text, with very long lines (38752)
Hash 8aa708f5eebf10bd82e942dabf1623a5
326a6d469222302a80ecf29039e7837d8870ee47
fcfdc2930fdd7f4b3c7f0c1308ce2e89fcc5082ae6a0a1e16ecf0f7e417f1368
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cardlist.officecab.jp/
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 840
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Fri, 10 Feb 2023 01:45:51 GMT
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amzn-internal-status: 304
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 27630
connect.facebook.net/en_US/sdk.js
157.240.205.11301 Moved Permanently 0 B URL HTTP/1.1 connect.facebook.net/en_US/sdk.js
IP 157.240.205.11:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cardlist.officecab.jp/
HTTP/1.1 301 Moved Permanently
Location: https://connect.facebook.net/en_US/sdk.js
Content-Type: text/plain
Server: proxygen-bolt
Date: Fri, 10 Feb 2023 01:45:51 GMT
Connection: keep-alive
Content-Length: 0
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a38248ac5d9614d846e981de5b7b85da
eadc10b05e5eb18bb27e1acaa3e7ddf396344e72
b1a279792426d316b4b938b5c5c90d2575c1aba4f486e6f59821a3226dfac7f5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6202
Cache-Control: max-age=88123
Content-Type: application/ocsp-response
Date: Fri, 10 Feb 2023 01:45:51 GMT
Etag: "63e43ed0-1d7"
Expires: Sat, 11 Feb 2023 02:14:34 GMT
Last-Modified: Thu, 09 Feb 2023 00:31:12 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fcardlist.officecab.jp
192.229.233.25200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fcardlist.officecab.jp
IP 192.229.233.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56166)
Size 105 kB (105435 bytes)
Hash 58f06e7d628e7e207cad8e48c9cc76be
9042f057d52be00c9535ce93b0ce4c03707e0c41
ea6c34f2e7acfea93ba722fe283f2704392dc518c9a0d1eeca0ba03a0b63d789
GET /widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fcardlist.officecab.jp HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cardlist.officecab.jp/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1396956
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 10 Feb 2023 01:45:51 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F709)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105435
connect.facebook.net/en_US/sdk.js
157.240.205.11200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 157.240.205.11:0
File type ASCII text, with very long lines (1957)
Hash 5a07339a71a5eab4bf3a7b74513bd426
9f6d6a02d84be4d948edf6eb636c3bdfcd28227d
18cfa34f3cebc32a8e3c666f9ba56a8cbe58e48bd5686a838b06a29604e0386f
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cardlist.officecab.jp/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 2960f44deb80b925d91c1ce3ea09caf8
etag: "9747198d2c66d8e2bb06b322c21a6037"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 10 Feb 2023 01:58:33 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: WgczmnGl6rS/Ont0UTvUJg==
x-fb-debug: nJqQOJr++4KVTPuYFLeIb/F0yMko3s6UBIa/mX243H+TCg+6oKE1V4T9X0fyDHg76WyftjLVg6C5RG1u8nsSlA==
priority: u=3,i
content-length: 1685
x-fb-trip-id: 1679558926
date: Fri, 10 Feb 2023 01:45:51 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a38248ac5d9614d846e981de5b7b85da
eadc10b05e5eb18bb27e1acaa3e7ddf396344e72
b1a279792426d316b4b938b5c5c90d2575c1aba4f486e6f59821a3226dfac7f5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6202
Cache-Control: max-age=88123
Content-Type: application/ocsp-response
Date: Fri, 10 Feb 2023 01:45:51 GMT
Etag: "63e43ed0-1d7"
Expires: Sat, 11 Feb 2023 02:14:34 GMT
Last-Modified: Thu, 09 Feb 2023 00:31:12 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 732106501de44d2865377c517a0d15de
0109b1a3400855e3f6c615746031b83b870b8b1c
da72813402ce019b79c394a338ed3ecc02858d6c5501e271b7e8233dbab0a507
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4748
Cache-Control: max-age=103188
Content-Type: application/ocsp-response
Date: Fri, 10 Feb 2023 01:45:51 GMT
Etag: "63e47f57-138"
Expires: Sat, 11 Feb 2023 06:25:39 GMT
Last-Modified: Thu, 09 Feb 2023 05:06:31 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 312
cardlist.officecab.jp/wp-content/themes/twentyseventeen/assets/images/header.jpg
119.82.26.176200 OK 115 kB URL HTTP/1.1 cardlist.officecab.jp/wp-content/themes/twentyseventeen/assets/images/header.jpg
IP 119.82.26.176:0
ASN #63997 Tsukaeru.net, Web Hosting Company, Japan
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 2000x1200, components 3\012- data
Size 115 kB (114854 bytes)
Hash 8030438c0c9b454bad3e94357cc28b51
c185138e7304e999ad9c49bbd3818b686077bac3
4503af815b99a57b1d22ddd6a5dc893bef6af00baab04ff2b5bce2288e97320e
GET /wp-content/themes/twentyseventeen/assets/images/header.jpg HTTP/1.1
Host: cardlist.officecab.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cardlist.officecab.jp/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Feb 2023 01:45:51 GMT
Content-Type: image/jpeg
Content-Length: 114854
Last-Modified: Thu, 02 Jun 2022 06:05:45 GMT
Connection: keep-alive
ETag: "62985339-1c0a6"
X-Powered-By: PleskLin
Accept-Ranges: bytes
syndication.twitter.com/settings?session_id=022361e525bf09edca6b2c97de0f6990e7f83386
104.244.42.72200 OK 326 B URL HTTP/2 syndication.twitter.com/settings?session_id=022361e525bf09edca6b2c97de0f6990e7f83386
IP 104.244.42.72:0
File type JSON data\012- , ASCII text, with very long lines (919), with no line terminators
Hash 11f6a2d6bb52340b52d53f9cf72973e8
ea0c3e5d850a2659b3344d84957b691a6f7942b8
a0b2545f4adeaf91f7a23b95f43c682557bdfd1e59d2cf394d10a01f97c886ff
GET /settings?session_id=022361e525bf09edca6b2c97de0f6990e7f83386 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 10 Feb 2023 01:45:51 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Fri, 10 Feb 2023 01:45:51 GMT
content-length: 326
content-encoding: gzip
x-transaction-id: 0b0d4ccbe925c006
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 115
x-connection-hash: 9747a53dffefc07456cace202ff61dcf366cdcc736244b8b1557d91af8f7bb05
X-Firefox-Spdy: h2
cardlist.officecab.jp/favicon.ico
119.82.26.176200 OK 114 kB URL HTTP/1.1 cardlist.officecab.jp/favicon.ico
IP 119.82.26.176:0
ASN #63997 Tsukaeru.net, Web Hosting Company, Japan
File type MS Windows icon resource - 7 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel\012- data
Size 114 kB (113459 bytes)
Hash 1db747255c64a30f9236e9d929e986ca
384023452346aa087d40c93c23ca2f5e32ff1b1f
88baf40feb43463a8f6aa6543e88bdbe33f0db9a317486e786eee1e5c76a9544
GET /favicon.ico HTTP/1.1
Host: cardlist.officecab.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cardlist.officecab.jp/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Feb 2023 01:45:51 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 113459
Last-Modified: Mon, 09 Apr 2018 13:07:13 GMT
Connection: keep-alive
ETag: "5acb6581-1bb33"
X-Powered-By: PleskLin
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72c79e8b-dbde-4a21-bdad-104c2b7856ad.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72c79e8b-dbde-4a21-bdad-104c2b7856ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0c1581f2c34e3fdf44a331d55d14abeb
269f1efc484653826c56e2d115dbf7bb64e0ab81
f4c41b937168ee481a81f6510d1668690105263fd14dc1af58183c1f14925f2f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72c79e8b-dbde-4a21-bdad-104c2b7856ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: 415d1b47-0e85-41c4-9ad9-bbe2d0ce2228
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AGK_YHpDoAMF95g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e58b95-519dc5054776e4a82bf57fdf;Sampled=0
x-amzn-remapped-date: Fri, 10 Feb 2023 00:11:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UNHpbXP9LJ3kG6M-6Pa12mN0p3wTur55i0s7YvK76IH-CqRImaq3Yg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 10 Feb 2023 00:49:30 GMT
age: 3387
etag: "269f1efc484653826c56e2d115dbf7bb64e0ab81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cardlist.officecab.jp/wp-content/plugins/search-filter/style.css?ver=1
119.82.26.176200 OK 0 B URL HTTP/2 cardlist.officecab.jp/wp-content/plugins/search-filter/style.css?ver=1
IP 119.82.26.176:0
ASN #63997 Tsukaeru.net, Web Hosting Company, Japan
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/search-filter/style.css?ver=1 HTTP/1.1
Host: cardlist.officecab.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cardlist.officecab.jp/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 10 Feb 2023 01:45:50 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Thu, 02 Jun 2022 06:10:25 GMT
etag: W/"241-5e070dc9f8e69"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stats.wp.com/e-202306.js
192.0.76.3200 OK 0 B IP 192.0.76.3:0
GET /e-202306.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cardlist.officecab.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 10 Feb 2023 01:45:49 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 05 Feb 2024 00:13:42 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2