r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3368
Expires: Tue, 07 Feb 2023 02:29:18 GMT
Date: Tue, 07 Feb 2023 01:33:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5344
Expires: Tue, 07 Feb 2023 03:02:14 GMT
Date: Tue, 07 Feb 2023 01:33:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19303
Expires: Tue, 07 Feb 2023 06:54:53 GMT
Date: Tue, 07 Feb 2023 01:33:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 07 Feb 2023 00:36:30 GMT
content-type: application/json
age: 3400
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: C/uqD0/EEe6N+Vq/kwpc06hg2kVhv043kqu7GJu68fA5b//L/iM2vkYwb4DBjG/RNYILirwb2zw=
x-amz-request-id: PBXJ2KPJMEKPF5E6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Feb 2023 00:45:22 GMT
age: 2868
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 01:33:10 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Feb 2023 01:07:20 GMT
age: 1550
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ad2d72821808ee5f77c0598fed0f8bd1
adcd92881d1c5ac3cca4687dc6347369240f4726
c7ce86611bf0b0063c0bcb2c6a6a4b85fe6be2d89e382b8907e8bbb2e1e5962d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 01:33:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
capitalcosmos.com/wp-includes/css/classic-themes.min.css?ver=1
172.67.141.22200 OK 188 B URL HTTP/1.1 capitalcosmos.com/wp-includes/css/classic-themes.min.css?ver=1
IP 172.67.141.22:0
Hash 8ac085745a5bcc97c54f8088973df029
4e065566e82d4623d0f5b4d9275d3ee29e15acd1
a0b69c3418ce7d86bcd33d370dec1ba31f2d9c143d932f52de7c4f98427a813f
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Nov 2022 11:56:55 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGsyM3PQGJ9%2BVFG6NQmZaJiG8q8gzQI3rekVJOuwGCuvgz0PuyxWD5U4r%2BiEEIMqg%2FwWyRugZEcEN%2F2qtrGj4OCWF9pEPrAbuvelDdPc11N83DENu6ibWeldqOwkmCU0NdG4rA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7958603d29061c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b3932b2043b2790096be0c07755ddd11
818271fec230d894ee3dcaff5a9b18544f6c41cf
db8c1ce9b1d6c6414bd849077c927a7625f2a2d3ef3b7e122e83e7d0b54fc57f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 01:33:10 GMT
Server: ECS (amb/6B7C)
Content-Length: 280
capitalcosmos.com/wp-content/plugins/auto-advance-for-gravity-forms/css/aafg_styles.css?ver=37
172.67.141.22200 OK 386 B URL HTTP/1.1 capitalcosmos.com/wp-content/plugins/auto-advance-for-gravity-forms/css/aafg_styles.css?ver=37
IP 172.67.141.22:0
File type ASCII text, with CRLF line terminators
Hash bce3fe1f119ebb08e3919093109c85d0
0d1ea49d2a79abbd6f757f1f7dd01e7dee1153db
445c450b689ec15dd37715365af09d9eba4cfdde71ab32240df9ade45624397b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/auto-advance-for-gravity-forms/css/aafg_styles.css?ver=37 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Aug 2022 07:41:22 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20hU9wttxOmx3mzLX8D3N6NCsHhQuCRWE97EQWRi3EqqvYKJhQxmfzE2OPbqoJmcpcqopwvUimV94kDgrjBZgDRO8B0yZKbguHD8Z6mqLNbQOnjOtinQ34eM68vd0IInCarf6A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7958603d2cb7b4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b3932b2043b2790096be0c07755ddd11
818271fec230d894ee3dcaff5a9b18544f6c41cf
db8c1ce9b1d6c6414bd849077c927a7625f2a2d3ef3b7e122e83e7d0b54fc57f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 01:33:10 GMT
Last-Modified: Tue, 07 Feb 2023 01:33:10 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
capitalcosmos.com/apply/
172.67.141.22200 OK 21 kB IP 172.67.141.22:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381)
Hash 8e9e905d751db75f05719f3e3a730a1c
4cb18002879878983c9dc8e794cd9788486227a0
432bd54135f58ac61ce25037173d2e020dae4020c2a770333c3ba0f11f4613e0
Analyzer Verdict Alert fortinet Phishing
GET /apply/ HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Link: <https://capitalcosmos.com/wp-json/>; rel="https://api.w.org/", <https://capitalcosmos.com/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json", <https://capitalcosmos.com/?p=7>; rel=shortlink
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDbEsfkA8XQMfP4cE7RQ4N7dz5MbXwa3INQsfHzS%2BePutnK0jYRXAvvArSOs4lqtM320JFPHs3370RKJNX21ut%2BSC2IAgH3EdzriF3F8JikdGqKftNLSBcbEyM5i0R%2FQ50aG0g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79586039adbe0b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ad2d72821808ee5f77c0598fed0f8bd1
adcd92881d1c5ac3cca4687dc6347369240f4726
c7ce86611bf0b0063c0bcb2c6a6a4b85fe6be2d89e382b8907e8bbb2e1e5962d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 01:33:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b3932b2043b2790096be0c07755ddd11
818271fec230d894ee3dcaff5a9b18544f6c41cf
db8c1ce9b1d6c6414bd849077c927a7625f2a2d3ef3b7e122e83e7d0b54fc57f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 01:33:10 GMT
Server: ECS (amb/6B89)
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b3932b2043b2790096be0c07755ddd11
818271fec230d894ee3dcaff5a9b18544f6c41cf
db8c1ce9b1d6c6414bd849077c927a7625f2a2d3ef3b7e122e83e7d0b54fc57f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 01:33:10 GMT
Server: ECS (amb/6B94)
Content-Length: 280
capitalcosmos.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
172.67.141.22200 OK 5.0 kB URL HTTP/1.1 capitalcosmos.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 172.67.141.22:0
File type ASCII text, with very long lines (15660)
Hash bbb097231c0fb01c0d2f6b36ed6671f8
c816b9446535131259db1107069b5096354f993b
aca781b166c02a50a9de1f82c51f0ebbd808b59e58e6dfe5f29ae84c881926c5
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 12 Apr 2022 17:26:24 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bK%2FHmvjRAfIjou4pyd8kWwNRb6AnlmZQnm8l%2FTYLd4aY8spzGm%2F3m76bQB%2FQVYAyEGokDS3AR73FERCF7AvJ2a0qMnwWnlHWM%2FvEBtkvL3K%2ByRkPCq7BQCXHMySqM6fj3bbIgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7958603d4f0ab500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b3932b2043b2790096be0c07755ddd11
818271fec230d894ee3dcaff5a9b18544f6c41cf
db8c1ce9b1d6c6414bd849077c927a7625f2a2d3ef3b7e122e83e7d0b54fc57f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 01:33:11 GMT
Server: ECS (amb/6B9D)
Content-Length: 280
capitalcosmos.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
172.67.141.22200 OK 3.8 kB URL HTTP/1.1 capitalcosmos.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP 172.67.141.22:0
File type ASCII text, with very long lines (19233)
Hash 8ff9a7b769f1dd6a22e37d3e77c538f1
3c904f8b42df2e2a0a566c18c19d6793b26d37bf
cbb4376f0b776b633543bbea816811a257d3ea9b44c5e632d531513638d46fa6
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:11 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Aug 2022 18:47:03 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K91%2B4%2FGOCOCAMybRCRwdpk9RhTG6X19muT%2FCU4xuGekMFhzoC2LSHXFvbfaIhHewO0trU9K3uJy95DMXCMH850x9qfPbFUo9mcOCzRNRHhDygUa9QsA%2BoQiKzzryHiOgQnsGQw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7958603d9beeb4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/s/gts1p5/dH2iTz57us0
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/dH2iTz57us0
IP 142.250.74.131:0
Hash f3b4f01a629ccbe79c02cb36915f4bcb
60cd550335f7913eefecedeede17f4813379433f
506cbb7e586780f94517aca66bffa0a2f1d5dc54297639c653966f06def5a5cb
POST /s/gts1p5/dH2iTz57us0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 01:33:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2200
Expires: Tue, 07 Feb 2023 02:09:51 GMT
Date: Tue, 07 Feb 2023 01:33:11 GMT
Connection: keep-alive
capitalcosmos.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
172.67.141.22200 OK 12 kB URL HTTP/1.1 capitalcosmos.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 172.67.141.22:0
File type ASCII text, with very long lines (47826)
Hash 7e9e687043fdd4b588771cdee5a77722
1ab50c2316fddfc06a6ea7b6758c5aab94abe0e1
5c8b185b1081a3ecd3ecd89c65ebb80a0e5cbb55d5b1eec84b5b59e8fbc5dc3e
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:11 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 23:50:12 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGOzEttsgZWZHnuiqU1Fm%2FkdLzRigBCn4Lxa3l04LX12iSIE5BBTSpKoT9IVkyffrdXWg7nhpiUJY%2BeX%2BKFnhpKal0Eo642DNoC00zXN%2BbowwUKWG%2FMIsIFhcskvRWSXYYbO6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7958603d2efeb500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/wp-content/uploads/elementor/css/post-9.css?ver=1661280445
172.67.141.22200 OK 355 B URL HTTP/1.1 capitalcosmos.com/wp-content/uploads/elementor/css/post-9.css?ver=1661280445
IP 172.67.141.22:0
File type ASCII text, with very long lines (1117), with no line terminators
Hash 0575359132c6c83f0aacb7cc860c35df
f6d7bd582057637010f029894280f153d0600f36
b1348174791fc820c235ce7b1fefe3e840c87af1d8fdb0185c1715d2947f17a7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-9.css?ver=1661280445 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:11 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Aug 2022 18:47:25 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fqf369ND3k9MhU%2FX83ScCqV9Oxp0e60ln0jR8ICa0pE10baGQll%2BxiI8a%2Bspd2w9KMSv0owvf1EHOvCoSAhqV59hlNr5BiTQznnHcXHprtRlQhw15NiNOpDEobr%2BjYaHauOYDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7958603f4dd2b4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/wp-content/uploads/elementor/css/global.css?ver=1661281254
172.67.141.22200 OK 822 B URL HTTP/1.1 capitalcosmos.com/wp-content/uploads/elementor/css/global.css?ver=1661281254
IP 172.67.141.22:0
File type ASCII text, with very long lines (6697)
Hash 317036380e1b6942efd956d6890251c3
c1a8ad02278a8aa2fa6d80bac4c7e4a0da60325f
c95c508a14c0de3961aef2aa727339a6b24a436969537c89346efcc2f067b0b4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/global.css?ver=1661281254 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:11 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Aug 2022 19:00:54 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KRUZT4P99zww55OxLhOFL4creuDrpyvm9CY0SpPGoTAv7I5Mfcv8uikYEtU4IuS7uZzwFBYqjRU4Tc6a%2FmuIDSc2aMFtUdAIUmJKN9cJi7Mwbtp0xBmxi7h4oes1PbiG5ly1GA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7958603f6fae0b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/wp-content/plugins/gravityforms/assets/css/dist/theme-components.min.css?ver=2.6.5
172.67.141.22200 OK 0 B URL HTTP/1.1 capitalcosmos.com/wp-content/plugins/gravityforms/assets/css/dist/theme-components.min.css?ver=2.6.5
IP 172.67.141.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gravityforms/assets/css/dist/theme-components.min.css?ver=2.6.5 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:11 GMT
Content-Type: text/css
Content-Length: 0
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Aug 2022 06:20:03 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkPOftCOyTUMUiCOMx1L21aQGWWwnYygc%2B9epqKZCQmRj4pruSqWXWgDLagSY7YJxSxf7dixU4KQgk3QvyMBYink17gVka5RjFy8PmJpaqrstyDGoke8vZJM7hepLwUG7rbrxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79586041087eb500-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
52.38.146.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.146.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EoLo2pPVHY2pqZRWNcGbIQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bNu6PtDFzY1ZAZ4wypvwcoWSRY0=
capitalcosmos.com/wp-content/uploads/elementor/css/post-7.css?ver=1665518412
172.67.141.22200 OK 771 B URL HTTP/1.1 capitalcosmos.com/wp-content/uploads/elementor/css/post-7.css?ver=1665518412
IP 172.67.141.22:0
File type ASCII text, with very long lines (5798), with no line terminators
Hash 3f1de3001e58ee65cc457d6d28910fa6
5d643099004d3abab1c2e396270c7e78a3e7498c
d64629b603549e3374dfdc24791cd6993529707eaa519221ae86bc7d1aa5f714
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-7.css?ver=1665518412 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:11 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 11 Oct 2022 20:00:12 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AqnfG5zOrP68FeYLvLpyrZe5cd6NvqMEppcIxg2d2nJ7Y5WDSWHVgNsXwe29zYTnj17N%2B%2FuQ8UhBsNG3xxAURztYNpDWPEGSPhX6tCL9D1sbbLNDMQnomU59B27uaIb%2Fyn7vWg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79586040483bb500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/wp-content/plugins/gravityforms/assets/css/dist/theme-ie11.min.css?ver=2.6.5
172.67.141.22200 OK 400 B URL HTTP/1.1 capitalcosmos.com/wp-content/plugins/gravityforms/assets/css/dist/theme-ie11.min.css?ver=2.6.5
IP 172.67.141.22:0
File type ASCII text, with very long lines (1757), with no line terminators
Hash 53161508538ce0fbdfc68e0648b4673f
df18b6802f05561844b7c301713feced134d2d6c
2736583db3958e9fb20ed434c900dc380e044ddced1d9786a45494e14957007c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gravityforms/assets/css/dist/theme-ie11.min.css?ver=2.6.5 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:11 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Aug 2022 06:20:03 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7TR5w6FK2QK4%2FJcPG%2FGaaxGZVqHHleGIDM%2BRjYNGY6I%2BspFCVn859m3Do2VK5PDJT2MyD%2FpS4nvTXufKgf3Ld%2FDc3MMeSNwwDXrBDGllT%2BoDyUR8Zob6fXI%2FjEPvnC6TdqPmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795860415ed1b4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.2
172.67.141.22200 OK 14 kB URL HTTP/1.1 capitalcosmos.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.2
IP 172.67.141.22:0
File type ASCII text, with very long lines (65497)
Hash b8d90a1d64cdb1512d0be0549e720d85
6735b4a81f81f78d277618b7a13562866c339006
f78e0741d8263cc998e09aadef5bbd53a4f449dda51f4fcf34fffa3f57bc0c04
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.2 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:11 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Aug 2022 18:47:03 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qmp3HMHhNgI5v5kpMd5%2FDd5LxJLafIGLfnlAcWZdSv1xS6tCns3MYmfmTnLvIZvCKi5J45yLwYzYFOYZ1v4m3ZLj1lrRW8z0tPteCmLKo9dOFaeIZNCKdV4tPj5z47k8rcIeMA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7958603f49891c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
mortgagespremier.com/wp-content/uploads/2022/08/circle-info-solid.png
172.67.188.216200 OK 6.6 kB URL HTTP/2 mortgagespremier.com/wp-content/uploads/2022/08/circle-info-solid.png
IP 172.67.188.216:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash dcd32fb8475fd04395e3362fd633a43e
84fffe1d02136a6fbfe091f12edefb5eb39603f4
db501ccde1cf89aa0bc350197386943b8d2ded6851d44373aaa8c8d26dcb7b32
GET /wp-content/uploads/2022/08/circle-info-solid.png HTTP/1.1
Host: mortgagespremier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://capitalcosmos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 01:33:11 GMT
content-type: image/png
content-length: 6613
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Fri, 12 Aug 2022 16:07:21 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eALS8oboGR0Ew5AXQpOCsq7ogEJl%2FZ6XY%2FkFtkgCoramPUBkdoZ56UeeOf5rB4eilAH%2FHQ%2BbHPgZ1TnKN0yfpVjwcQ1ND%2BwtCdP2%2BOE0lxR%2FRf1mTvJbM3Xlo%2F0YUMeGG%2BPWs7ku%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79586040dcf0b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
capitalcosmos.com/wp-content/plugins/image-choices-for-gravity-forms/assets/css/gfic_front_style.css?ver=1675733590
172.67.141.22200 OK 596 B URL HTTP/1.1 capitalcosmos.com/wp-content/plugins/image-choices-for-gravity-forms/assets/css/gfic_front_style.css?ver=1675733590
IP 172.67.141.22:0
Hash f5e1cd167d65d3c74b46f2d849b78c3c
2c85c5156a239e107d5f59de9b2cbc44c4e38a93
809c6df4e6607bb21b170cdf54b88a4f0521702d6d6a68687e4ad0b7ce31a7e8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/image-choices-for-gravity-forms/assets/css/gfic_front_style.css?ver=1675733590 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:11 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Aug 2022 07:40:57 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mwyqu0UOMGyBKYISUzZqRuxtmbxIZhlCi%2BKtrBMfSf%2Fs1jXmm8dUc8VHEAB9rwj89T7NrAIa7vVwoywL3v4JDNhaE4hx5ZQUJrJXgqIhYYYtbdDFsbNHDKTq%2BKF6w9wEUdgOmA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7958604208d4b500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/wp-content/plugins/gravityforms/assets/css/dist/theme.min.css?ver=2.6.5
172.67.141.22200 OK 5.7 kB URL HTTP/1.1 capitalcosmos.com/wp-content/plugins/gravityforms/assets/css/dist/theme.min.css?ver=2.6.5
IP 172.67.141.22:0
File type ASCII text, with very long lines (31244), with no line terminators
Hash 09de53bc37a78ac442be6f77a4385c1c
7a25e967f493d749db69b5889cdb8b6a5d4d4010
db6e6e47392c2359705c8b606dbda005fdaa8794c0bcb5c9163c3498b424da3e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gravityforms/assets/css/dist/theme.min.css?ver=2.6.5 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:11 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Aug 2022 06:20:03 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ma4jnUFwacFBsFV6d7wjj4frhXN8rP2bU4gCI%2FsIt1BLDJOfvz4vJog88j0ZOA9zR6Nqha9iknikaB9OpLYbBVVrxYjy7tlxI50%2BYouV0cEiNAH97PPFc49rRE4Gcy7%2B8ibVMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79586041686a0b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/wp-content/uploads/2022/10/noun-speedometer-1129480-CC1124-e1660321222593.png
172.67.141.22200 OK 87 kB URL HTTP/2 capitalcosmos.com/wp-content/uploads/2022/10/noun-speedometer-1129480-CC1124-e1660321222593.png
IP 172.67.141.22:0
File type PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced\012- data
Hash d9c9c5ea113dec2decc7cb0f32a66655
4269e6e2475cfcb8bd2bf5358d1d631619e0c6ad
5e4aa35d4fed0af96bd1ba5153ccc08af78a1d3fb3135f8cd1f799f24f5a3a88
GET /wp-content/uploads/2022/10/noun-speedometer-1129480-CC1124-e1660321222593.png HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://capitalcosmos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 01:33:11 GMT
content-type: image/png
content-length: 86980
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Sun, 09 Oct 2022 21:34:08 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OpX9iJAWv1ILpkRjWvewoXV0vrzL38Ntbd40srZ1oKi4pQO%2FW4fyzmF6uJE22F3jYTIkblAVdUTZ9Br%2F43Wcqe6KfNGL4JCaY%2FeEWYpLqEC1rE0qNarJsVZZBse16mQMmCwlzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7958603f6cb11bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
capitalcosmos.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
172.67.141.22200 OK 1.4 kB URL HTTP/2 capitalcosmos.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
IP 172.67.141.22:0
File type ASCII text, with very long lines (11736)
Hash 1982c51c2ff78a8203010b7af56bda0d
343f16d6851e05d2b6febb2e63dd014013173fdc
4c286430d6503e0536ff330537a4bfa5af18c294fd117cb939a51184b69ee357
GET /wp-content/plugins/elementor/assets/css/widget-icon-list.min.css HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://capitalcosmos.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 01:33:11 GMT
content-type: text/css
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Tue, 23 Aug 2022 18:47:03 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YKO1xn%2BES1FgpeYRQuJLrX6no4VNpBQmFys4Lca8AfbqOnF5GUhTHina944axzDfU7RdqPBFgrjNxsSPSNbrntobzwuyS0GCmlrDFcKA18KePwHHd5HBo9pUIyrPVFT87Ea7ww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795860402ce31bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
capitalcosmos.com/wp-content/uploads/2022/10/noun-speedometer-1129480-007435-1.png
172.67.141.22200 OK 83 kB URL HTTP/2 capitalcosmos.com/wp-content/uploads/2022/10/noun-speedometer-1129480-007435-1.png
IP 172.67.141.22:0
File type PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced\012- data
Hash c2ad59f9c54b930d14289c1a2fd08b8c
3c79de4faabecdaf49d615281e8775ff1fceea18
0ecfde3bbf9e2a7055ef154b94d24ba2ea140a4431fb081b1d7479cadb0b23c5
GET /wp-content/uploads/2022/10/noun-speedometer-1129480-007435-1.png HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://capitalcosmos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 01:33:11 GMT
content-type: image/png
content-length: 82780
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Sun, 09 Oct 2022 21:34:10 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rizEsGE2S60WSYL3ng7c6sdGxmpf448GxhugpsXGoWvdDGawZfiF%2FObKwbpPrcINeydz7SOt%2F55NrEKSgABtiRQ836TROsjNw7b%2B9hvO1swyye3hdmRSR1p5FvMaIkN5JxKorg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7958603f6cac1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
capitalcosmos.com/wp-content/uploads/2022/10/noun-meter-1129474-FFB258-1.png
172.67.141.22200 OK 84 kB URL HTTP/2 capitalcosmos.com/wp-content/uploads/2022/10/noun-meter-1129474-FFB258-1.png
IP 172.67.141.22:0
File type PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced\012- data
Hash 755544be544b863e15a9500dda5ed716
46098c18fa7eb0163b435f35602682403747e5b9
a7294312d03bbd5acb198c515f141f78b447dda33cc0d8a819ecc896eaab68ec
GET /wp-content/uploads/2022/10/noun-meter-1129474-FFB258-1.png HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://capitalcosmos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 01:33:11 GMT
content-type: image/png
content-length: 83992
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Sun, 09 Oct 2022 21:34:16 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xI9DbLb0y8cLt%2FzfytTyCuNP7e83h9wYE3n%2BDb5R7djrr%2Fu54amlC9pAjJGy4kX4FZWk7%2FYdzkBL%2FzYRvzDT2Z6hvkZ5MhoPhhGvgBwsO4uNpus7DBkRmX%2BnbjHcrAC7bs06A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7958603f6cb01bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
capitalcosmos.com/wp-content/uploads/2022/10/noun-manometer-1129481-71D358-1.png
172.67.141.22200 OK 90 kB URL HTTP/2 capitalcosmos.com/wp-content/uploads/2022/10/noun-manometer-1129481-71D358-1.png
IP 172.67.141.22:0
File type PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced\012- data
Hash fdbc18a43fd4da8b4d3b190fdacfd354
a52e440f0e4ad381c60dc245f1ca2aa58cb46e0d
9d1bfe696ee2f20afe413cde2a1c41c8fac5e1240c114fa3300d5a26956ce378
GET /wp-content/uploads/2022/10/noun-manometer-1129481-71D358-1.png HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://capitalcosmos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 01:33:11 GMT
content-type: image/png
content-length: 89973
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Sun, 09 Oct 2022 21:34:13 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkHCMifvule8KGoTfXlmfclwgkvs0mc9BYY2ztn78aN1y0CudB0Nx4Lwa5cp3DAMesM21wH6gqSMxJnKrqPODrgSvegIx1Y9GwUNCmOuIPmvRpr2K%2BK21bLHAbI2k3WMrucO5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7958603f6cad1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
capitalcosmos.com/wp-content/plugins/gravityforms/assets/css/dist/basic.min.css?ver=2.6.5
172.67.141.22200 OK 7.2 kB URL HTTP/1.1 capitalcosmos.com/wp-content/plugins/gravityforms/assets/css/dist/basic.min.css?ver=2.6.5
IP 172.67.141.22:0
File type ASCII text, with very long lines (47365), with no line terminators
Hash 69d21d54eb4b8ff19ba21f0d75323c84
87776e417f169dda57e29e15424646e6d771cb4f
d1f467a1ab081d4be202f7b5221137fe3bf9a429aafe32a25b91eb3d7a1e2a32
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gravityforms/assets/css/dist/basic.min.css?ver=2.6.5 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:11 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Aug 2022 06:20:03 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22VxsYpmNvQ%2BRjN5hDzj3RL4y9pOzuGrgqi2YBm06HO6pz4W08Mfwx9zidWA8nHmTfrBSizUwIgnPf6pbFfIsNofT5R%2BODWNC2hGS1ag9PdjzGRDXlOKi1EVKoYKwM6%2FU6q5nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795860408d12b4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/s/gts1p5/dH2iTz57us0
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/dH2iTz57us0
IP 142.250.74.131:0
Hash f3b4f01a629ccbe79c02cb36915f4bcb
60cd550335f7913eefecedeede17f4813379433f
506cbb7e586780f94517aca66bffa0a2f1d5dc54297639c653966f06def5a5cb
POST /s/gts1p5/dH2iTz57us0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 01:33:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
capitalcosmos.com/wp-content/themes/kalium/assets/css/bootstrap.min.css?ver=3.5.001
172.67.141.22200 OK 8.0 kB URL HTTP/1.1 capitalcosmos.com/wp-content/themes/kalium/assets/css/bootstrap.min.css?ver=3.5.001
IP 172.67.141.22:0
File type ASCII text, with very long lines (38871)
Hash c7183891d0db53b627e440b5ef25fc7a
16337c90c2fb3f9b7e4f468c58cbd6afd3e7fddb
48a112c3352605323d212d2dd06befe5a67cdf3032b662943cbae1b13536ca76
GET /wp-content/themes/kalium/assets/css/bootstrap.min.css?ver=3.5.001 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:11 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Aug 2022 18:52:09 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zzfu3aNtMCd7YXSQyvF8f3tC3HPTzYq%2Fuy0UY%2BLeBpRXVCiB9SoAT4P8MG%2B3a4DrAJDCUqZeM42m3%2FjCPipL3mhUjqMfMdo31klWr%2B0QAKAjFqQoKzybqqYH9WmijVvTzDdljQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7958604258e9b500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/wp-content/themes/kalium/assets/css/new/style.min.css?ver=3.5.001
172.67.141.22200 OK 1.5 kB URL HTTP/1.1 capitalcosmos.com/wp-content/themes/kalium/assets/css/new/style.min.css?ver=3.5.001
IP 172.67.141.22:0
File type ASCII text, with very long lines (7898)
Hash 3b8afb9dbfae924cd6533269cb3169f3
aff2c290ec7ad7f8e970fd64af990457f3991e0e
804e29b941bdbf6bd352d1633ba335faabef227680fa8306bd0ceb0269a1d22a
GET /wp-content/themes/kalium/assets/css/new/style.min.css?ver=3.5.001 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:11 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Aug 2022 18:52:09 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=erBz1ldUjZoL%2BqngeNdWcVYcE18%2BtPk10WGxW9swGa%2BzDUIKJ7VVutnKUxyIpvxM5fs8DwPyXjdbm%2FKHg09NxMBfrbYI7t73XrLo5CkSu68U%2FI6t7oXq%2FfUX0%2FEUsGWiZ8M0EA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795860436a761c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
172.67.141.22200 OK 4.2 kB URL HTTP/1.1 capitalcosmos.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 172.67.141.22:0
File type ASCII text, with very long lines (11126)
Hash 0d5bb2a36d1fc2e095235bc201eb5579
98f0154e2ed5322a9f65077f954868d6c800b337
fe6382620c35c12aa4f3f96fe395e5813defe330c1d95fd3de1e94f8f5d1f0a5
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 18 Nov 2020 19:36:06 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8rjnTJBQ0pwu3Qhp6GXBX1%2FJTCckvz9TvSG8qn0vt%2FhJO2rEbOUQE27eX33B3VPn4ye%2FmyoqqIpxZ91NdUgeA4aUHX0DiRpgX7YIZDmYhTcqpQg%2FEP99j7wB9S%2Bn847%2BUYc7SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795860453a37b500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/wp-content/themes/kalium/style.css?ver=3.5.001
172.67.141.22200 OK 415 B URL HTTP/1.1 capitalcosmos.com/wp-content/themes/kalium/style.css?ver=3.5.001
IP 172.67.141.22:0
File type HTML document, ASCII text, with very long lines (400), with CRLF line terminators
Hash 44ef3f27f1a97cf996e592653208932b
1cbdd1211556e5038ab5d8e1b79977fbeb7bc87f
948a23cc8f39e35b4b5dddb83fe1df65e375c1dd44da1cd5dc6647ca9ed412e0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kalium/style.css?ver=3.5.001 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:12 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Aug 2022 18:52:09 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1Ctra7q4kcmh3kxd9HhH%2FFDUs6kNJUugtnAwju1%2B0uRDJ6gO46FnpIBsy%2BD4cTN5TRWbgHWEEW%2BiABGt58wr0QeRpjsjewhNxOYXlvA%2FqH0b7EgKOuynOyy7pAaRWA61ifQ0g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7958604469740b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
172.67.141.22200 OK 655 B URL HTTP/1.1 capitalcosmos.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 172.67.141.22:0
File type HTML document, ASCII text, with very long lines (1238)
Hash bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 16:56:26 GMT
ETag: W/"63dd3cba-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5eqN5OU6cdLsdNhD3QjCR5NRIRC3QOpYxdPhKpm9k8iWeGMoOtUsA7RBGSVMAh%2FVAsEKYw%2B3Zak6jGsMv%2BMks0gTNhoMjdi2HcbA1paicNSgjVEzzr3P%2BxotPkFrompkoAhFw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7958604669f40b65-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Thu, 09 Feb 2023 01:33:12 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
capitalcosmos.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.6.5
172.67.141.22200 OK 936 B URL HTTP/1.1 capitalcosmos.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.6.5
IP 172.67.141.22:0
File type ASCII text, with very long lines (1840), with no line terminators
Hash 407bf64f7c42bdc5c862bb444e336c3e
a5aa72453ee7c45fc2084689dc4651d96c571960
f9fa3d914edafee87e26b5c57873687ed1e1576d0234dbc41544a8ed5f9f18c5
GET /wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.6.5 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Aug 2022 06:20:03 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uUP2htVX2wC%2Bx8soP4HuuOf9yoxDyIEFfpxJdLLs87EtYJicSa6imHJZt7JNbxCq8SPVbo77nMD9mFIF0UhafRau0%2FNVSa%2FFCMa31uGzuTHaMvy9cy%2FglES3cOKVQdyH1QYG1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795860456b001c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/wp-content/themes/kalium/assets/css/base.min.css?ver=3.5.001
172.67.141.22200 OK 30 kB URL HTTP/1.1 capitalcosmos.com/wp-content/themes/kalium/assets/css/base.min.css?ver=3.5.001
IP 172.67.141.22:0
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash 1a11589873aef4e3dd4dbf6c920559cd
db5245cb1260b63d0923ed3c31e9f75b8a371d77
6a2d666087155b7e1a3f5af4b64534021d90bc2d0e118c3eb88f6edfb6466b27
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kalium/assets/css/base.min.css?ver=3.5.001 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:12 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Aug 2022 18:52:09 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NA%2FBZjPuaeKo%2F%2FdYF5KkZbJVmJr4BDN8DexF1pwidt79uJeUQ7J4nXuP9mRdp6EVOQWvCDfHwslaBegNOQiwaQn7VDaOqaU5KYktC72AC5tvoGL%2F9m2X%2B6KuLDIOiJYZbGVKRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795860425f37b4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.6.5
172.67.141.22200 OK 13 kB URL HTTP/1.1 capitalcosmos.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.6.5
IP 172.67.141.22:0
File type ASCII text, with very long lines (44300), with no line terminators
Hash ea5cae609404d57d9eba90a86554ec36
a554f8eaf9f83b2099d0ee406f59b13782ec1e37
e38879f0a078c1b0ffb166aec3636d5d143be26d53a2d1f6e0188cc4f5148315
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.6.5 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Aug 2022 06:20:03 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6w0MMt6%2BMSjY1S28IYY7WrVr5gGVHBODP%2Fx3jFqGe5V6MPmuCDXr7ZXql4b2jTcgVXNYev7hzr8XR8Y2eKPL1tBJjnyqPCQbcbvm%2Fy7%2BilE35a4UZA%2B8zFCWCvLhHjf3w8cpcA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795860464ab3b500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/wp-content/themes/kalium/assets/css/other.min.css?ver=3.5.001
172.67.141.22200 OK 15 kB URL HTTP/1.1 capitalcosmos.com/wp-content/themes/kalium/assets/css/other.min.css?ver=3.5.001
IP 172.67.141.22:0
File type Unicode text, UTF-8 text, with very long lines (65432), with no line terminators
Hash 7aedbb82bd8e7224980a7609083b6ee7
22ab4a6ae560717f6c1c0985d238bc0b4e922811
1c471da6dd5b4f72d857e70d25176cb20274391bf9bbb5ff81baba826d79ce5a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kalium/assets/css/other.min.css?ver=3.5.001 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:12 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Aug 2022 18:52:09 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y0Bhe1828NZn4sryOKgaz70EzX044WP7v7vLw5aIoR4nqu4K77dmf4m8L2ahEN%2FFHrmaZGdSfZqLcaqRLOItL2eqZf6q9arBCwcFiGP7RgGd71mE2KFGwhKHdNa6gD43gr2FtA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7958604419a8b500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/wp-content/plugins/auto-advance-for-gravity-forms/js/aafg_script.js?ver=55
172.67.141.22200 OK 919 B URL HTTP/1.1 capitalcosmos.com/wp-content/plugins/auto-advance-for-gravity-forms/js/aafg_script.js?ver=55
IP 172.67.141.22:0
File type ASCII text, with CRLF line terminators
Hash c892b6bf96d29cb2afa999b1d9b70fae
27677c5d36af2594e02f0b19f48bcff5f5abc4f5
a85361d781b41be955bd3c02544cb795df96d6c87adc6c9d72188e14c700fa67
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/auto-advance-for-gravity-forms/js/aafg_script.js?ver=55 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Aug 2022 07:41:22 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRJmn%2F069EBhQHO4ftUy028MEU%2Fs7EGUiefBcVrqMfFB0YVi4fwpKHMSJbkMiTDJNv82cg4jDnIg%2BdRYLrdtkKykutzLJzQbnvOsNJxHaTb2shCZLqa4l2o9jB%2FxDHykWsLPpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795860467bb91c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
172.67.141.22200 OK 31 kB URL HTTP/1.1 capitalcosmos.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 172.67.141.22:0
File type ASCII text, with very long lines (65447)
Hash 25a014e67e9b2eafb7ecc86f1e30d77d
f4227f827cba0c787a4e08ccc6427d27c95873e2
63a06e24fbd59edc5ca7cff61c8cbb3f67c2a684c2a407ba891af34f737f15b9
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Nov 2022 11:56:55 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABY3YQEAK%2BUuroiUlML5tfurGLCkPkz8fH9zbIn4%2BRaQp080FGP8O7lTtKbWm%2Bfhuk%2FEz5yNEULChv7FTcydPrLB7LUltx6R6Wx%2BNSYo5rQiAuIV7qgv4hauCuYzxf%2BmFc2hEw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79586044aee2b4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3361
Expires: Tue, 07 Feb 2023 02:29:13 GMT
Date: Tue, 07 Feb 2023 01:33:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3361
Expires: Tue, 07 Feb 2023 02:29:13 GMT
Date: Tue, 07 Feb 2023 01:33:12 GMT
Connection: keep-alive
capitalcosmos.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
172.67.141.22200 OK 2.4 kB URL HTTP/1.1 capitalcosmos.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 172.67.141.22:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 6b0c5288bb5f4619cd7d10c077b2858b
f5fa1550d81a04d13d0d7273c32005722b910022
69c224d56ae4f660970896b60da2cabeb296fd95673a8ea23519db8f4f285b24
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Apr 2022 23:34:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7B50j%2BxdFrLP2pOdS9LDp554RwiehC8wKRDmLuM4U3GIc4BMdmTjGTqUQEEXFBn5wgD3nYlaN%2F124y84L2XCX4BCpEE%2FZuBngQfmXwsT%2F60ETwPLPriaxX%2Bv27enqdt4PT202w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79586047497fb4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
172.67.141.22200 OK 6.5 kB URL HTTP/1.1 capitalcosmos.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 172.67.141.22:0
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash 91f8030d1b051a5df8a937d988b8a4c5
4f575833d376de84ba5066e96064ea251f9ede90
bcf567eae295f5bb83287da56bb542163ef4a7e1c0d03608887508f9f0ad9294
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Nov 2022 11:56:55 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZhfsuwc5f1s1zudr5s88xukIaUFf0kfEEjA6MiuaOzwHdRRaBn%2Bsv4eVkqrC4Ngj9t1M0RfQBokG9N9%2Ff1P5kPSjjsME73zlUIECekD0gMJRjU0v9N0PurOv3OWjuFGMfrU9A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795860474b55b500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3361
Expires: Tue, 07 Feb 2023 02:29:13 GMT
Date: Tue, 07 Feb 2023 01:33:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3361
Expires: Tue, 07 Feb 2023 02:29:13 GMT
Date: Tue, 07 Feb 2023 01:33:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbda930-ccb5-4a8a-b679-2389a710fc6f.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbda930-ccb5-4a8a-b679-2389a710fc6f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d057038cd3164c40413a88f9b5c2af92
afbcb6617c7277ea42068c2aa1c8dcba02549873
ae03b42f1a5c3774e3ea569a886707a8a31da05a45bd971b829cf579be0ea6c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbda930-ccb5-4a8a-b679-2389a710fc6f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6787
x-amzn-requestid: 15924d6a-68a3-414b-9e23-68d37291d4a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvyxSEjXIAMFT3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc9808-22daff920f5fe1201328ccee;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 05:13:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1MPLwUh9ZmBc5Rv5SDB57KQM9FVTnOKVg24wE0rxBOc-cMxCQjCi8w==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 04:45:10 GMT
age: 74882
etag: "afbcb6617c7277ea42068c2aa1c8dcba02549873"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
capitalcosmos.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
172.67.141.22200 OK 1.7 kB URL HTTP/1.1 capitalcosmos.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP 172.67.141.22:0
File type ASCII text, with very long lines (4875)
Hash b7fad5256cf7aca9fd70a62bb93844c6
903085b7db8cb10da60739104d2b8b500d7bdf57
d35186efbbda488c7ad9e5b7c44d5d340e96c7823e609d791ef0d4bd29b4afd6
GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Apr 2022 23:34:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=veJjA1k7PSD9Q839%2FPUqAWDXM2X%2FJNP%2Bgnzy%2FzEzDD%2B9uWIBH3MZdJaqS81Qee3ULzcN8aYXbY5PPaqwaJFrTKoZZOTpxI0fe%2ByyZsg6iypK7P1%2FlP3t%2Fj7H3gKyV59W4GaPcg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795860488c8e1c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e47a0b9-4a27-4f39-8f25-f88789a2408f.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e47a0b9-4a27-4f39-8f25-f88789a2408f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0594f78c4fdfed5dd2e0666312555f40
db903b9a3f387c1510170f8d16dd4d289f7df83f
8874083a529064657b18be58147ae7df5fe79c822c4bd2a023fdf3df7186a62e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e47a0b9-4a27-4f39-8f25-f88789a2408f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3712
x-amzn-requestid: 44c7e7bd-1a95-49b6-9b0a-f8aff3725ded
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ftbOtH-lIAMF0xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dba591-2fb19c33646c3d327681e9f9;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 11:59:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ws42XiDa6w4O13v7obhNXNfA0QQIv03RG0Ze0IPrKWxxvsvUY2eCVg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:48:55 GMT
age: 13457
etag: "db903b9a3f387c1510170f8d16dd4d289f7df83f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a62e65-5d07-4259-aa47-d2491847eee9.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a62e65-5d07-4259-aa47-d2491847eee9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d29e7077f69b88a0108efeb7a2efe7e9
1958f83edeb8c6b68f17cead3fb5714f44e619eb
371f02a5b36ac3e52cc6c4e78f0980107a0f92105e79ee53278089ae5ff6de93
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a62e65-5d07-4259-aa47-d2491847eee9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10788
x-amzn-requestid: 8e1c8026-1eea-4eb0-810e-7ea43ed11f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyymWEsSoAMFykg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddcaf5-20fc23b535fa86f56a34fbae;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 03:03:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qMfsjm0A_Z0hDIwggPH5rWFTk0n-us4GSVN3XUN1XxNv2qUCHZckLg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 05:47:07 GMT
age: 71165
etag: "1958f83edeb8c6b68f17cead3fb5714f44e619eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ddd9c2a-2de8-4fe1-9341-c81dbdc66411.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ddd9c2a-2de8-4fe1-9341-c81dbdc66411.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e8f45e0cfda7ebdf13b6655900fb72de
b1f1fda9abc0abb565646ae011a6fddfd151177e
79621fce88059818e39c5d4a835bf82e38a942d1459453c57df0ef5b40a7030d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ddd9c2a-2de8-4fe1-9341-c81dbdc66411.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4857
x-amzn-requestid: 3ac95b8f-c805-4f6f-85ed-2b4c960992aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fqR7VHmUIAMFuEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63da637b-69f32e635cfb19f05b002cd3;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 13:04:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dl_RMlV9nE6HDdm6cdEn2YT8OuhEhhap4UcwN-4xkvM2XaheB9i8PQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 08:13:21 GMT
age: 62391
etag: "b1f1fda9abc0abb565646ae011a6fddfd151177e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f3d2073-c3ab-46e1-ba5b-8ee86228a330.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f3d2073-c3ab-46e1-ba5b-8ee86228a330.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 36cb274f24946af017753e90bde33287
e3c6e612459058bef9623b4a5080dbd693b5ce60
036a4f784f8b251bfd0f9eb2ad253637bbaaa5bb7ca9ee721298e531d09dbf3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f3d2073-c3ab-46e1-ba5b-8ee86228a330.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4070
x-amzn-requestid: 6722ea03-f2fa-4775-a362-aef820c99085
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzXPSEQXoAMFxow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de0594-36cd3a40489d553d62bb3ace;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:13:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Bap8sT5q6g7n_WCa5vHNVW-Cs_kSUSFsrYdna2d9aDAJHDiR5C9TVw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 04:21:41 GMT
age: 76291
etag: "e3c6e612459058bef9623b4a5080dbd693b5ce60"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 01:33:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 01:33:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eedb4de12585c70ddb5b8f94fe6a59e2
83c9437e71a0a03b3e8ff652155a85eafa76cdda
d4493a30f62e9ad224b3595ba3af8a322e2d4a3d9238a1847973f962bdcc0c82
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4227
x-amzn-requestid: b45f2ab7-0102-4542-9514-54fb93a0e27f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77sTH4jIAMFnsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1731b-4a24bcb1102e58543cd81343;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: V_4NzIAVBOZMjf_YIM3bowFdlP1y4peI5JI-jO105s3NVjmyYnC0Tg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:48:48 GMT
age: 13464
etag: "83c9437e71a0a03b3e8ff652155a85eafa76cdda"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 01:33:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://capitalcosmos.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 22:02:00 GMT
expires: Mon, 05 Feb 2024 22:02:00 GMT
cache-control: public, max-age=31536000
age: 99072
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://capitalcosmos.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 07:51:59 GMT
expires: Thu, 01 Feb 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 495673
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
capitalcosmos.com/wp-content/uploads/2022/08/Texto-do-seu-para%CC%81grafo.svg
172.67.141.22200 OK 80 kB URL HTTP/2 capitalcosmos.com/wp-content/uploads/2022/08/Texto-do-seu-para%CC%81grafo.svg
IP 172.67.141.22:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Hash d0eff0c5e21946bc3a089085b8375dfa
1d78942a87e4e79fc0c6f24a6f682568750edb5b
0298497187d467cc465ca906231c3f97f3695d1af31c460af8ca3bdb4883e10b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/08/Texto-do-seu-para%CC%81grafo.svg HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://capitalcosmos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 01:33:11 GMT
content-type: image/svg+xml
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Tue, 23 Aug 2022 18:59:41 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9LeN5r0VMY%2F%2BlgO4I1N4xX7t6IKDQPJEh6ZWcvy3CDx4Z60EVgwSl97lajXMgdKiE2Ak01h57z8PgxHVneFS%2BMX8REeTvUh9UjP%2BSkmLvtJZQoMqMkqh%2Fp05H3QzL0XrwTLucw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7958603f6cab1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
216.58.207.227200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://capitalcosmos.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Feb 2023 12:49:39 GMT
expires: Sun, 04 Feb 2024 12:49:39 GMT
cache-control: public, max-age=31536000
age: 218613
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 01:33:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
capitalcosmos.com/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
172.67.141.22200 OK 330 B URL HTTP/1.1 capitalcosmos.com/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
IP 172.67.141.22:0
File type ASCII text, with very long lines (463)
Hash c3416b390edc5d8d302563bb2cdc89d8
1e3e3187eedab0cce79890a1519ad30f127e39fe
6513a4072c00f58e976743c91d6f8c52e2ec81a0e045c92589523e9ea1046b31
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Apr 2022 23:34:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97zrC%2B0mVvB2Ed%2BIbkQJ9HJay0NOaSSvsASRQT%2Br512LmKVrqMTS7VenfvMkxj8sZFOEWzRvhpAwnb%2FVjc5PdtsGOYQMbt3sORXbNf5Uoct75fRCTayariTMhPZJLJsl8UKX1g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79586047fbe8b500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 01:33:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
capitalcosmos.com/wp-content/themes/kalium/assets/vendors/font-awesome/css/all.min.css?ver=3.5.001
172.67.141.22200 OK 20 kB URL HTTP/1.1 capitalcosmos.com/wp-content/themes/kalium/assets/vendors/font-awesome/css/all.min.css?ver=3.5.001
IP 172.67.141.22:0
File type ASCII text, with very long lines (65317)
Hash a963a9748cd0cedd081b06bdf82e4033
47b19aea76aba5e8da68651ac252357ae61f32d5
41846ca986a923c5580ed068b615f51eb01aab59c59c75e7e70966dff5e29268
GET /wp-content/themes/kalium/assets/vendors/font-awesome/css/all.min.css?ver=3.5.001 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:12 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Aug 2022 18:52:09 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bt5GBFXxafFcK3OQf5fD8doS0y7xZUEejy4Cf5%2B31ttfSKh3vmx1y7qdLEb%2Bd91jw%2F%2BvRkaVM5Wn127O01xHTqC3XDndttu0Bd%2FQuvSV8988pd0QSqDoH3OVNOwyaQrNJ14ePw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7958604669f50b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
172.67.141.22200 OK 3.9 kB URL HTTP/1.1 capitalcosmos.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP 172.67.141.22:0
Hash 17ae09035a68de848a2226473b532ff7
cc346d12d5bf4a4bf00c658a7b0e86846703d2c4
ca6bb7b1f18fb29bf4b53a35c411004442faf8e7c858ed40770a2e9958297598
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Nov 2022 11:56:55 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FA11huX4QGuJ1BDsjgthiyT9wp%2F%2F9NSgsEX9IO1cNxC%2BZA8TTJl3A1qC4ZvI62Y1Ene6MJUK36duStGKLx5MWTtCxgxvF5JijbRE0lEROc28QBuLs6psC1XLZTvoX4Gtkaon%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7958604888a3b4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/wp-content/themes/kalium/assets/vendors/gsap/ScrollToPlugin.min.js?ver=3.5.001
172.67.141.22200 OK 1.8 kB URL HTTP/1.1 capitalcosmos.com/wp-content/themes/kalium/assets/vendors/gsap/ScrollToPlugin.min.js?ver=3.5.001
IP 172.67.141.22:0
File type ASCII text, with very long lines (3502)
Hash 47edaea77b90d8f71d8838af60538894
e34b61deb0cc9ffc51db41743feb3344a4c9df4f
3d561f3baddb867635244e24d0a851cae930cd9771deebd0f4b60ceb8ca51da0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kalium/assets/vendors/gsap/ScrollToPlugin.min.js?ver=3.5.001 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Aug 2022 18:52:09 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I9HkQY2xTRK8Caz2weCYzDTpARIvFZF2uVCh8O%2FTwwlbBEQ8zIYoFJOZvm1JZzhsAonB05BI8n%2B41vwsBZapl2ZUPi6PbSlV0qGDcSV1cxBQBVQj7dTcyM0joLYDydc13tIC5g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7958604a4b100b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/wp-content/plugins/gravityforms/js/jquery.maskedinput.min.js?ver=2.6.5
172.67.141.22200 OK 1.8 kB URL HTTP/1.1 capitalcosmos.com/wp-content/plugins/gravityforms/js/jquery.maskedinput.min.js?ver=2.6.5
IP 172.67.141.22:0
File type ASCII text, with very long lines (4210), with no line terminators
Hash 84eea716da4f8517e9183f86b987e71d
baac51a6ef1bd20dcb64d397c2323b8773e6ce28
39d78a4ca4cbc0381d4025ee24b2ebdb8f700a33eb39efaa5c0e1a3aaea01ac8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gravityforms/js/jquery.maskedinput.min.js?ver=2.6.5 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Aug 2022 06:20:03 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o6ip77UJOnBg1oxYFqohiLXG191EDjNELoWo9ENqYFKA0%2F870XcZzh6CK16uByQ7OH85MJnlrYe0YQirTweAnPY1%2BBo7IF%2B5e4%2FlJuc4lkmajdZ%2FSffIYZQoPKmr8X%2FOXM1Xtg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795860495c96b500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/wp-includes/js/dist/a11y.min.js?ver=ecce20f002eda4c19664
172.67.141.22200 OK 982 B URL HTTP/1.1 capitalcosmos.com/wp-includes/js/dist/a11y.min.js?ver=ecce20f002eda4c19664
IP 172.67.141.22:0
File type Unicode text, UTF-8 text, with very long lines (2472)
Hash 3a5bdf964b105c1417b8aeb1308e158b
4fee988a0da9eef03e8b237df85d06f5b89bb691
9e232dc00ec1f61e7d817ed4ee54221430f04b18184e082379a897ffa074866b
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/a11y.min.js?ver=ecce20f002eda4c19664 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Apr 2022 23:34:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCIsUXJ3Y5n23c2tKtsHOPRfYW0Iz0EWNFIkznSazO11FK46XU4aPTclw8gA%2F4uyhytHznF9V%2BBKUORVuvgIg1m64Dw5lW5TEwnAKB4lO12zn43W7jDWUx%2F36m%2FadIZk2Dv6HA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795860495a4ab4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.6.5
172.67.141.22200 OK 1.8 kB URL HTTP/1.1 capitalcosmos.com/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.6.5
IP 172.67.141.22:0
File type ASCII text, with very long lines (4610)
Hash 20822b9c7d46dd609065db333b21d315
fdb91c75726ceb51b3255e87f339c5d8874930b4
3ac9f826735ac45d7555a3ba9ece0c4b6c54fe4733281aef72c9f71ae856adc6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.6.5 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Aug 2022 06:20:03 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0edv4mN9BmnRg6Kxzi1XbKwDDWQbLJjfwbeNvAOWavOyZHG29Zy6ATdLVVhLns4Sa6F9T9WuOZU9%2BkXwB6JNsYwjz0nyCXNDW2jVgHWiXktAdTTCe4RUrYXKzp%2B1irDtLG4mUw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795860499ce61c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.2
172.67.141.22200 OK 2.2 kB URL HTTP/1.1 capitalcosmos.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.2
IP 172.67.141.22:0
File type ASCII text, with very long lines (4918)
Hash c9a5b34700d16d85b7fbd5e10c2ec6e2
32ca551afc00b2409ae4e66ebecdecbbeb65c578
e615410a8bdc099441c7a3a5697e50bdf48a9617de955b434ad8a9e975d0e64c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.2 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Aug 2022 18:47:03 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uv%2FkcGgodM3%2BKMWMfu84a5aR4jqJF7jCPLwsyDUI4Z2qKE5P8j2tKI0MUmZbC5vG3yQEa%2B%2FsSXImNpG74WyxMaM%2FxEmEcxu%2BYd26IXu%2B%2FhLGUrH75DfZf0V6NZ%2BYo3rhOU5cZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7958604b6b2bb4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/wp-content/themes/kalium/assets/vendors/scrollmagic/plugins/animation.gsap.min.js?ver=3.5.001
172.67.141.22200 OK 782 B URL HTTP/1.1 capitalcosmos.com/wp-content/themes/kalium/assets/vendors/scrollmagic/plugins/animation.gsap.min.js?ver=3.5.001
IP 172.67.141.22:0
File type ASCII text, with very long lines (1424)
Hash 497758f4f068eea7090112c1b472a4a1
5e00c43af965e234d476ff3ca074dee243238fa4
558729a3c90c161fbaf6a7008caa21cff2d4157021091e7d0b288a544aa75bd6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kalium/assets/vendors/scrollmagic/plugins/animation.gsap.min.js?ver=3.5.001 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Aug 2022 18:52:09 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIZqw%2BnbjXNuQgVfy%2BDVl7bVuXPVNVUfERKKCgf4EnaQzJHwA7Ra6l01AO783RR44CznMyc%2BG8XGdRZd%2BAxwJqN60sb7%2F%2BEZ5DI8p0blSFY8RtBsP6DAnF1PzjY4VpNFyTDV%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7958604b5b5b0b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/wp-content/themes/kalium/assets/vendors/scrollmagic/ScrollMagic.min.js?ver=3.5.001
172.67.141.22200 OK 6.1 kB URL HTTP/1.1 capitalcosmos.com/wp-content/themes/kalium/assets/vendors/scrollmagic/ScrollMagic.min.js?ver=3.5.001
IP 172.67.141.22:0
File type ASCII text, with very long lines (17351)
Hash cb1d24b4db7425c2172ada5959299fac
a705161030ce879979a5c760ff88ee94aea32ebf
4ebd995d2834681ecafe1454a2af90e20988ec7fff68c8813a2c0880415c043a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kalium/assets/vendors/scrollmagic/ScrollMagic.min.js?ver=3.5.001 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Aug 2022 18:52:09 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnOu0GBkSVh3St5yEkAUAGGgq8XcDwOk%2FI%2BuVeq07whjt7YQHi8Q%2FOg%2FIjtPPlAu%2FoglHLMoCvjpmAMGMSnF8CdSCoDfknVksusPOnVV87xtDcOz1grYygT3B1ANKgdZo%2FyZLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7958604a998bb4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.2
172.67.141.22200 OK 11 kB URL HTTP/1.1 capitalcosmos.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.2
IP 172.67.141.22:0
File type Unicode text, UTF-8 text, with very long lines (32889)
Hash caeca5669fcbd9991ed61d60a49b999d
91a267a23ff476bd84d08a92807f2ac07cf83c41
ec0357d0d78a04c66764211a1b64f6458b4f7a103eb4ba8f3d6aa9e6a6c3ca2e
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.2 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Aug 2022 18:47:03 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vnqd7OWiQyoladfcq2DVorS63nVEzPq4jBv7H6FeXCxdNW3ceYpgyr2maJkQ3eMGObQKna8iv9oQmLjnLqVgSXObKeFMhpcqT%2Bx%2BFSKDqKZ22vpGphmkxMZCNKZB4ueyCfGrrg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7958604b9d541c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/wp-content/themes/kalium/assets/vendors/gsap/gsap.min.js?ver=3.5.001
172.67.141.22200 OK 25 kB URL HTTP/1.1 capitalcosmos.com/wp-content/themes/kalium/assets/vendors/gsap/gsap.min.js?ver=3.5.001
IP 172.67.141.22:0
File type ASCII text, with very long lines (63106)
Hash 2a28c915aca8f2e3066db9ed67db4c2d
bd198b35fd617b5a6d235b039a7adacafe9feeb7
6f2b226987a3fc0898a2d63d18d9719157ffb79dcb696fbc9dae50434e02db49
GET /wp-content/themes/kalium/assets/vendors/gsap/gsap.min.js?ver=3.5.001 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Aug 2022 18:52:09 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KyNTXOiMg%2FBRSGZbju1eG4W7hAuufwSc8vEPxRPapNBe3z3lJr2sTpGRWKhr%2FqR0yqddULwKTh9ip7NJ95zOlD8DMAzy%2BphrkM0%2B9J%2Fqo6A4oqOTMRi9YO7o4AOTYMdJ2xHQhg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7958604a0cfcb500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
172.67.141.22200 OK 3.0 kB URL HTTP/1.1 capitalcosmos.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 172.67.141.22:0
File type ASCII text, with very long lines (12198), with no line terminators
Hash c0db6d5c401074694c0330081ea8fffe
6a7474cbdd8d9f96165eb43a2d0e26840061a7fc
45cb1f190f039721a49a08310c0d932c469c9cb470786b34d6a904e20ffa8c93
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Aug 2022 18:47:03 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FoXXgPuOGv4AS0sq2E6sucvv9TNl%2Bv09JMDtAUrpd38KJGTftq3oitTGK%2Fs5gTa4vdyQgLUyzKkmhCOKOKgb%2F30gnrerjQvBZ%2BPhfDSqAdCke3WUzDKR1PMcRhY1Hb5Z%2BTryog%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7958604c7bfeb4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
172.67.141.22200 OK 7.1 kB URL HTTP/1.1 capitalcosmos.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 172.67.141.22:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 2a53644f9405e79f196a7e3b92ac43ff
ffa5d173105534899ec84c2349d3c239930d396e
9f4c51e502038dcaf0c98216a00ac2bf3605d7701c223e7d2a793b1ffbbd68cd
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Nov 2022 11:56:55 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KH3JvkcTHYnTkkxoP92nhjRFYyOYr5AbISmO4jHDGs%2FBA9Mib%2FlW6gvWMHKujO%2FnRwZy1MS8LmKeq4%2FTnH22balK4IwuNaSDXkxYqf6N0%2BdOF%2FFsGNfS8K065in809HTD04iLw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7958604d5bb70b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.2
172.67.141.22200 OK 12 kB URL HTTP/1.1 capitalcosmos.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.2
IP 172.67.141.22:0
File type ASCII text, with very long lines (40474)
Hash 6f0d4a7ed9921368dfcf886b8c6a1488
dda491cec15098065add453bdea23ac0cf0e0fd5
11efbe1c6435887017bf91711a45505a9421a732abf365d24f52b5a64676e800
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.2 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Aug 2022 18:47:03 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i9PYOR8U3nDeUjGNlkqgImD1MDWzX1nYKGxoMdvCaRnG7xMUM%2FIfpcpL8S8m1Xsya%2FBRaVFiD79gxojDyzNYCR3msuSh24Vo5GjawLCWT9T%2Fu3qWVUwaHZpaUf4LgKOx1qMrxw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7958604d8af6b4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
capitalcosmos.com/wp-content/themes/kalium/assets/js/main.min.js?ver=3.5.001
172.67.141.22200 OK 54 kB URL HTTP/1.1 capitalcosmos.com/wp-content/themes/kalium/assets/js/main.min.js?ver=3.5.001
IP 172.67.141.22:0
File type ASCII text, with very long lines (24329)
Hash a219bcbe5eafb6fd8a5222a9289f4ea2
a9174826f96cd074eac686e61db099ace4f7353f
2e5b8d7af734ed9103807515b0530b4305c0d6c84638f9df2dbf558ed0e5f506
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kalium/assets/js/main.min.js?ver=3.5.001 HTTP/1.1
Host: capitalcosmos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/apply/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Aug 2022 18:52:09 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXuhHMy44zp5RMT6ZtoXtiSHeJQDyCRucVckwDpy7qgi3vjsqkfCAodZEeXSKzcXOcz6Ir18Cy7%2F3dx4KgnYpZLj2IUTc4E9nG6z628p5i7exP5erSiTg4lWNI4h6Iu1MaR0Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7958604b6da3b500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
js.hs-analytics.net/analytics/1675733700000/22494686.js
104.17.69.176200 OK 23 kB URL HTTP/1.1 js.hs-analytics.net/analytics/1675733700000/22494686.js
IP 104.17.69.176:0
File type ASCII text, with very long lines (64775)
Hash f610139862f56e8ec9936515e08d544a
229e504f83d670e7873245246410e353162e3a85
c56897dc1de35a36fee1fb5595ac288b9221a49dedaec8cfadb0f869ce0f2531
GET /analytics/1675733700000/22494686.js HTTP/1.1
Host: js.hs-analytics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://capitalcosmos.com/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 01:33:14 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: fFpFHsX4XvytpSALGx6mcBOnhWe5KXyRdVRjisi9tn+gZboHEnSjigd2+2o7bYYWMqRGYbgoPvY=
x-amz-request-id: HA0YAG66S4ZE3C91
Last-Modified: Wed, 18 Jan 2023 21:38:01 GMT
ETag: W/"9b63868f834f1544594c4061c13a35a3"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=300, public
x-amz-version-id: null
Access-Control-Allow-Credentials: false
Vary: origin, Accept-Encoding
Expires: Tue, 07 Feb 2023 01:38:13 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
CF-RAY: 79586050ee1cb4ff-OSL
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 7d466dafe83a874032e1d703fe37b0a7
aea0501c518b2b1e23491a20fcbf105a0dcabfb2
1ab9f4033a170eae179d758cb1b2ef62effcacb440381bb23501a8609f1a24d7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6433
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 01:33:14 GMT
Last-Modified: Mon, 06 Feb 2023 23:46:02 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash dc4e1dc17b748299a70185e0acadf196
05c60ff11a454a1b526bd8ccf9b81d2b2d7b1c39
41e2e3ba5135be718c69493fff25e0e245ebbb16b73df741c413192180faecdb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4320
Cache-Control: max-age=163999
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 01:33:14 GMT
Etag: "63e17719-117"
Expires: Wed, 08 Feb 2023 23:06:33 GMT
Last-Modified: Mon, 06 Feb 2023 21:54:33 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0857a2e4f8694f1027eff307c48f44bb
b13964c0f44e26627257301791ec6bc47b82476c
88bc2b27a6554a142710d159a9ac68086b291538f179fe9f5f656d092a4135bd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1474
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 01:33:14 GMT
Last-Modified: Tue, 07 Feb 2023 01:08:40 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
track.hubspot.com/__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=504767505&v=1.1&a=22494686&rcu=https%3A%2F%2Fcapitalcosmos.com%2Fapply%2F&pu=http%3A%2F%2Fcapitalcosmos.com%2Fapply%2F&t=Apply+%E2%80%93+Capital+Cosmos&cts=1675733641828&vi=7abe46e18735dca69bc22b54e1b0fcbf&nc=true&ce=false&cc=0
104.19.155.83200 OK 45 B URL HTTP/2 track.hubspot.com/__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=504767505&v=1.1&a=22494686&rcu=https%3A%2F%2Fcapitalcosmos.com%2Fapply%2F&pu=http%3A%2F%2Fcapitalcosmos.com%2Fapply%2F&t=Apply+%E2%80%93+Capital+Cosmos&cts=1675733641828&vi=7abe46e18735dca69bc22b54e1b0fcbf&nc=true&ce=false&cc=0
IP 104.19.155.83:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c8817d472077ebfc04593c1fa019d32d
e1e86f41c86c7b9cd2e8b76c6a925a1a3e7e3247
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
GET /__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=504767505&v=1.1&a=22494686&rcu=https%3A%2F%2Fcapitalcosmos.com%2Fapply%2F&pu=http%3A%2F%2Fcapitalcosmos.com%2Fapply%2F&t=Apply+%E2%80%93+Capital+Cosmos&cts=1675733641828&vi=7abe46e18735dca69bc22b54e1b0fcbf&nc=true&ce=false&cc=0 HTTP/1.1
Host: track.hubspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://capitalcosmos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 01:33:14 GMT
content-type: image/gif
content-length: 45
cf-ray: 795860556e41b4eb-OSL
cache-control: no-cache, no-store, no-transform
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-hubspot-correlation-id: a4249974-b442-462e-9d75-e665de2aa9fe
x-robots-tag: none
set-cookie: __cf_bm=19Hpsr_ASRZzOj.OPB4etWfTREhVvhWJiM6l9hieqBs-1675733594-0-AUjgGBkJjDO7WxAxQA+cKqcu2d20laPQLPAKtZtYZoljd3us58GLcYLKpxH+jSomjgy/QVAMOJxCSsFqia1Fu4I=; path=/; expires=Tue, 07-Feb-23 02:03:14 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EyvpeuLW%2BMDIiPoDD6DuKmFFHsQjp%2FVfu%2F0hLtqVjLHyFAEKuqt3zyIdyaQvGzgiOJ7Ce21rWBUNetIhMgQp%2Bstps7uNmgt8qRi0Qh7lEl9Kn1Of8GnsHTvohBr0gae%2B5fuK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 7d466dafe83a874032e1d703fe37b0a7
aea0501c518b2b1e23491a20fcbf105a0dcabfb2
1ab9f4033a170eae179d758cb1b2ef62effcacb440381bb23501a8609f1a24d7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6424
Cache-Control: max-age=105998
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 01:33:14 GMT
Etag: "63e08c50-118"
Expires: Wed, 08 Feb 2023 06:59:52 GMT
Last-Modified: Mon, 06 Feb 2023 05:12:48 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 86518c1192f5e86e7f1addc048c33de1
c237d33af24265c25ea5e2484564663104fd467e
55a3abd72208526c05c78502aedbd73abcb42b41350087785d0d55ea0fbef479
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4085
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 01:33:14 GMT
Last-Modified: Tue, 07 Feb 2023 00:25:09 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280
forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2
104.16.88.5200 OK 35 B URL HTTP/2 forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2
IP 104.16.88.5:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2 HTTP/1.1
Host: forms.hsforms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://capitalcosmos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 01:33:15 GMT
content-type: image/gif
content-length: 35
x-trace: 2B86A15B8308A7842BDD71117028DD40FAF6DB8822000000000000000000
cache-control: max-age=0, no-cache, no-store
vary: origin
x-hubspot-correlation-id: 5847666b-f3db-4aef-ba92-0ff602d2da52
access-control-allow-credentials: false
access-control-expose-headers: X-Origin-Hublet
x-robots-tag: none
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 795860587cceb51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js-na1.hs-scripts.com/22494686.js
104.17.211.204200 OK 26 kB URL HTTP/2 js-na1.hs-scripts.com/22494686.js
IP 104.17.211.204:0
File type ASCII text, with very long lines (542)
Hash e405b8030df1819ea05e927732b19a05
3be40dac881b8ccedfd17a85e24cbf93e45971ef
ce4a9c27c6cef83f494fbce0a65c99a71fe996d4ad6d84e1090f5a0a8379e6c1
GET /22494686.js HTTP/1.1
Host: js-na1.hs-scripts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://capitalcosmos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 01:33:14 GMT
content-type: application/javascript;charset=utf-8
x-trace: 2BE527FA802461A0D5344C2C95D17F7F17BD09B43E000000000000000000
cache-control: public, max-age=30
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 3053f087-f86c-4bb2-8315-cbde6417651c
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-origin: http://capitalcosmos.com
last-modified: Tue, 07 Feb 2023 01:01:23 GMT
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 79586054ea10b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP 142.250.74.106:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://capitalcosmos.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 Feb 2023 01:33:10 GMT
date: Tue, 07 Feb 2023 01:33:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
js.hs-banner.com/v2/22494686/banner.js
172.64.154.85200 OK 0 B URL HTTP/2 js.hs-banner.com/v2/22494686/banner.js
IP 172.64.154.85:0
GET /v2/22494686/banner.js HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://capitalcosmos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 01:33:15 GMT
content-type: text/javascript; charset=UTF-8
x-amz-id-2: GtlwSb9YwIBqnUTp164h+QODImkEyR0v8XFXxGBqJgY/8Nf0VczOGC6FzaMNLTW2rl7JYcgL2yA=
x-amz-request-id: KB07PYR9MAN3SWKF
last-modified: Fri, 03 Feb 2023 23:30:16 GMT
etag: W/"32ccb7e3214f39cb05f10a7c29edd59f"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: r4J8AxKG1pNTWdEMeIB166Pkw1k86wCJ
access-control-allow-origin: http://capitalcosmos.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin, Accept-Encoding
expires: Tue, 07 Feb 2023 01:38:14 GMT
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 795860562aa1b500-OSL
content-encoding: br
X-Firefox-Spdy: h2