Report - agricolapatagonia.com/adobe/adobe-3d6/

Report Overview

Submitted URL
agricolapatagonia.com/adobe/adobe-3d6/
IP
151.101.194.159
ASN
#54113 FASTLY
Submitted
2023-01-30 09:21:26
Access
Website Title
Final URL
Tags
suspicious
urlquery detections
Suspicious - Suspicious JS code

Detections

urlquery
5
Network Intrusion Detection
0
Threat Detection Systems
34

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.0 kB	5.3 kB	23.33.119.27
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	1.7 kB	3.5 kB	142.250.74.131
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	881 B	2.4 kB	142.250.74.106
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.160.141.134
agricolapatagonia.com	unknown	2022-01-20T14:00:38Z	2023-03-07T06:39:01Z	9.0 kB	245 kB	151.101.194.159
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	1.0 kB	45 kB	142.250.74.35
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	56 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-30	medium	agricolapatagonia.com/adobe/adobe-3d6/	Phishing
2023-01-30	medium	agricolapatagonia.com/adobe/adobe-3d6/	Phishing
2023-01-30	medium	agricolapatagonia.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	Phishing
2023-01-30	medium	agricolapatagonia.com/wp-content/themes/eddyln/js/navigation.js?ver=1.0.8	Phishing
2023-01-30	medium	agricolapatagonia.com/wp-content/themes/eddyln/js/skip-link-focus-fix.js?ver=1.0.8	Phishing
2023-01-30	medium	agricolapatagonia.com/wp-content/themes/eddyln/js/jquery.fitvids.js?ver=1.0.8	Phishing
2023-01-30	medium	agricolapatagonia.com/wp-content/themes/eddyln/js/jquery.fitvids-init.js?ver=1.0.8	Phishing
2023-01-30	medium	agricolapatagonia.com/wp-includes/js/underscore.min.js?ver=1.13.4	Phishing
2023-01-30	medium	agricolapatagonia.com/wp-includes/js/backbone.min.js?ver=1.4.1	Phishing
2023-01-30	medium	agricolapatagonia.com/wp-content/plugins/ninja-forms/assets/js/min/front-end.js?ver=3.5.7	Phishing
2023-01-30	medium	agricolapatagonia.com/wp-content/plugins/ninja-forms/assets/js/min/front-end-deps.js?ver=3.5.7	Phishing
2023-01-30	medium	agricolapatagonia.com/wp-includes/css/classic-themes.min.css?ver=1	Phishing
2023-01-30	medium	agricolapatagonia.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	Phishing
2023-01-30	medium	agricolapatagonia.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1	Phishing
2023-01-30	medium	agricolapatagonia.com/wp-includes/css/dashicons.min.css?ver=6.1.1	Phishing
2023-01-30	medium	agricolapatagonia.com/wp-content/plugins/ninja-forms/assets/css/display-opinions-light.css?ver=6.1.1	Phishing
2023-01-30	medium	agricolapatagonia.com/wp-content/plugins/ninja-forms/assets/css/font-awesome.min.css?ver=6.1.1	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (19)

	URL	Size	First Seen	Last Seen
	agricolapatagonia.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-19
Pretty URL agricolapatagonia.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 151.101.194.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-19 22:30:21 Times Seen68500 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	agricolapatagonia.com/wp-includes/js/backbone.min.js?ver=1.4.1	24 kB	2023-03-08	2024-04-17
Pretty URL agricolapatagonia.com/wp-includes/js/backbone.min.js?ver=1.4.1 IP 151.101.194.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:28:12 Last Seen2024-04-17 19:29:16 Times Seen368 Hash 3946486d524bca0329b4572f273e0fc4 c5d80848f05dee7165529b34c67d52164ef23531 a714d3e7cd0751a5f1428881d65043743826415dbdcf7b3f3bc3f938180f18da Loading...

	agricolapatagonia.com/adobe/adobe-3d6/	13 kB	2023-03-13	2023-08-08
Pretty URL agricolapatagonia.com/adobe/adobe-3d6/ IP 151.101.194.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:16:58 Last Seen2023-08-08 22:11:08 Times Seen7 Hash d5908fac36193c607a7146093409a0cd 9a3371b6e3dbdf51dd561518f69702120e197269 6d85651b8c4e26bc0b390fe8ac0456dde0bab95ded0baf382f382c4ae047528f Loading...

	agricolapatagonia.com/wp-content/themes/eddyln/js/skip-link-focus-fix.js?ver=1.0.8	761 B	2023-03-08	2024-01-07
Pretty URL agricolapatagonia.com/wp-content/themes/eddyln/js/skip-link-focus-fix.js?ver=1.0.8 IP 151.101.194.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:38:27 Last Seen2024-01-07 17:32:34 Times Seen30 Hash 47a7422f3889aac6d190535cbdd41dbc 2b1698fc0241f7059dd9bf14569fc1620907550f 9a1b5154ea978ab753b3dc25204e77e583c193c902edae03b759d032620cafdf Loading...

	agricolapatagonia.com/adobe/adobe-3d6/	2.2 kB	2023-03-13	2023-03-13
Pretty URL agricolapatagonia.com/adobe/adobe-3d6/ IP 151.101.194.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:16:58 Last Seen2023-03-13 12:17:52 Times Seen1 Hash 92ca600f7040f2cd44847864ec0055b5 e2b013a449a7b1126919e6ff211f22709d691f02 9c8f9cd32a184c272e272f75c18f6ef57d2e38a13dffbe82a31e400c4517db2a Loading...

	agricolapatagonia.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	19 kB	2023-03-07	2024-04-19
Pretty URL agricolapatagonia.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 151.101.194.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-19 20:39:52 Times Seen37996 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	agricolapatagonia.com/wp-content/themes/eddyln/js/jquery.fitvids-init.js?ver=1.0.8	228 B	2023-03-08	2024-01-07
Pretty URL agricolapatagonia.com/wp-content/themes/eddyln/js/jquery.fitvids-init.js?ver=1.0.8 IP 151.101.194.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:38:27 Last Seen2024-01-07 17:32:34 Times Seen30 Hash 1ba0500d59d4550db4e4f196ec9c9b5d 4d6923cde03da7540f365b9dac5ed3d670313837 c54355ac1c065fc6ff45e8cca61bb64aca6048cdc54a0b33a534460a6f03117f Loading...

	agricolapatagonia.com/adobe/adobe-3d6/	14 kB	2023-03-13	2023-03-13
Pretty URL agricolapatagonia.com/adobe/adobe-3d6/ IP 151.101.194.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:16:58 Last Seen2023-03-13 12:17:51 Times Seen1 Hash c8c531eae28d00ad6f1aace345bfa6e5 79d3fbe63d416520dbe9cc37a9c9ada861550cdf 567d920f592f54e634ec94f93202cc58bd5cb6547d94fe6856244a4f53f8c111 Loading...

	agricolapatagonia.com/adobe/adobe-3d6/	3.5 kB	2023-03-13	2023-03-13
Pretty URL agricolapatagonia.com/adobe/adobe-3d6/ IP 151.101.194.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:16:58 Last Seen2023-03-13 12:17:52 Times Seen1 Hash e7c1ffbd88a0f9fffa9b4d46a9e6be00 faf0b0d8d71d46b82afb5cd7243fa45d08bb9c4f a9d1febec395b40856779713e1d0dfc9a12fd529e482e07e48e945706c2b7b31 Loading...

	agricolapatagonia.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-04-19
Pretty URL agricolapatagonia.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 151.101.194.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-19 20:39:51 Times Seen31782 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	agricolapatagonia.com/wp-includes/js/underscore.min.js?ver=1.13.4	19 kB	2023-03-08	2024-04-20
Pretty URL agricolapatagonia.com/wp-includes/js/underscore.min.js?ver=1.13.4 IP 151.101.194.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:29 Last Seen2024-04-20 00:22:52 Times Seen41242 Hash f88d5720bb454ed5d204cbdb56901f6b f1952292fde4b15936e9aac16b2b9896684db95b 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a Loading...

	agricolapatagonia.com/wp-content/themes/eddyln/js/jquery.fitvids.js?ver=1.0.8	3.1 kB	2023-03-08	2024-01-07
Pretty URL agricolapatagonia.com/wp-content/themes/eddyln/js/jquery.fitvids.js?ver=1.0.8 IP 151.101.194.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:38:27 Last Seen2024-01-07 17:32:34 Times Seen32 Hash 3879e4ad32fe571c0fc6cf5035287992 d96db25fd71e0741824205046e91039a422ece56 cd11e4535f4768f6485acc8a1a09b23b8e800685b216106a3055117deaae3824 Loading...

	agricolapatagonia.com/adobe/adobe-3d6/	11 kB	2023-03-13	2023-03-13
Pretty URL agricolapatagonia.com/adobe/adobe-3d6/ IP 151.101.194.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:16:58 Last Seen2023-03-13 12:17:52 Times Seen1 Hash e70d53d556b592fcc8715f80498e14ad 14c6e45660dcaabcc49ef1c953e0ec5366009bf3 3b1c5c09033434e9d731ab0bbf33ca1ac47b0ac0486a64994717c17a3407f0b0 Loading...

	unknown	0 B	2023-03-07	2024-04-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-20 01:55:39 Times Seen36969183 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	agricolapatagonia.com/wp-content/plugins/ninja-forms/assets/js/min/front-end-deps.js?ver=3.5.7	62 kB	2023-03-08	2023-12-10
Pretty URL agricolapatagonia.com/wp-content/plugins/ninja-forms/assets/js/min/front-end-deps.js?ver=3.5.7 IP 151.101.194.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:39:57 Last Seen2023-12-10 02:36:19 Times Seen67 Hash c71ec2b5659f059d42b2521d99fb63b4 41325485be4c8870e52ca5c6e6d63908e8f5a0fa 79fa511ea1251897ae53b084182bca90953d1ccdf741fb35478c1902bb64a7eb Loading...

	agricolapatagonia.com/wp-content/themes/eddyln/js/navigation.js?ver=1.0.8	4.4 kB	2023-03-08	2024-01-07
Pretty URL agricolapatagonia.com/wp-content/themes/eddyln/js/navigation.js?ver=1.0.8 IP 151.101.194.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:38:27 Last Seen2024-01-07 17:32:34 Times Seen29 Hash c0ca55093a906d08587640d813a5d099 ff4119a30bf8af7a4cc5ff05c7c90f4dd3697421 70858a021c04143b5119e699473892a639a1190260bdbe97e02302c6f7a9dcb6 Loading...

	agricolapatagonia.com/adobe/adobe-3d6/	5.2 kB	2023-03-13	2023-03-13
Pretty URL agricolapatagonia.com/adobe/adobe-3d6/ IP 151.101.194.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:16:58 Last Seen2023-03-13 12:17:52 Times Seen1 Hash 620c8a8065041ba794dbe28dde8c8112 f35c5d69edfd60c83da5ed59c1d261a136f7876c bc83c2678321d425811af0f21720ca2a02c4e198744e3c87cd1190e2b1fe14a1 Loading...

		Size	First Seen	Last Seen
	#1 Write - 58cf1d6c125f6499fe8e85b470e1cafc	11 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 12:16:58 Last Seen2023-03-13 12:17:52 Times Seen1 Hash 58cf1d6c125f6499fe8e85b470e1cafc fd7666d4812aa2661f09196089c9dfe73dd4f6ba 623c03aaea50a0d678db9766dfd92a895103acfb177ee52ca3cc9eadac92324f Loading...

	#2 Write - 32899c63dd3834aa9ea6fd0761dd4e36	3.6 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 12:16:58 Last Seen2023-03-13 12:17:52 Times Seen1 Hash 32899c63dd3834aa9ea6fd0761dd4e36 4e4813daf00d91d8b59f3cd99a826f637ba2bcfa 3a1156d926f91a480732c04d81f42b48dc05d136ed69853da48683fa229230ad Loading...

HTTP Transactions (46)

URL IP Response Size

agricolapatagonia.com/adobe/adobe-3d6/

151.101.194.159

301 Moved Permanently

162 B

URL HTTP/1.1
agricolapatagonia.com/adobe/adobe-3d6/
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Suspicious JS code
fortinet	Phishing

HTTP Headers

GET /adobe/adobe-3d6/ HTTP/1.1
Host: agricolapatagonia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Location: https://agricolapatagonia.com/adobe/adobe-3d6/
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
X-FW-Server: Flywheel/5.1.0
X-FW-Hash: aqh6zwy1gf
X-FW-Version: 5.0.0
Server: Flywheel/5.1.0
Accept-Ranges: bytes
Date: Mon, 30 Jan 2023 09:21:15 GMT
X-Served-By: cache-bma1620-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1675070476.715694,VS0,VE122
Vary: Authorization
X-FW-Serve: TRUE
X-FW-Static: NO
X-FW-Type: VISIT

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7189
Expires: Mon, 30 Jan 2023 11:21:04 GMT
Date: Mon, 30 Jan 2023 09:21:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17247
Expires: Mon, 30 Jan 2023 14:08:42 GMT
Date: Mon, 30 Jan 2023 09:21:15 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 08:43:11 GMT
content-type: application/json
age: 2284
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3965
Expires: Mon, 30 Jan 2023 10:27:20 GMT
Date: Mon, 30 Jan 2023 09:21:15 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: ghQBWAcC+8KyhU2P9/D7tbfz3egKeqv1waLT6Rp0RLXds8I0blLi50/YJpZ8RI4YqlCdMz11TrI=
x-amz-request-id: 3Q85EH8ERJ2Z59BD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 08:21:43 GMT
age: 3572
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 09:21:16 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 08:49:04 GMT
age: 1932
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5505
Expires: Mon, 30 Jan 2023 10:53:01 GMT
Date: Mon, 30 Jan 2023 09:21:16 GMT
Connection: keep-alive

agricolapatagonia.com/adobe/adobe-3d6/

151.101.194.159

200 OK

18 kB

URL HTTP/2
agricolapatagonia.com/adobe/adobe-3d6/
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
HTML document, ASCII text, with very long lines (14507)
Size
18 kB (18294 bytes)
Hash
bf9197e6030eaa1945fc611ed141cf3a
71030a887b7e90598d1243f025863d778defd015
31f677dde34c4091d72052523d90b8efcaeb8ec57042b0848b6361d2de03bc0c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Suspicious JS code
fortinet	Phishing

HTTP Headers

GET /adobe/adobe-3d6/ HTTP/1.1
Host: agricolapatagonia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-dynamic: TRUE
x-fw-hash: aqh6zwy1gf
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:21:16 GMT
x-served-by: cache-bma1626-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675070476.012075,VS0,VE678
vary: Accept-Encoding
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
content-length: 18294
X-Firefox-Spdy: h2

agricolapatagonia.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

151.101.194.159

200 OK

34 kB

URL HTTP/2
agricolapatagonia.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65447)
Size
34 kB (34161 bytes)
Hash
0f9984c60ff89c58395cad7c309f7baf
5f44ff87ee19e1427a7dfcfb079ab88273e2af1f
0dddffc97ab66c2cf2dd615f7f6ca217b8f8eadaa4e8224c2c7d4447878444e7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: agricolapatagonia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://agricolapatagonia.com/adobe/adobe-3d6/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 20:31:33 GMT
etag: W/"6373f725-15e54"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: aqh6zwy1gf
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:21:16 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675070477.794971,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 34161
X-Firefox-Spdy: h2

agricolapatagonia.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

151.101.194.159

200 OK

4.4 kB

URL HTTP/2
agricolapatagonia.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (11126)
Size
4.4 kB (4405 bytes)
Hash
24957bc8161f979c6e661f46fdc3974f
fa1237ffe8b3745baa78ac481239038e133fcc17
46acf87c90961d413ac24eace25b77a8d5236daf38799fec2daf0bc350cc6ebe

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: agricolapatagonia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://agricolapatagonia.com/adobe/adobe-3d6/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 20:31:33 GMT
etag: W/"6373f725-2bd8"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: aqh6zwy1gf
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:21:16 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675070477.795786,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4405
X-Firefox-Spdy: h2

agricolapatagonia.com/wp-content/themes/eddyln/js/navigation.js?ver=1.0.8

151.101.194.159

200 OK

1.6 kB

URL HTTP/2
agricolapatagonia.com/wp-content/themes/eddyln/js/navigation.js?ver=1.0.8
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
ASCII text
Size
1.6 kB (1632 bytes)
Hash
e4a882eea16cdf73827bba62119d2a79
205da8a125dac3e5779b3c47045a71dcc314c1b6
b36dce4fea365537e88d80cabbee70f9716e497b006abe7f7db419afc4c294a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/eddyln/js/navigation.js?ver=1.0.8 HTTP/1.1
Host: agricolapatagonia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://agricolapatagonia.com/adobe/adobe-3d6/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 11 Jan 2021 01:46:05 GMT
etag: W/"5ffbaddd-1156"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: aqh6zwy1gf
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:21:16 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675070477.799085,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1632
X-Firefox-Spdy: h2

agricolapatagonia.com/wp-content/themes/eddyln/js/skip-link-focus-fix.js?ver=1.0.8

151.101.194.159

200 OK

462 B

URL HTTP/2
agricolapatagonia.com/wp-content/themes/eddyln/js/skip-link-focus-fix.js?ver=1.0.8
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
ASCII text
Size
462 B (462 bytes)
Hash
5cb1638fca29754f341fdb2854925947
20e3ae01c960dc93233c7f2c9d58aedd088c95f9
10394770ad13b53faa9d6df6be4a47fb2c2c5f93e7e50b2020279d06dfacdd08

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/eddyln/js/skip-link-focus-fix.js?ver=1.0.8 HTTP/1.1
Host: agricolapatagonia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://agricolapatagonia.com/adobe/adobe-3d6/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 11 Jan 2021 01:46:05 GMT
etag: W/"5ffbaddd-2f9"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: aqh6zwy1gf
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:21:16 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675070477.802320,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 462
X-Firefox-Spdy: h2

agricolapatagonia.com/wp-content/themes/eddyln/js/jquery.fitvids.js?ver=1.0.8

151.101.194.159

200 OK

1.3 kB

URL HTTP/2
agricolapatagonia.com/wp-content/themes/eddyln/js/jquery.fitvids.js?ver=1.0.8
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
HTML document, ASCII text
Size
1.3 kB (1289 bytes)
Hash
7bcbc932981d7ef65766db9825b5c9ef
3f6ae3a84f6d87379b68869d334d1f431566a739
4271a7ebf6171263180fb9331030f5fdc198041f73ef8366d36b43747ce86e20

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/eddyln/js/jquery.fitvids.js?ver=1.0.8 HTTP/1.1
Host: agricolapatagonia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://agricolapatagonia.com/adobe/adobe-3d6/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 11 Jan 2021 01:46:05 GMT
etag: W/"5ffbaddd-bfb"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: aqh6zwy1gf
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:21:16 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675070477.802532,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1289
X-Firefox-Spdy: h2

agricolapatagonia.com/wp-content/themes/eddyln/js/jquery.fitvids-init.js?ver=1.0.8

151.101.194.159

200 OK

188 B

URL HTTP/2
agricolapatagonia.com/wp-content/themes/eddyln/js/jquery.fitvids-init.js?ver=1.0.8
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
ASCII text
Size
188 B (188 bytes)
Hash
f6f5325ae1d45787c69304f12acc04a3
d5c81c0e5e8c3683c9bff170d6ecd100499adcc3
db1d0696627babe6731bc63423dee3972671d54380c09dd15f444a6b31f5dd36

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/eddyln/js/jquery.fitvids-init.js?ver=1.0.8 HTTP/1.1
Host: agricolapatagonia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://agricolapatagonia.com/adobe/adobe-3d6/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 11 Jan 2021 01:46:05 GMT
etag: W/"5ffbaddd-e4"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: aqh6zwy1gf
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:21:16 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675070477.802795,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 188
X-Firefox-Spdy: h2

agricolapatagonia.com/wp-includes/js/underscore.min.js?ver=1.13.4

151.101.194.159

200 OK

7.8 kB

URL HTTP/2
agricolapatagonia.com/wp-includes/js/underscore.min.js?ver=1.13.4
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (18798)
Size
7.8 kB (7778 bytes)
Hash
b533d8e367ce6f601946cfe7277a306f
ae45e3f3cb21612eb14d17a040bc77cee4e0665c
60a0dd881a26574014771555ea894eb5c51a1077d69f9b36aad4ab018496113d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: agricolapatagonia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://agricolapatagonia.com/adobe/adobe-3d6/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 20:31:33 GMT
etag: W/"6373f725-4991"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: aqh6zwy1gf
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:21:16 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675070477.803021,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 7778
X-Firefox-Spdy: h2

agricolapatagonia.com/wp-includes/js/backbone.min.js?ver=1.4.1

151.101.194.159

200 OK

8.6 kB

URL HTTP/2
agricolapatagonia.com/wp-includes/js/backbone.min.js?ver=1.4.1
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (23813)
Size
8.6 kB (8621 bytes)
Hash
af622240de76324e757be3f551aa4fc2
638b4bb9d23f21bd7ed76359dab7a87f40e9941e
b37e63ca927b91c96e1e99a38e8d76bbcaea77936366d467dc2d05635d1c5281

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/backbone.min.js?ver=1.4.1 HTTP/1.1
Host: agricolapatagonia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://agricolapatagonia.com/adobe/adobe-3d6/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 20:31:33 GMT
etag: W/"6373f725-5d28"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: aqh6zwy1gf
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:21:16 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675070477.806416,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 8621
X-Firefox-Spdy: h2

agricolapatagonia.com/wp-content/plugins/ninja-forms/assets/js/min/front-end.js?ver=3.5.7

151.101.194.159

200 OK

50 kB

URL HTTP/2
agricolapatagonia.com/wp-content/plugins/ninja-forms/assets/js/min/front-end.js?ver=3.5.7
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
ASCII text
Size
50 kB (50395 bytes)
Hash
fe6c2873bac7681e50d6876d35fad20c
90ade4c789fe573f9e6c067df641856254004232
8981a260cbbdcd98932dee515c76c190c685f070d3f96937f9d3586e729a3dd4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/ninja-forms/assets/js/min/front-end.js?ver=3.5.7 HTTP/1.1
Host: agricolapatagonia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://agricolapatagonia.com/adobe/adobe-3d6/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Sun, 05 Sep 2021 20:17:58 GMT
etag: W/"613525f6-34ec8"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: aqh6zwy1gf
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:21:16 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675070477.807587,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 50395
X-Firefox-Spdy: h2

agricolapatagonia.com/wp-content/plugins/ninja-forms/assets/js/min/front-end-deps.js?ver=3.5.7

151.101.194.159

200 OK

19 kB

URL HTTP/2
agricolapatagonia.com/wp-content/plugins/ninja-forms/assets/js/min/front-end-deps.js?ver=3.5.7
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (32153)
Size
19 kB (19206 bytes)
Hash
4103995085a7e707961f2db8281bd905
c8f8446cc2b17c5cb3d0c26ff4ec321bd86bcee2
aa4411c225539b1b7d7b049b6fb89d5a5f2572bcad379459bc3f37229aeb0a9d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/ninja-forms/assets/js/min/front-end-deps.js?ver=3.5.7 HTTP/1.1
Host: agricolapatagonia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://agricolapatagonia.com/adobe/adobe-3d6/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Sun, 05 Sep 2021 20:17:58 GMT
etag: W/"613525f6-f109"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: aqh6zwy1gf
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:21:16 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675070477.807409,VS0,VE4
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 19206
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 09:21:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

agricolapatagonia.com/wp-includes/css/classic-themes.min.css?ver=1

151.101.194.159

200 OK

189 B

URL HTTP/2
agricolapatagonia.com/wp-includes/css/classic-themes.min.css?ver=1
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
ASCII text
Size
189 B (189 bytes)
Hash
5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: agricolapatagonia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://agricolapatagonia.com/adobe/adobe-3d6/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 15 Nov 2022 20:31:33 GMT
etag: W/"6373f725-d9"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: aqh6zwy1gf
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:21:16 GMT
x-served-by: cache-bma1626-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675070477.793537,VS0,VE125
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 189
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Crimson+Text:400,400i,700,700i|Lato:400,400i,700&display=swap

142.250.74.106

200 OK

1.1 kB

URL HTTP/2
fonts.googleapis.com/css?family=Crimson+Text:400,400i,700,700i|Lato:400,400i,700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
1.1 kB (1137 bytes)
Hash
da2c5e1c70fff9641656ae53898f37d4
8bf1eeeff61bf6348bee5b19de6caf288bc486fc
317f589b9f54db5210f522bd5b7087f6cc2c68ed767a0c2209ae4ba66f811439

HTTP Headers

GET /css?family=Crimson+Text:400,400i,700,700i|Lato:400,400i,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agricolapatagonia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 30 Jan 2023 09:21:16 GMT
date: Mon, 30 Jan 2023 09:21:16 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

agricolapatagonia.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

151.101.194.159

200 OK

5.5 kB

URL HTTP/2
agricolapatagonia.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (15660)
Size
5.5 kB (5515 bytes)
Hash
17db16eba9de064a60b18a592b36634a
82fc955209623803111e48d5be3cf345315be6f5
1144901adf4e1d54838e6e04a2b75314f3b95518ee654d8c1742af50e355b433

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: agricolapatagonia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://agricolapatagonia.com/adobe/adobe-3d6/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 20:31:33 GMT
etag: W/"6373f725-48b9"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: aqh6zwy1gf
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:21:16 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675070477.982910,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 5515
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.160.141.134

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.160.141.134:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fgNVLwBW5cIfuqqQcGFy1Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KX9grbNPo6HpnuBIKpeTYttxDt4=

agricolapatagonia.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

151.101.194.159

200 OK

15 kB

URL HTTP/2
agricolapatagonia.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (47826)
Size
15 kB (14912 bytes)
Hash
494d5da4270464f0f04720e2d2274891
aa632853200ab33d1ac163033782a89b35ab74a5
4db474d81bc40165336350d9d3de98277cc7c49aa4d9096d451255749e99595b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: agricolapatagonia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://agricolapatagonia.com/adobe/adobe-3d6/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 15 Nov 2022 20:31:33 GMT
etag: W/"6373f725-172a9"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: aqh6zwy1gf
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:21:17 GMT
x-served-by: cache-bma1626-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675070477.792873,VS0,VE241
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 14912
X-Firefox-Spdy: h2

agricolapatagonia.com/wp-includes/css/dashicons.min.css?ver=6.1.1

151.101.194.159

200 OK

37 kB

URL HTTP/2
agricolapatagonia.com/wp-includes/css/dashicons.min.css?ver=6.1.1
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (58981)
Size
37 kB (36596 bytes)
Hash
004101af9c3befba2e10d525146a727f
077953fb6eed94ca90e8b301ec23fa9d0308587f
1fcba3a13205f4a577119cfebcb57d9c5519956f8e972c7fb8d9ce4fca557206

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dashicons.min.css?ver=6.1.1 HTTP/1.1
Host: agricolapatagonia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://agricolapatagonia.com/adobe/adobe-3d6/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 15 Nov 2022 20:31:33 GMT
etag: W/"6373f725-e688"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: aqh6zwy1gf
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:21:17 GMT
x-served-by: cache-bma1626-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675070477.796892,VS0,VE240
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 36596
X-Firefox-Spdy: h2

agricolapatagonia.com/wp-content/themes/eddyln/style.css?ver=1.0.8

151.101.194.159

200 OK

12 kB

URL HTTP/2
agricolapatagonia.com/wp-content/themes/eddyln/style.css?ver=1.0.8
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
data
Size
12 kB (12246 bytes)
Hash
f35f646c506f84f9057747ff1c2b85a6
5264819e18dbe9c404c57fa0a089d2e2890bab67
4c1eeef64d6470ec7fe687f04a72dbf0b78edd334af55245f746a2c9d0f9466f

HTTP Headers

GET /wp-content/themes/eddyln/style.css?ver=1.0.8 HTTP/1.1
Host: agricolapatagonia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://agricolapatagonia.com/adobe/adobe-3d6/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 20 Jan 2022 00:43:38 GMT
etag: W/"61e8b03a-d3fc"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: aqh6zwy1gf
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:21:17 GMT
x-served-by: cache-bma1626-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675070477.794471,VS0,VE363
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 12246
X-Firefox-Spdy: h2

agricolapatagonia.com/wp-content/plugins/ninja-forms/assets/css/display-opinions-light.css?ver=6.1.1

151.101.194.159

200 OK

7.7 kB

URL HTTP/2
agricolapatagonia.com/wp-content/plugins/ninja-forms/assets/css/display-opinions-light.css?ver=6.1.1
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (44971)
Size
7.7 kB (7734 bytes)
Hash
34c396ededf53fd784cef4f7dbe7b9a8
dd52b41de1d6132704a7e06f53eb90fdeda10caf
ff3afe63f4594bb594fedfa3bc52cf1f3e2a59ea795fb8ac0135d4f7ba883d3f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/ninja-forms/assets/css/display-opinions-light.css?ver=6.1.1 HTTP/1.1
Host: agricolapatagonia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://agricolapatagonia.com/adobe/adobe-3d6/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Sun, 05 Sep 2021 20:17:58 GMT
etag: W/"613525f6-afe3"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: aqh6zwy1gf
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:21:17 GMT
x-served-by: cache-bma1626-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675070477.797869,VS0,VE364
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 7734
X-Firefox-Spdy: h2

agricolapatagonia.com/wp-content/plugins/ninja-forms/assets/css/font-awesome.min.css?ver=6.1.1

151.101.194.159

200 OK

6.9 kB

URL HTTP/2
agricolapatagonia.com/wp-content/plugins/ninja-forms/assets/css/font-awesome.min.css?ver=6.1.1
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (27303)
Size
6.9 kB (6877 bytes)
Hash
dc48b06170c850f1865e4ccab33d7e11
1962ecf6e46ec173e9c8835e4f298dad6e6910fb
c261582e1c1d920a94fccaff3dca1ffcc76d2253ae8deb18f15c1ce22ca77ce9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/ninja-forms/assets/css/font-awesome.min.css?ver=6.1.1 HTTP/1.1
Host: agricolapatagonia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://agricolapatagonia.com/adobe/adobe-3d6/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Sun, 05 Sep 2021 20:17:58 GMT
etag: W/"613525f6-6b4a"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: aqh6zwy1gf
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:21:17 GMT
x-served-by: cache-bma1626-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675070477.798501,VS0,VE484
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 6877
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 09:21:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

142.250.74.35

200 OK

18 kB

URL HTTP/2
fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17908, version 1.0\012- data
Size
18 kB (17908 bytes)
Hash
e46b4e2e3b47cc232937ebf72b4c537e
2675bc06ee643b8c935370325a327efb74746e6a
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e

HTTP Headers

GET /s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://agricolapatagonia.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 12:51:14 GMT
expires: Sat, 27 Jan 2024 12:51:14 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
content-type: font/woff2
age: 246603
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 09:21:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 09:21:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/crimsontext/v19/wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2

142.250.74.35

200 OK

25 kB

URL HTTP/2
fonts.gstatic.com/s/crimsontext/v19/wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 25184, version 1.0\012- data
Size
25 kB (25184 bytes)
Hash
23eec75ba54d389a0188abbb596b7614
daa4672ad515a108325f52116e9a49aab8cdd5fa
538c7067580f457dd3dd98ebaabeb19405c12bdd01674d3db8fd9948ee73c862

HTTP Headers

GET /s/crimsontext/v19/wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://agricolapatagonia.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25184
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 18:49:51 GMT
expires: Fri, 26 Jan 2024 18:49:51 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 24 May 2022 18:26:18 GMT
content-type: font/woff2
age: 311486
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

agricolapatagonia.com/favicon.ico

151.101.194.159

404 Not Found

106 B

URL HTTP/2
agricolapatagonia.com/favicon.ico
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
106 B (106 bytes)
Hash
41e26d195447e282a13a3219d61c130c
4eb09944c10ac39f6adeebb6be44c8a1d732bc79
f9ed0f2922c4344a8b293d792c2d81fa68e568256170dbed363adb679d1e7783

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: agricolapatagonia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://agricolapatagonia.com/adobe/adobe-3d6/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: aqh6zwy1gf
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:21:17 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675070477.397394,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
content-length: 106
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 09:21:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2606
Expires: Mon, 30 Jan 2023 10:04:44 GMT
Date: Mon, 30 Jan 2023 09:21:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2606
Expires: Mon, 30 Jan 2023 10:04:44 GMT
Date: Mon, 30 Jan 2023 09:21:18 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9167 bytes)
Hash
3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 17:35:56 GMT
age: 56722
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f96350b-0dd8-46ee-a270-85f96329b7c9.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11095 bytes)
Hash
bb1a5e0a2bb1cacf87189373c118adf4
079974268f755aa38fb2cb32b8bcb748353c793f
1b0519e6bfca30a31b83d427302f7e22140f5b2da6f13cac37ea9c07abc42676

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f96350b-0dd8-46ee-a270-85f96329b7c9.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11095
x-amzn-requestid: dc7c00e2-cd2d-4265-8763-3dd7dbe223ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkFyEhJIAMFjpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6f1-541a17c362e95dfa5e90f58f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UuPN6Nq84hFgUDMbvpLTysWfU1JcRiecGH3tkdqDOOXBo9hVhmpMBA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:59:52 GMT
age: 40886
etag: "079974268f755aa38fb2cb32b8bcb748353c793f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9457 bytes)
Hash
51aa950d5eed7b90cab6632107092edc
e4388ced02e5576867e77547496dec1ac2338ef7
588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9457
x-amzn-requestid: 7c48e5ca-2128-43da-ba83-fd91568af1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkBOGHVoAMFQtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6d4-1b850ffd543f51f92dec3894;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3EXFa0gb46AbdZ9ZznGiPTemGZ7zWh9WLs5Yr1zmfyh_jyKA6o7xoA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:19:57 GMT
age: 39681
etag: "e4388ced02e5576867e77547496dec1ac2338ef7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7679 bytes)
Hash
3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VHh2SQ21xoDoBnGvM2kRiposhXuCE-DdWW1bM35kEykjbHYmhsldVA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:51:22 GMT
age: 41396
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfbdca6-432c-4f19-887a-3165827e4bc6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.7 kB (3678 bytes)
Hash
e8d680cbaee5ef3e7b8e09b174ed6ecf
6651a0d3041920798240ea67e827c3d458769fa9
4c74e8ebff95e67da678248d3dc1d3f42d98c8a0d33d54d9d2bde36314c9f952

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfbdca6-432c-4f19-887a-3165827e4bc6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3678
x-amzn-requestid: 21cd1ae3-b769-418a-b7f8-5efa486db859
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEvE-RIAMFpmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-6998009c289996563d78616a;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XbMeLjDaYoPiw42pUbszzOEqWeUdx01NI6zVLJFgp0r3B_2dHHxX-w==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:11:45 GMT
age: 40173
etag: "6651a0d3041920798240ea67e827c3d458769fa9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8464 bytes)
Hash
fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y6bDvcD7a3-A4DLC3cSdZT-yewV1kkFqcGr7AMuqvUeGA4A0pgF4wQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:59:27 GMT
age: 40911
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Ledger|Linden+Hill|Oswald:400,700&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Ledger|Linden+Hill|Oswald:400,700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Ledger|Linden+Hill|Oswald:400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://agricolapatagonia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 30 Jan 2023 09:21:16 GMT
date: Mon, 30 Jan 2023 09:21:16 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML