r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2366
Expires: Sun, 04 Dec 2022 14:14:41 GMT
Date: Sun, 04 Dec 2022 13:35:15 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2585
Cache-Control: max-age=164346
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:35:15 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:14:21 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 13:20:07 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 908
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3188
Expires: Sun, 04 Dec 2022 14:28:23 GMT
Date: Sun, 04 Dec 2022 13:35:15 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WReKDw8izEwN5iNpxvqBFlcuGI9DAU1JOXYXSdzljTkIremEaa5BxXQlE65KIvAhLbi05egcLe0=
x-amz-request-id: T2P9A88BKY7CVVT0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 12:47:33 GMT
age: 2862
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:15 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 13:08:58 GMT
cache-control: public,max-age=3600
age: 1578
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2605
Cache-Control: max-age=159300
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:35:16 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:50:16 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.41.91.37101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.91.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: M+neXrqLQ9o1iIXqyAonNQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7F6R+lO6VpPit5BRU1zreXqUcg8=
lor-likar.com/
212.224.121.194301 Moved Permanently 0 B IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET / HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 04 Dec 2022 13:35:17 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-LiteSpeed-Tag: 03a_HTTP.200,03a_HTTP.301
X-Redirect-By: WordPress
Location: https://lor-likar.com/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f8e52d2bf8aa4e84c6862b63aeb6fe9f
04ecd5b3eae6b8afe3bd2d70ec8fd13473255868
5514826b248e203df9f565bc3a4fc48b42bfba5098ea21101a4a33c67817d7e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5514826B248E203DF9F565BC3A4FC48B42BFBA5098EA21101A4A33C67817D7E4"
Last-Modified: Fri, 02 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21579
Expires: Sun, 04 Dec 2022 19:34:56 GMT
Date: Sun, 04 Dec 2022 13:35:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11235
Expires: Sun, 04 Dec 2022 16:42:32 GMT
Date: Sun, 04 Dec 2022 13:35:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11235
Expires: Sun, 04 Dec 2022 16:42:32 GMT
Date: Sun, 04 Dec 2022 13:35:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11235
Expires: Sun, 04 Dec 2022 16:42:32 GMT
Date: Sun, 04 Dec 2022 13:35:17 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 57076
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6UQ_BhPmpVpe9w6gsExB-EpNq_syeCCK6fr4Y1FFK1jDJh_n1Sd0Eg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:47 GMT
age: 56550
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c1a6f4805f59db44f9d3520d88701a58
6a0258e8c97ce09f1723382c8a16d9682b7dc50c
ae120df5e96352c6998c24c69c709dfd2b01a7ff8a7b935d496757fd7661f2f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7503
x-amzn-requestid: a4120308-c51e-4cff-99c2-90e86018b05d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cgZjCGkVIAMFpsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6389a2e0-6fdf362a6d32449239476155;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 07:01:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dy619jlSTwCjwDhGuLmwTMcmuYj1Kg2oLA7xORyAYX8IHWimhNo6pw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 07:16:07 GMT
age: 22750
etag: "6a0258e8c97ce09f1723382c8a16d9682b7dc50c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kRs3oBWnSs5asyPdvz6kkooy7pqm2Yr8R_2x8EXCVn3dBz_aEJurRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 07:26:41 GMT
age: 22116
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 027480c06cd67621f373c6765dafee4d
9f80bb7ca6f699d88eaec2248dec508c589fe994
f69a0d6bd6e79d8fa7f2f15df11237c0a8b04d45af3cd5870eeef86d18f553bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7728
x-amzn-requestid: 9f37e7a6-1f00-4a81-9b14-962fd0b6cdf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMEJxoAMFchQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-4a4cce217327b44525ea1e98;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ztC4S0WeA3ft_9JafrL6fInXo4jwkb0cTWUx4Z8L2uz3EWQS-d6F5A==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 22:02:47 GMT
age: 55950
etag: "9f80bb7ca6f699d88eaec2248dec508c589fe994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:38 GMT
age: 56559
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lor-likar.com/wp-content/themes/lor/img/burger.svg
212.224.121.194200 OK 429 B URL HTTP/2 lor-likar.com/wp-content/themes/lor/img/burger.svg
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 3bfe63cce6d0b3965c44d6e709f921c4
cf9ed7e5b2c447d2c806a1346c1ec37cb827a7d5
ef251329f165dcb27bd0dbe1c5f628f912e0b786f2d683e9c7d85554538f70b9
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /wp-content/themes/lor/img/burger.svg HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: image/svg+xml
content-length: 429
last-modified: Tue, 26 Oct 2021 18:32:14 GMT
etag: "617849ae-1ad"
expires: Tue, 03 Jan 2023 13:35:18 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 95e426d525f14fd00d0d1687e2ecd10b
7c991e804d1a22edf3c02a76d336cc7aefb0d6cb
10469c1d6359e07f9b20f21f0734080f989b3f54a8e83b1c872d2f7a3815db06
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2498
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:35:18 GMT
Last-Modified: Sun, 04 Dec 2022 12:53:40 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
lor-likar.com/wp-content/themes/lor/img/logo.svg
212.224.121.194200 OK 1.3 kB URL HTTP/2 lor-likar.com/wp-content/themes/lor/img/logo.svg
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
Hash 7a130c49e1ba93212bd96f1373159af5
1be95d5239942b98e0e54a1cd6a3f4a3fcab65e0
fa7434299b8dca555ef8552b8d1a455383ff9692a1f9dc949ac68ab6742fbb38
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /wp-content/themes/lor/img/logo.svg HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: image/svg+xml
last-modified: Thu, 28 Apr 2022 19:58:33 GMT
etag: W/"626af1e9-9bf"
expires: Tue, 03 Jan 2023 13:35:18 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
lor-likar.com/wp-content/themes/lor/img/social_1.svg
212.224.121.194200 OK 554 B URL HTTP/2 lor-likar.com/wp-content/themes/lor/img/social_1.svg
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (450)
Hash a91e5b4a86ddd8618e133046a7ad39c8
73aa85ad63e0fed826216dbba51b36bf768a5ffa
1b4bfe14671d89d6c700b5ea3eb1ecd4c228e0d44c0a006e067654bea7e2e30d
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /wp-content/themes/lor/img/social_1.svg HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: image/svg+xml
content-length: 554
last-modified: Tue, 26 Oct 2021 18:32:14 GMT
etag: "617849ae-22a"
expires: Tue, 03 Jan 2023 13:35:18 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 95e426d525f14fd00d0d1687e2ecd10b
7c991e804d1a22edf3c02a76d336cc7aefb0d6cb
10469c1d6359e07f9b20f21f0734080f989b3f54a8e83b1c872d2f7a3815db06
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2498
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:35:18 GMT
Last-Modified: Sun, 04 Dec 2022 12:53:40 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:35:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lor-likar.com/wp-content/themes/lor/js/common.js
212.224.121.194200 OK 778 B URL HTTP/2 lor-likar.com/wp-content/themes/lor/js/common.js
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
Hash a385094b6e217109b11a47ee1253bd97
5dd9803bfdb090fef0d8d856b40460d1a2f2b7a5
48234a4eb301dde63af56a698b2b6a4a97bc1e201f5a3f6eb417f3cfbf5933c9
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /wp-content/themes/lor/js/common.js HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: application/javascript
content-length: 778
last-modified: Thu, 28 Apr 2022 19:48:50 GMT
etag: "626aefa2-30a"
expires: Tue, 03 Jan 2023 13:35:18 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
lor-likar.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js
212.224.121.194200 OK 999 B URL HTTP/2 lor-likar.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
File type ASCII text, with very long lines (999), with no line terminators
Hash 6a0e8318d42803736d2fafcc12238026
c955314a7e0a9a9871329b0f042c8f0b5df49a78
2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: application/javascript
content-length: 999
last-modified: Wed, 19 Oct 2022 10:38:52 GMT
etag: "634fd3bc-3e7"
expires: Tue, 03 Jan 2023 13:35:18 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.6.0.min.js
69.16.175.10200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.6.0.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65447)
Hash 899f0189aaf034bbba5340f724d91dfa
210ea9de03968edb9d839ba4a0ce2d48666a8ab8
949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lor-likar.com
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:35:18 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670160918.dop212.sk1.t,1670160918.cds246.sk1.hn,1670160918.cds210.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7c9e0bb25e8c28e8b10038806b0a7190
9fa6097aeb8eacde8ba7c9ab80a7a7d2405ae2bc
f4864000960be2f888ed7d2467f74130231fed6f56ad48ff15861f5769e95a58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:35:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 95e426d525f14fd00d0d1687e2ecd10b
7c991e804d1a22edf3c02a76d336cc7aefb0d6cb
10469c1d6359e07f9b20f21f0734080f989b3f54a8e83b1c872d2f7a3815db06
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2498
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:35:18 GMT
Last-Modified: Sun, 04 Dec 2022 12:53:40 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
www.google.com/recaptcha/api.js?render=6Lf8FCMfAAAAAAMyhscRF818w7rXb3knidZHyMI9
142.250.74.132200 OK 582 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Lf8FCMfAAAAAAMyhscRF818w7rXb3knidZHyMI9
IP 142.250.74.132:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 7e3db79fa15e4113f7abc4703f7ba7a2
443536fe8a383ffc82bfe046ed7d2c448a6fce59
6822d30fb01aa6fd49467ba99759b2cf73a4cef476dad17ab26d5ccc57f76674
GET /recaptcha/api.js?render=6Lf8FCMfAAAAAAMyhscRF818w7rXb3knidZHyMI9 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 04 Dec 2022 13:35:18 GMT
date: Sun, 04 Dec 2022 13:35:18 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 582
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lor-likar.com/wp-content/themes/lor/img/team_1.png
212.224.121.194200 OK 62 kB URL HTTP/2 lor-likar.com/wp-content/themes/lor/img/team_1.png
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 232 x 239, 8-bit/color RGBA, non-interlaced\012- data
Hash e24362da0c09e0fe64b1f124e42fee03
931891fcf4d05029419111a88ad789d4350832f6
07d66761fce645e64a60ffe4b5cfb7bb53c35282e2afacc77cdc946b23bfde3c
Analyzer Verdict Alert openphish Facebook, Inc.
GET /wp-content/themes/lor/img/team_1.png HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: image/png
content-length: 61828
last-modified: Tue, 26 Oct 2021 18:32:14 GMT
etag: "617849ae-f184"
expires: Tue, 03 Jan 2023 13:35:18 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
lor-likar.com/wp-content/themes/lor/img/team_2.png
212.224.121.194200 OK 68 kB URL HTTP/2 lor-likar.com/wp-content/themes/lor/img/team_2.png
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 232 x 239, 8-bit/color RGBA, non-interlaced\012- data
Hash f7a6ed4380d81892f55c10e2fd3359c7
88cc327622d4c49284bc66f30567e32d08acabee
8bdf28306170b59b4f6b8d6df6b63063667b10243fe990c3f160ed896df7bdce
Analyzer Verdict Alert openphish Facebook, Inc.
GET /wp-content/themes/lor/img/team_2.png HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: image/png
content-length: 68319
last-modified: Tue, 26 Oct 2021 18:32:14 GMT
etag: "617849ae-10adf"
expires: Tue, 03 Jan 2023 13:35:18 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
lor-likar.com/wp-content/themes/lor/img/likar.png
212.224.121.194200 OK 127 kB URL HTTP/2 lor-likar.com/wp-content/themes/lor/img/likar.png
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 359 x 409, 8-bit/color RGBA, non-interlaced\012- data
Size 127 kB (126869 bytes)
Hash a5b44620db2907bd68abfad6e2ea5243
2824dd50e211e642c0cc5fd6000cfe4ef28b697b
7c50e948288cf742542e491769a4c6fe8817a39dce7f9c023cd4dfa2d090b938
Analyzer Verdict Alert openphish Facebook, Inc.
GET /wp-content/themes/lor/img/likar.png HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: image/png
content-length: 126869
last-modified: Tue, 26 Oct 2021 18:32:14 GMT
etag: "617849ae-1ef95"
expires: Tue, 03 Jan 2023 13:35:18 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:35:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lor-likar.com/wp-content/themes/lor/img/social_blue_1.svg
212.224.121.194200 OK 628 B URL HTTP/2 lor-likar.com/wp-content/themes/lor/img/social_blue_1.svg
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (524)
Hash 8ae49dff1e22a7dcadfd54e40031c41a
2409eb54684d97a4d3d91047a20520bc2d7d5134
05a9d58687130d6b07f1d5000dbedd785c6b41ad215963ee42ea8f165e0ac0a1
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /wp-content/themes/lor/img/social_blue_1.svg HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: image/svg+xml
content-length: 628
last-modified: Tue, 26 Oct 2021 18:32:14 GMT
etag: "617849ae-274"
expires: Tue, 03 Jan 2023 13:35:18 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
lor-likar.com/wp-content/themes/lor/img/news_1.jpeg
212.224.121.194200 OK 48 kB URL HTTP/2 lor-likar.com/wp-content/themes/lor/img/news_1.jpeg
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 305x180, components 3\012- data
Hash 8b50f4f1b4ea538dc4d85d02b0cf44e2
435997619525f5cab0e14c94e1ef3a26cca23650
7d3010bd8b7f544714c9d47c52f1ceaa4a337a9dce30d01c4f6f61fcb14f7d83
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /wp-content/themes/lor/img/news_1.jpeg HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: image/jpeg
content-length: 48548
last-modified: Tue, 26 Oct 2021 18:32:14 GMT
etag: "617849ae-bda4"
expires: Tue, 03 Jan 2023 13:35:18 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
lor-likar.com/wp-content/themes/lor/img/news_2.jpeg
212.224.121.194200 OK 53 kB URL HTTP/2 lor-likar.com/wp-content/themes/lor/img/news_2.jpeg
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 305x180, components 3\012- data
Hash 4be9d86633ade5dd4999fb09cd20b606
ecded86a8890276edddf6a11ad902769ed5a0731
f1c2f91901146541789295b9fbd2d9aa7fe09bf5981ff48fdbb9852493b56fc1
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /wp-content/themes/lor/img/news_2.jpeg HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: image/jpeg
content-length: 52676
last-modified: Tue, 26 Oct 2021 18:32:14 GMT
etag: "617849ae-cdc4"
expires: Tue, 03 Jan 2023 13:35:18 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
lor-likar.com/wp-content/themes/lor/img/news_3.jpeg
212.224.121.194200 OK 43 kB URL HTTP/2 lor-likar.com/wp-content/themes/lor/img/news_3.jpeg
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 305x180, components 3\012- data
Hash cfbaf71a742d5ed22996320022887814
b1920aef02d125bca4f615e33e5eb3c00bc9da27
f4af6b4b8e8f9959738e47667f6213e605ed60ef98989ed49bedb8f0b98b39cb
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /wp-content/themes/lor/img/news_3.jpeg HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: image/jpeg
content-length: 43168
last-modified: Tue, 26 Oct 2021 18:32:14 GMT
etag: "617849ae-a8a0"
expires: Tue, 03 Jan 2023 13:35:18 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
lor-likar.com/wp-content/themes/lor/img/news_4.jpeg
212.224.121.194200 OK 56 kB URL HTTP/2 lor-likar.com/wp-content/themes/lor/img/news_4.jpeg
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 305x180, components 3\012- data
Hash f79d36dbaab52adebc7378bde2eadca9
4b505be2c33b96a856b15699b04b4a6168280b22
e01d58a0cdb193eee783926d58855af90bfded685329d3868091ef4f4a0a6677
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /wp-content/themes/lor/img/news_4.jpeg HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: image/jpeg
content-length: 56204
last-modified: Tue, 26 Oct 2021 18:32:14 GMT
etag: "617849ae-db8c"
expires: Tue, 03 Jan 2023 13:35:18 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
lor-likar.com/wp-content/themes/lor/img/team_3.png
212.224.121.194200 OK 70 kB URL HTTP/2 lor-likar.com/wp-content/themes/lor/img/team_3.png
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 232 x 239, 8-bit/color RGBA, non-interlaced\012- data
Hash 7c228609f37df13d843ceca077b24a02
7453bdba176f4c22a15e148932b7300bb4097c53
5a85e35cf394bd1dc29f8aed05149f98fda9e3a1c11b59f1a26618d3ec23197a
Analyzer Verdict Alert openphish Facebook, Inc.
GET /wp-content/themes/lor/img/team_3.png HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: image/png
content-length: 69508
last-modified: Tue, 26 Oct 2021 18:32:14 GMT
etag: "617849ae-10f84"
expires: Tue, 03 Jan 2023 13:35:18 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f54a71942ab5d7fdc54672cf84aa76db
e03db706ad371c93ddd3cc4a3e4c329777bb5f4b
87453ee6a206085c9b82594123a30bf59f7354733d19f21e388dea70768198c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:35:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/bootstrap@5.1.1/dist/js/bootstrap.min.js
104.16.88.20200 OK 17 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.1.1/dist/js/bootstrap.min.js
IP 104.16.88.20:0
File type ASCII text, with very long lines (59454)
Hash 8bf176cd44dcaf2ae8bc3ae2abfe857f
abbe0a73caa5b55deb89eb89347e29cc91bd081c
ace61c268437eeb5a400ce0ad4ee886b765242e5b8d10a37eebc5989b7bfd2f0
GET /npm/bootstrap@5.1.1/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lor-likar.com
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 5.1.1
x-jsd-version-type: version
etag: W/"e955-UwylTf200+f0lv14LYeq8PFpaUY"
x-served-by: cache-fra19139-FRA, cache-yyz4521-YYZ
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 2017466
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PhVamRt7c%2BxtQdofzfodJu4wtaKzzawaCdSZsu1iSNshKbAg%2FHpAe38DyP5XpesMebbOGN1SizxvcYO9Qgbr9xmex8TKf2nn2CBCCAGxx6M76SKxXOaEb5dzEnxID9RKOBE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7744ecabffedb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lor-likar.com/wp-content/themes/lor/img/tap_link.svg
212.224.121.194200 OK 927 B URL HTTP/2 lor-likar.com/wp-content/themes/lor/img/tap_link.svg
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
Hash 27c2b862a4b188cea0d84768fbd96a7b
6e3307c84b212feb7a568380d4e412e24a55127c
e200bf4377f1f3fd3ebf8713aaba69ec48ac27c2f300120887b3f0ba62ac8500
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /wp-content/themes/lor/img/tap_link.svg HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: image/svg+xml
last-modified: Tue, 26 Oct 2021 18:32:14 GMT
etag: W/"617849ae-506"
expires: Tue, 03 Jan 2023 13:35:18 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
lor-likar.com/wp-content/themes/lor/img/group_right.png
212.224.121.194200 OK 14 kB URL HTTP/2 lor-likar.com/wp-content/themes/lor/img/group_right.png
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 474 x 929, 8-bit/color RGBA, non-interlaced\012- data
Hash b3a4ad148c84dd8ea1a6c0daeb389ea5
4c598b3f09b8850d196d8837f569835ca0ac4e94
5d72a033811a6a7a18c06101d31d20226fc7df5e2c4dcbf1999c26ea2ec01dfb
Analyzer Verdict Alert openphish Facebook, Inc.
GET /wp-content/themes/lor/img/group_right.png HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/wp-content/cache/autoptimize/css/autoptimize_c38a94aef7f870fd723d14adf23faab8.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: image/png
content-length: 13849
last-modified: Tue, 26 Oct 2021 18:32:14 GMT
etag: "617849ae-3619"
expires: Tue, 03 Jan 2023 13:35:18 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
lor-likar.com/wp-content/themes/lor/img/quote.svg
212.224.121.194200 OK 27 kB URL HTTP/2 lor-likar.com/wp-content/themes/lor/img/quote.svg
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
Hash 024a8f4066fa003bf6fb15d44b3ceaef
1ae9d0f4f4663617b59c615c11d731db5d8768a1
4739d6352affa67ea5a9347ee9c2a990e73d02e220d69708f34ec3a0c40ead98
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /wp-content/themes/lor/img/quote.svg HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: image/svg+xml
last-modified: Tue, 26 Oct 2021 18:32:14 GMT
etag: W/"617849ae-4c3"
expires: Tue, 03 Jan 2023 13:35:18 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:35:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:35:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:35:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:35:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:35:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lor-likar.com/wp-content/themes/lor/img/social_blue_2.svg
212.224.121.194200 OK 27 kB URL HTTP/2 lor-likar.com/wp-content/themes/lor/img/social_blue_2.svg
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
Hash c837dee8ad2794ea4daf404b3a93f334
f0eb302d9a65fb8649a69ddca48ac6f543171374
a6536e33776fb93f4ca432c1ce75ff6b9b561f98c7e63a0d9a875b3b37a42fd0
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /wp-content/themes/lor/img/social_blue_2.svg HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: image/svg+xml
last-modified: Tue, 26 Oct 2021 18:32:14 GMT
etag: W/"617849ae-d17"
expires: Tue, 03 Jan 2023 13:35:18 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.227200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lor-likar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 21:08:51 GMT
expires: Tue, 28 Nov 2023 21:08:51 GMT
cache-control: public, max-age=31536000
age: 491187
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-M6NVQ7L
142.250.74.168200 OK 52 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-M6NVQ7L
IP 142.250.74.168:0
File type ASCII text, with very long lines (5019)
Hash 555b246ef9f7b92175c4087746c195ec
3335fcba27ce13a1900d87a0f586670f9216264d
30fed2db5c0cf61c62f5ea89840a9c7bd807cc6789fe523a31038916a3610617
GET /gtm.js?id=GTM-M6NVQ7L HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 13:35:18 GMT
expires: Sun, 04 Dec 2022 13:35:18 GMT
cache-control: private, max-age=900
last-modified: Sun, 04 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52157
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lor-likar.com/wp-content/plugins/contact-form-7/includes/js/index.js
212.224.121.194200 OK 8.6 kB URL HTTP/2 lor-likar.com/wp-content/plugins/contact-form-7/includes/js/index.js
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
Hash 514858634ebc9faff5e08720d5fa3207
4e1a6bcdb83c80d07e81fa0ba1f87191ec17b342
fcab1bca61f4d028e79e318f67c4043839335a10cba13ed19cc3f70230cde227
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 10:38:52 GMT
etag: W/"634fd3bc-3016"
expires: Tue, 03 Jan 2023 13:35:18 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:35:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:35:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lor-likar.com/wp-content/themes/lor/fonts/slick.woff
212.224.121.194200 OK 1.4 kB URL HTTP/2 lor-likar.com/wp-content/themes/lor/fonts/slick.woff
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
File type Web Open Font Format, CFF, length 1380, version 1.0\012- data
Hash b7c9e1e479de3b53f1e4e30ebac2403a
af91c12f0f406a4f801aeb3b398768fe41d8f864
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /wp-content/themes/lor/fonts/slick.woff HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://lor-likar.com/wp-content/cache/autoptimize/css/autoptimize_c38a94aef7f870fd723d14adf23faab8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: font/woff
content-length: 1380
last-modified: Tue, 26 Oct 2021 18:32:12 GMT
etag: "617849ac-564"
expires: Tue, 03 Jan 2023 13:35:18 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
lor-likar.com/wp-json/contact-form-7/v1/contact-forms/45/feedback/schema
212.224.121.194200 OK 514 B URL HTTP/2 lor-likar.com/wp-json/contact-form-7/v1/contact-forms/45/feedback/schema
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
Hash 7a4e4f7153e67fbf3856027b665ae95a
a776fd92f4170077e021a740c3c279ed872cc63a
b89fdd145cf00e58c0941bcc70b572023b5dc227dc2425b766047bf5ddb911ba
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /wp-json/contact-form-7/v1/contact-forms/45/feedback/schema HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lor-likar.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:19 GMT
content-type: application/json; charset=UTF-8
x-robots-tag: noindex
link: <https://lor-likar.com/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
x-litespeed-tag: 03a_HTTP.200
vary: Origin
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd0b48347644ddc60fb16b04140cfcb7
ef8d6c8e3c979e98c82655290150aa14fe5d44d1
f3d27c16653ed979a7cce2dc6239a48a86c7dab2fc34949b540802e50b05275a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3278
Cache-Control: max-age=108890
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:35:19 GMT
Etag: "638b9ba3-1d7"
Expires: Mon, 05 Dec 2022 19:50:09 GMT
Last-Modified: Sat, 03 Dec 2022 18:55:31 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
lor-likar.com/wp-json/contact-form-7/v1/contact-forms/47/feedback/schema
212.224.121.194200 OK 20 kB URL HTTP/2 lor-likar.com/wp-json/contact-form-7/v1/contact-forms/47/feedback/schema
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
File type JSON data\012- , ASCII text, with very long lines (1325)
Hash c5d47561e4ebf2afad3eae093438cc3b
e0ca48d112be0d9329419449870e02308b5ecdfb
ba05acb02c12dd1b1b9cf8b9ee6f0be9c97525b72c8bb3d99be6ac997dd1e207
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /wp-json/contact-form-7/v1/contact-forms/47/feedback/schema HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lor-likar.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:19 GMT
content-type: application/json; charset=UTF-8
x-robots-tag: noindex
link: <https://lor-likar.com/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
x-litespeed-tag: 03a_HTTP.200
vary: Origin
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: gzip
X-Firefox-Spdy: h2
lor-likar.com/wp-content/themes/lor/img/group_left.png
212.224.121.194404 Not Found 36 kB URL HTTP/2 lor-likar.com/wp-content/themes/lor/img/group_left.png
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (30538)
Hash 17ce38d9357b5d5619613f5c0e5c35c8
0ab4342e3010b24c082157cfd197676c58fff48a
fbb11b64a32d570cd3d1bb2f12611af05f2776ba63ccfe469973e0babff7dc6d
Analyzer Verdict Alert openphish Facebook, Inc.
GET /wp-content/themes/lor/img/group_left.png HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/wp-content/cache/autoptimize/css/autoptimize_c38a94aef7f870fd723d14adf23faab8.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-litespeed-tag: 03a_HTTP.404,03a_PGSRP
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@5.1.1/dist/css/bootstrap.min.css
104.16.88.20200 OK 188 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.1.1/dist/css/bootstrap.min.css
IP 104.16.88.20:0
File type Unicode text, UTF-8 text, with very long lines (65306)
Size 188 kB (188419 bytes)
Hash 0df9a1da858d71ca2320b988840bc729
33b59bb785873bce2ee787f9fe7a835833f91c38
0d18e61dc2b26cffc0dc5032c727e2f74ea85dea07746ee3e435db8a38a6b857
GET /npm/bootstrap@5.1.1/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lor-likar.com
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 5.1.1
x-jsd-version-type: version
etag: W/"27bcc-BZIWlzlsFSRVBPxM7BbsU0yOz/8"
x-served-by: cache-fra19170-FRA, cache-iad-kiad7000046-IAD
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 15606872
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YFq9Ojz6mqipEG5uZnrkbUhX2ZuZWDqf8QgzQ9N%2Feef1BUpxWwS%2Fs%2BZ%2Ff362M1QOKvom9Gu0fcoRec%2BEuuPH7jBomMIaxwhludN%2F8HmiDHWMyBKUrytP1l26Mi4Jep%2BI%2BGM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7744ecabefd9b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd0b48347644ddc60fb16b04140cfcb7
ef8d6c8e3c979e98c82655290150aa14fe5d44d1
f3d27c16653ed979a7cce2dc6239a48a86c7dab2fc34949b540802e50b05275a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3278
Cache-Control: max-age=108890
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:35:19 GMT
Etag: "638b9ba3-1d7"
Expires: Mon, 05 Dec 2022 19:50:09 GMT
Last-Modified: Sat, 03 Dec 2022 18:55:31 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/j/collect?v=1&_v=j98&a=404106803&t=pageview&_s=1&dl=https%3A%2F%2Flor-likar.com%2F&ul=en-us&de=UTF-8&dt=%D0%AF%D1%86%D0%BA%D1%96%D0%B2%20%D0%9A%D0%BB%D1%96%D0%BD%D1%96%D0%BA%20%E2%80%94%20%D0%9C%D0%B5%D0%B4%D0%B8%D1%87%D0%BD%D0%B8%D0%B9%20%D1%86%D0%B5%D0%BD%D1%82%D1%80&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAACAAI~&jid=2055974447&gjid=1002820342&cid=1641104192.1670160917&tid=UA-195636972-1&_gid=1007301933.1670160917&_r=1>m=2wgbu0M6NVQ7L&z=714881809
142.250.74.46200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=404106803&t=pageview&_s=1&dl=https%3A%2F%2Flor-likar.com%2F&ul=en-us&de=UTF-8&dt=%D0%AF%D1%86%D0%BA%D1%96%D0%B2%20%D0%9A%D0%BB%D1%96%D0%BD%D1%96%D0%BA%20%E2%80%94%20%D0%9C%D0%B5%D0%B4%D0%B8%D1%87%D0%BD%D0%B8%D0%B9%20%D1%86%D0%B5%D0%BD%D1%82%D1%80&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAACAAI~&jid=2055974447&gjid=1002820342&cid=1641104192.1670160917&tid=UA-195636972-1&_gid=1007301933.1670160917&_r=1>m=2wgbu0M6NVQ7L&z=714881809
IP 142.250.74.46:0
File type ASCII text, with no line terminators
Hash cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
POST /j/collect?v=1&_v=j98&a=404106803&t=pageview&_s=1&dl=https%3A%2F%2Flor-likar.com%2F&ul=en-us&de=UTF-8&dt=%D0%AF%D1%86%D0%BA%D1%96%D0%B2%20%D0%9A%D0%BB%D1%96%D0%BD%D1%96%D0%BA%20%E2%80%94%20%D0%9C%D0%B5%D0%B4%D0%B8%D1%87%D0%BD%D0%B8%D0%B9%20%D1%86%D0%B5%D0%BD%D1%82%D1%80&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAACAAI~&jid=2055974447&gjid=1002820342&cid=1641104192.1670160917&tid=UA-195636972-1&_gid=1007301933.1670160917&_r=1>m=2wgbu0M6NVQ7L&z=714881809 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://lor-likar.com
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://lor-likar.com
date: Sun, 04 Dec 2022 13:35:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:35:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-195636972-1&cid=1641104192.1670160917&jid=2055974447&gjid=1002820342&_gid=1007301933.1670160917&_u=YEBAAEAAAAAAACAAI~&z=442322723
64.233.165.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-195636972-1&cid=1641104192.1670160917&jid=2055974447&gjid=1002820342&_gid=1007301933.1670160917&_u=YEBAAEAAAAAAACAAI~&z=442322723
IP 64.233.165.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-195636972-1&cid=1641104192.1670160917&jid=2055974447&gjid=1002820342&_gid=1007301933.1670160917&_u=YEBAAEAAAAAAACAAI~&z=442322723 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://lor-likar.com
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://lor-likar.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 04 Dec 2022 13:35:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:35:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=308623131280833&ev=PageView&dl=https%3A%2F%2Flor-likar.com%2F&rl=&if=false&ts=1670160917123&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670160917121.1441464366&it=1670160916914&coo=false&rqm=GET
157.240.240.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=308623131280833&ev=PageView&dl=https%3A%2F%2Flor-likar.com%2F&rl=&if=false&ts=1670160917123&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670160917121.1441464366&it=1670160916914&coo=false&rqm=GET
IP 157.240.240.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=308623131280833&ev=PageView&dl=https%3A%2F%2Flor-likar.com%2F&rl=&if=false&ts=1670160917123&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670160917121.1441464366&it=1670160916914&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 04 Dec 2022 13:35:19 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 663979bbd831a40bec8611cfac8d77af
aa43c96676a33100f244e6772e37adc2b6f89b76
60c21027da288e857f546b531dd226d81206bfa85a35985b0e1587a68dec4d5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:35:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-195636972-1&cid=1641104192.1670160917&jid=2055974447&_u=YEBAAEAAAAAAACAAI~&z=1620093245
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-195636972-1&cid=1641104192.1670160917&jid=2055974447&_u=YEBAAEAAAAAAACAAI~&z=1620093245
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-195636972-1&cid=1641104192.1670160917&jid=2055974447&_u=YEBAAEAAAAAAACAAI~&z=1620093245 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 13:35:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 663979bbd831a40bec8611cfac8d77af
aa43c96676a33100f244e6772e37adc2b6f89b76
60c21027da288e857f546b531dd226d81206bfa85a35985b0e1587a68dec4d5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:35:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:48:03 GMT
expires: Fri, 01 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 229636
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:40:43 GMT
expires: Fri, 01 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 248076
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lor-likar.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js
212.224.121.194200 OK 0 B URL HTTP/2 lor-likar.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 22:29:19 GMT
etag: W/"628d5c3f-194b"
expires: Tue, 03 Jan 2023 13:35:18 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
lor-likar.com/wp-content/themes/lor/img/icon_viber.svg
212.224.121.194200 OK 0 B URL HTTP/2 lor-likar.com/wp-content/themes/lor/img/icon_viber.svg
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /wp-content/themes/lor/img/icon_viber.svg HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: image/svg+xml
last-modified: Tue, 26 Oct 2021 18:32:14 GMT
etag: W/"617849ae-1055"
expires: Tue, 03 Jan 2023 13:35:18 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
lor-likar.com/wp-content/themes/lor/img/features.svg
212.224.121.194200 OK 0 B URL HTTP/2 lor-likar.com/wp-content/themes/lor/img/features.svg
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /wp-content/themes/lor/img/features.svg HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: image/svg+xml
last-modified: Tue, 26 Oct 2021 18:32:14 GMT
etag: W/"617849ae-1f55f"
expires: Tue, 03 Jan 2023 13:35:18 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
lor-likar.com/wp-content/cache/autoptimize/css/autoptimize_c38a94aef7f870fd723d14adf23faab8.css
212.224.121.194200 OK 0 B URL HTTP/2 lor-likar.com/wp-content/cache/autoptimize/css/autoptimize_c38a94aef7f870fd723d14adf23faab8.css
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
Analyzer Verdict Alert openphish Facebook, Inc.
GET /wp-content/cache/autoptimize/css/autoptimize_c38a94aef7f870fd723d14adf23faab8.css HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: text/css
last-modified: Tue, 15 Nov 2022 22:53:43 GMT
etag: W/"63741877-22976"
expires: Tue, 03 Jan 2023 13:35:18 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
lor-likar.com/wp-content/themes/lor/img/social_2.svg
212.224.121.194200 OK 0 B URL HTTP/2 lor-likar.com/wp-content/themes/lor/img/social_2.svg
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /wp-content/themes/lor/img/social_2.svg HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: image/svg+xml
last-modified: Tue, 26 Oct 2021 18:32:14 GMT
etag: W/"617849ae-ca5"
expires: Tue, 03 Jan 2023 13:35:18 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
lor-likar.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
212.224.121.194200 OK 0 B URL HTTP/2 lor-likar.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 10:34:24 GMT
etag: W/"636247b0-459f"
expires: Tue, 03 Jan 2023 13:35:18 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Raleway:wght@400;500;700&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Raleway:wght@400;500;700&display=swap
IP 142.250.74.106:0
GET /css2?family=Raleway:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Dec 2022 13:35:18 GMT
date: Sun, 04 Dec 2022 13:35:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lor-likar.com/wp-content/themes/lor/js/navigation.js
212.224.121.194200 OK 0 B URL HTTP/2 lor-likar.com/wp-content/themes/lor/js/navigation.js
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /wp-content/themes/lor/js/navigation.js HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: application/javascript
last-modified: Tue, 26 Oct 2021 18:32:12 GMT
etag: W/"617849ac-ba0"
expires: Tue, 03 Jan 2023 13:35:18 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
lor-likar.com/wp-content/themes/lor/img/raiting.svg
212.224.121.194200 OK 0 B URL HTTP/2 lor-likar.com/wp-content/themes/lor/img/raiting.svg
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /wp-content/themes/lor/img/raiting.svg HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: image/svg+xml
last-modified: Tue, 26 Oct 2021 18:32:14 GMT
etag: W/"617849ae-db9"
expires: Tue, 03 Jan 2023 13:35:18 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
lor-likar.com/wp-content/themes/lor/js/slick.min.js
212.224.121.194200 OK 0 B URL HTTP/2 lor-likar.com/wp-content/themes/lor/js/slick.min.js
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /wp-content/themes/lor/js/slick.min.js HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: application/javascript
last-modified: Tue, 26 Oct 2021 18:32:12 GMT
etag: W/"617849ac-a76f"
expires: Tue, 03 Jan 2023 13:35:18 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/@popperjs/core@2.9.3/dist/umd/popper.min.js
104.16.88.20200 OK 0 B URL HTTP/2 cdn.jsdelivr.net/npm/@popperjs/core@2.9.3/dist/umd/popper.min.js
IP 104.16.88.20:0
GET /npm/@popperjs/core@2.9.3/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lor-likar.com
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 2.9.3
x-jsd-version-type: version
etag: W/"49b9-9uMDnVtkfnyfeSk9x8RssoYAPWw"
x-served-by: cache-fra19179-FRA, cache-itm18827-ITM
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 17819769
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2B6z1N5XDgO0l%2BkGefjOvuiklMbHCH0M1dwYFM8QocMQaWo1UFw7r74a8Z9T%2BTYqhWXJcrQSEuPDTpGBwxzWjIiY4SJXYnJQepFVa5gfvUBb820cJ3wMmWotC0v1fseoKo4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7744ecabffe6b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lor-likar.com/wp-json/contact-form-7/v1/contact-forms/46/refill
212.224.121.194200 OK 0 B URL HTTP/2 lor-likar.com/wp-json/contact-form-7/v1/contact-forms/46/refill
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /wp-json/contact-form-7/v1/contact-forms/46/refill HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lor-likar.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1641104192.1670160917; _gid=GA1.2.1007301933.1670160917; _gat_UA-195636972-1=1; _fbp=fb.1.1670160917121.1441464366
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:20 GMT
content-type: application/json; charset=UTF-8
x-robots-tag: noindex
link: <https://lor-likar.com/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
x-litespeed-tag: 03a_HTTP.200
vary: Origin
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: gzip
X-Firefox-Spdy: h2
lor-likar.com/wp-json/contact-form-7/v1/contact-forms/47/refill
212.224.121.194200 OK 0 B URL HTTP/2 lor-likar.com/wp-json/contact-form-7/v1/contact-forms/47/refill
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /wp-json/contact-form-7/v1/contact-forms/47/refill HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lor-likar.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1641104192.1670160917; _gid=GA1.2.1007301933.1670160917; _gat_UA-195636972-1=1; _fbp=fb.1.1670160917121.1441464366
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:20 GMT
content-type: application/json; charset=UTF-8
x-robots-tag: noindex
link: <https://lor-likar.com/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
x-litespeed-tag: 03a_HTTP.200
vary: Origin
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: gzip
X-Firefox-Spdy: h2
lor-likar.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js
212.224.121.194200 OK 0 B URL HTTP/2 lor-likar.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lor-likar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 10:38:52 GMT
etag: W/"634fd3bc-26d1"
expires: Tue, 03 Jan 2023 13:35:18 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
lor-likar.com/
212.224.121.194200 OK 0 B IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET / HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:18 GMT
content-type: text/html; charset=UTF-8
x-litespeed-tag: 03a_HTTP.200
link: <https://lor-likar.com/>; rel=shortlink
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: gzip
X-Firefox-Spdy: h2
lor-likar.com/wp-json/contact-form-7/v1/contact-forms/45/refill
212.224.121.194200 OK 0 B URL HTTP/2 lor-likar.com/wp-json/contact-form-7/v1/contact-forms/45/refill
IP 212.224.121.194:0
ASN #44066 diva-e Datacenters GmbH
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /wp-json/contact-form-7/v1/contact-forms/45/refill HTTP/1.1
Host: lor-likar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lor-likar.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1641104192.1670160917; _gid=GA1.2.1007301933.1670160917; _gat_UA-195636972-1=1; _fbp=fb.1.1670160917121.1441464366
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:35:20 GMT
content-type: application/json; charset=UTF-8
x-robots-tag: noindex
link: <https://lor-likar.com/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
x-litespeed-tag: 03a_HTTP.200
vary: Origin
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: gzip
X-Firefox-Spdy: h2