r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6ed951622549ed76959631f8a1bf497b
682b2dd2a72190510e3fa7bdb0c0c6f25a322dfb
86f5e5ae2da408a899d16c83b7ca441033ac0c30062cd29f2db1b1b5be666746
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86F5E5AE2DA408A899D16C83B7CA441033AC0C30062CD29F2DB1B1B5BE666746"
Last-Modified: Sat, 19 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8202
Expires: Sat, 19 Nov 2022 17:32:19 GMT
Date: Sat, 19 Nov 2022 15:15:37 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f732c50f6a2482aeea20552e0370c2d0
6f33119d5c38e92a0a62f3a46766ff86014e4d68
a47e38c199c5fecd5594544a3889e1cfca5547d85f19056f06eaeeadf17f4fe9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5296
Cache-Control: max-age=161032
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 15:15:37 GMT
Etag: "6378b071-1d7"
Expires: Mon, 21 Nov 2022 11:59:29 GMT
Last-Modified: Sat, 19 Nov 2022 10:31:13 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e7724a1f27dc1b5b2fb63c7e486f74db
ef0ea648ce8bc189d31382baec4b181c724af93b
2a46916079563d95fa6a695104ebf41829ee95a156d6e4d45b9aef7231a8a80e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A46916079563D95FA6A695104EBF41829EE95A156D6E4D45B9AEF7231A8A80E"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11104
Expires: Sat, 19 Nov 2022 18:20:41 GMT
Date: Sat, 19 Nov 2022 15:15:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 19 Nov 2022 14:44:56 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1841
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ba+d+qAn2eCkwL1/nHcwkihV9HcHjyt8iAUNLS84PeAdpnUV+e7JEeaWlE42Kcpg5ihsEGj0stU=
x-amz-request-id: KT72AX83CG0RGES0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 19 Nov 2022 14:16:03 GMT
age: 3574
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 15:15:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 19 Nov 2022 14:25:01 GMT
cache-control: public,max-age=3600
age: 3037
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 060d538b33e370fcd033339830d33a42
4a37d427988358eb318e18e2678c3484ef4a5ebd
efa33f92547243814b5bd3bca4f94d26055d590a4431611b3ba251a8d774bfbb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5088
Cache-Control: max-age=155762
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 15:15:38 GMT
Etag: "63789cac-1d7"
Expires: Mon, 21 Nov 2022 10:31:40 GMT
Last-Modified: Sat, 19 Nov 2022 09:06:52 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.187.102.159101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.102.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +96InwiwZQeipnhg59YNZg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: L4hgeaVbz18ncamrOVLIB4XTnbU=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12108
Expires: Sat, 19 Nov 2022 18:37:27 GMT
Date: Sat, 19 Nov 2022 15:15:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12108
Expires: Sat, 19 Nov 2022 18:37:27 GMT
Date: Sat, 19 Nov 2022 15:15:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12108
Expires: Sat, 19 Nov 2022 18:37:27 GMT
Date: Sat, 19 Nov 2022 15:15:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12108
Expires: Sat, 19 Nov 2022 18:37:27 GMT
Date: Sat, 19 Nov 2022 15:15:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12108
Expires: Sat, 19 Nov 2022 18:37:27 GMT
Date: Sat, 19 Nov 2022 15:15:39 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c537d4-e03f-4ec6-8922-6dce72c72ab9.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c537d4-e03f-4ec6-8922-6dce72c72ab9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 459df915ce91b32b2dcc4850516d68a0
d7a5473d367e7965a4af55acbf4675ed7088fab2
a03e26ebee79ad9b9dda1bf680e0d2467ae6d5e582589ada9fe6ddfa437c483c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c537d4-e03f-4ec6-8922-6dce72c72ab9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4851
x-amzn-requestid: 8c868655-d0eb-428d-9fc0-a7449f770bd4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brtDFF9HoAMFV9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748ee0-4f7daf8f7451dc5e0840f620;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:18:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xirMw5z5GPbmx9Sii_I4iNeh1GS5k9lGmaaJvUGAPWoVyP0Tldhf1w==
via: 1.1 e9ba0a9a729ff2960a04323bf1833df8.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 07:17:42 GMT
age: 28677
etag: "d7a5473d367e7965a4af55acbf4675ed7088fab2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e567bc1-d4b1-4dd2-b17e-3595ad1753e5.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e567bc1-d4b1-4dd2-b17e-3595ad1753e5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 35da1192dcadc6e329a9e60c16904301
90a146aef85765630a5e09e46a0a8682e204bec1
816d1387a3a91a82f0bdaa2b703b45aa30be206d30d4dd1e8ac5deca13de57ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e567bc1-d4b1-4dd2-b17e-3595ad1753e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10281
x-amzn-requestid: 11dffc4e-71d7-4195-8890-62c8a2092728
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-77EWaIAMF3WA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7f-3c0dc7e43023af827ac26958;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 48wUhxwMgsEj2J01EWOTCfWLNZPwFrjjXd6V_uSp8yae4YtGTTVlxA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 22:26:49 GMT
age: 60530
etag: "90a146aef85765630a5e09e46a0a8682e204bec1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 65a3db77-b2e6-40b9-a776-021c2e9b56d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubSsHbZoAMFZNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5aa-1286b97968cc2e4c7fe8ab29;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PYoD_MxycYfiNvyRlBnLWCcyqQK9sZi8y2ir1U9eCavNoAB-3oFcxg==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 03:43:53 GMT
age: 41506
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F680965e1-a075-4bd9-8788-73e1a3c92de2.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F680965e1-a075-4bd9-8788-73e1a3c92de2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e9f6e24e829065d4f201b4c9d9c8fd1
317ec439968641329b83210f7fcab59023310077
d1d304d12f3e1c2ad9cf9279bbb7cab4a954942ab86f41d5333e030cdc7a55c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F680965e1-a075-4bd9-8788-73e1a3c92de2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3842
x-amzn-requestid: 8effd7ec-299f-471f-8746-3cb81d94998b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: boYBREE6oAMFmfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63733a07-46160f6159dfb4a729e5d688;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 07:04:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 37fj6lqvqFTCEPkclxpI6OuYvlIB57GI2bS4wySNP3X4eQ3Lwy3WQA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 10:26:23 GMT
age: 17356
etag: "317ec439968641329b83210f7fcab59023310077"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F640a732f-1fd9-47b0-8311-39061579f99b.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F640a732f-1fd9-47b0-8311-39061579f99b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8cf981b1ea47b981c73aa1f291be4d8a
d18b869e1940841e9b03f66f5608e381f1727b37
3352a04b9596b594aeb5de3dc70047196a830e3ca79babf7c1b72ff1103b2d26
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F640a732f-1fd9-47b0-8311-39061579f99b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7754
x-amzn-requestid: 2c21447c-03bb-4e50-9eeb-a8ae86c0d204
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QRmFuiIAMFjWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa70-7a7e65fc5d443a1d70feb62b;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:40 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MFN-Yhp70fPLS4R_tVxEvzt-YQ7COwXaXrmifEfXfpiC0epJHSJq7w==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:36:25 GMT
age: 63554
etag: "d18b869e1940841e9b03f66f5608e381f1727b37"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d6b026c34985bbf2ebf89a62d0724c66
72369ebeccf447fa91ef77711d6297063c99777e
e5598ada634274ab9995dedda8c1fd18344abcfdd49b3a1aaede0a86fafc0f40
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3035
x-amzn-requestid: 3e3f3a7f-9a1d-4b37-b932-22c6e3e638f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QRcFOuoAMF_fQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6f-09dc20ea5620dd167e3f7265;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xvVfLfP2DUilu7GSJMGArO90Kdoq5cPBVtmtyVjZmX5ZKnvOjpR_UQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:36:25 GMT
age: 63554
etag: "72369ebeccf447fa91ef77711d6297063c99777e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
atlascrown.net/
50.87.148.136301 Moved Permanently 0 B IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 19 Nov 2022 15:15:37 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Redirect-By: WordPress
Set-Cookie: ppwp_wp_session=e793b287f8a82774ff75b85dc3007db7%7C%7C1668872738%7C%7C1668872378; expires=Sat, 19-Nov-2022 15:45:38 GMT; Max-Age=1800; path=/
mphb_session=1f11bf1a620f553f1ad929f43609a13b%7C%7C1668872738%7C%7C1668872378; expires=Sat, 19-Nov-2022 15:45:38 GMT; Max-Age=1800; path=/
PHPSESSID=1ac89fb58c7d751b26f54ad45a5dccc7; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://www.atlascrown.net/
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash acc533e105756ae3555439a35cd98615
e2285440cef032d46651e1ab380cb95a35a8e4d4
12737d97a3026d3c1501963aa4a104a4414c82c7820864b23d2152f90551519f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12737D97A3026D3C1501963AA4A104A4414C82C7820864B23D2152F90551519F"
Last-Modified: Sat, 19 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21553
Expires: Sat, 19 Nov 2022 21:14:53 GMT
Date: Sat, 19 Nov 2022 15:15:40 GMT
Connection: keep-alive
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js?ver=1.4.1
104.17.24.14200 OK 3.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js?ver=1.4.1
IP 104.17.24.14:0
File type ASCII text, with very long lines (9959)
Hash 908acf0ea0e8da0309bb2965bfbcab4f
f379a68308437c642db8dd82ecc0e4dc319d760b
33b0296cb0341be709cb2609ea40e77a4942d7db113d8e9a7184f684f927deee
GET /ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 15:15:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 3550
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-2748"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1868528
expires: Thu, 09 Nov 2023 15:15:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jOtswihIJeY5w2C1J%2B6EzbsWrpP0fitySV6hSFvyG40QXJzmsUkWFQpoaTIeO7Z7BG4GkB8Am6%2B6tF5rN6kEpnMmMEovvPl2lnpc8RUdxZ%2BFIccHcLpVOZe6hXPPNuVqBLzGCXhu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76c9e71e2899b4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/jquery-1.12.4.min.js?ver=1.12.4
69.16.175.42200 OK 34 kB URL HTTP/2 code.jquery.com/jquery-1.12.4.min.js?ver=1.12.4
IP 69.16.175.42:0
File type ASCII text, with very long lines (32077)
Hash fc7624613c4e25843694cdb7fa956f05
7765bb4016ae929e22be579ccde505b94c2a63c1
49c97d70ef48bfdc1d7b96271b5613bb099b2c040ebdf5624962aea92ff428ae
GET /jquery-1.12.4.min.js?ver=1.12.4 HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 15:15:42 GMT
content-encoding: gzip
content-length: 33738
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-17b8b"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1668870942.dop225.sk1.t,1668870942.cds221.sk1.hn,1668870942.cds251.sk1.c
X-Firefox-Spdy: h2
use.typekit.net/qca6mqh.css?ver=1
23.36.76.186200 OK 1.4 kB URL HTTP/2 use.typekit.net/qca6mqh.css?ver=1
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (516)
Hash 60b8f5cce35052880d65e9bd7ff80f6c
07fb0a46f02fae4bb5b1c2a24f8792b146263604
aa61b6260873fcccce76a7466a644e72936b0be80ac32a881c0c02ed2c8f76c9
GET /qca6mqh.css?ver=1 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 1443
date: Sat, 19 Nov 2022 15:15:42 GMT
X-Firefox-Spdy: h2
p.typekit.net/p.css?s=1&k=qca6mqh&ht=tk&f=15498.15501.15505.15506.15508.15509.15510.15701.15703.15705.15707.15708.15709.22708.22709.22710.22711.26839.26840.26841.26842&a=83560045&app=typekit&e=css
23.36.76.186200 OK 5 B URL HTTP/2 p.typekit.net/p.css?s=1&k=qca6mqh&ht=tk&f=15498.15501.15505.15506.15508.15509.15510.15701.15703.15705.15707.15708.15709.22708.22709.22710.22711.26839.26840.26841.26842&a=83560045&app=typekit&e=css
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
Hash 83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
GET /p.css?s=1&k=qca6mqh&ht=tk&f=15498.15501.15505.15506.15508.15509.15510.15701.15703.15705.15707.15708.15709.22708.22709.22710.22711.26839.26840.26841.26842&a=83560045&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css
cross-origin-resource-policy: cross-origin
etag: "613bee4d-5"
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
content-length: 5
unused62: 8096267
date: Sat, 19 Nov 2022 15:15:42 GMT
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.6.2
50.87.148.136200 OK 1.6 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.6.2
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4933), with no line terminators
Hash 971cfc62ecc92ebe1174a2c80671a10f
86989b6ba38041063eab75516aa10bfc3fc9a55f
e51fd87d27a0dedfe4afb52aab0d8708d369be1e16ff09b90245c145bd8847ba
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.6.2 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 06 Jul 2022 10:09:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1637
content-type: text/css
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-includes/css/classic-themes.min.css?ver=1
50.87.148.136200 OK 189 B URL HTTP/2 www.atlascrown.net/wp-includes/css/classic-themes.min.css?ver=1
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 02:16:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 189
content-type: text/css
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-admin/css/color-picker.min.css?ver=6.1.1
50.87.148.136200 OK 977 B URL HTTP/2 www.atlascrown.net/wp-admin/css/color-picker.min.css?ver=6.1.1
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3091)
Hash 6a9302b570b961ad7e7b6dd824e9890a
e82e6c5895ccc165740383f7bc62ee36dcd2a847
1a0e6c95e9d888580ea536b221ee5d204bf841c32b7083858713c8ea2cef34cd
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/css/color-picker.min.css?ver=6.1.1 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 24 Mar 2021 21:41:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 977
content-type: text/css
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
50.87.148.136200 OK 5.3 kB URL HTTP/2 www.atlascrown.net/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 May 2022 02:15:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5321
content-type: application/javascript
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/css/swiper.css?ver=4.5.0
50.87.148.136200 OK 1.4 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/css/swiper.css?ver=4.5.0
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 8eea3a55a1f1d03241e01d9320390253
db1729584bd5320f576e77ec76cb38ff2827d266
92038fc69f9702264c7078ab70742b07e95710a782d07d39786a634726804940
GET /wp-content/plugins/pt-holleta-addons/assets/css/swiper.css?ver=4.5.0 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 14:17:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1385
content-type: text/css
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/motopress-hotel-booking/vendors/kbwood/datepick/jquery.datepick.css?ver=4.2.4
50.87.148.136200 OK 1.1 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/motopress-hotel-booking/vendors/kbwood/datepick/jquery.datepick.css?ver=4.2.4
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 63abf26d6cb0673337a67b5c93325008
be42124d9de02b0bdb6aa5288b3511e07fd766c6
6edca8f21cb27efbe73c98ffbf0f722010fee245f993a1fc189e380a88c57353
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/motopress-hotel-booking/vendors/kbwood/datepick/jquery.datepick.css?ver=4.2.4 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 06 Jul 2022 10:23:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1085
content-type: text/css
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/mailchimp-for-wp/assets/css/form-themes.css?ver=4.8.7
50.87.148.136200 OK 1.5 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/mailchimp-for-wp/assets/css/form-themes.css?ver=4.8.7
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6836), with no line terminators
Hash e74d5959e65d81af0b5df6b44fce28a6
beb1fcb46ad2733e55da802431fce89f9a8486b4
223feaf37899c0072f76b6cc33ee446ff2dede021b0433d2ba71fedf28c8a66b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/mailchimp-for-wp/assets/css/form-themes.css?ver=4.8.7 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 14:19:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1457
content-type: text/css
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/motopress-hotel-booking/assets/css/mphb.min.css?ver=4.2.4
50.87.148.136200 OK 2.5 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/motopress-hotel-booking/assets/css/mphb.min.css?ver=4.2.4
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10684), with no line terminators
Hash a870f8165cc17ed0111887eac7e83bf5
545fbd8ccf7fca5fc968c4b24a92a97670b92504
095baa6f8d6ccf287e18a0f719cd73595a456864e0e93adaa9c251dc459b82e2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/motopress-hotel-booking/assets/css/mphb.min.css?ver=4.2.4 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 06 Jul 2022 10:23:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2479
content-type: text/css
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=6.1.1
50.87.148.136200 OK 3.4 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=6.1.1
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (14965), with no line terminators
Hash 8be7a878c560f1b146db163966f64d74
0dfdd50b2c3355c62cd7426649e819ba4a652495
7c7f8eb143a56619e051b210fa355e14ff4ff9f8fad982b0c4110c166a2aadca
GET /wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=6.1.1 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 06 Jul 2022 10:09:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3356
content-type: text/css
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/themes/holleta/css/woocommerce-layout.css?ver=6.1.1
50.87.148.136200 OK 3.7 kB URL HTTP/2 www.atlascrown.net/wp-content/themes/holleta/css/woocommerce-layout.css?ver=6.1.1
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash dd94dc2774b60ec457c0b1a663e3ba38
f2e39414068c590959cb3e173104ed0fe16891b5
a4581f706644b9b1ef03b080d363ee55fa322e0e8edb8e21ec015f18466a7971
GET /wp-content/themes/holleta/css/woocommerce-layout.css?ver=6.1.1 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 06 Apr 2021 13:11:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3731
content-type: text/css
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/themes/holleta/css/iconfont.css?ver=6.1.1
50.87.148.136200 OK 5.7 kB URL HTTP/2 www.atlascrown.net/wp-content/themes/holleta/css/iconfont.css?ver=6.1.1
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 42c5e05aa17d076e0a209016bea701c2
16464487a6a2012617b02beea42c3600c57f949a
c5d8cb4815ebb40f8e0f2188b429193188122bca19d892aa7a3f6751a701bfa7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/holleta/css/iconfont.css?ver=6.1.1 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 06 Apr 2021 13:11:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5674
content-type: text/css
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/themes/holleta/css/fontawesome.min.css?ver=6.1.1
50.87.148.136200 OK 12 kB URL HTTP/2 www.atlascrown.net/wp-content/themes/holleta/css/fontawesome.min.css?ver=6.1.1
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (55094)
Hash fa780bbf378ef9d358887df16e8a4168
1e09c9e9839dfc626214846ee3cbca380f53c6bd
79fa1d5cb9703c7a5150aa98681712cc61a2d36f5ab7466cdf1fa23adaa80c5b
GET /wp-content/themes/holleta/css/fontawesome.min.css?ver=6.1.1 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 06 Apr 2021 13:11:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12029
content-type: text/css
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/uploads/2022/04/atlas-crown-logo.png
50.87.148.136200 OK 11 kB URL HTTP/1.1 www.atlascrown.net/wp-content/uploads/2022/04/atlas-crown-logo.png
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 172 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash 7c285dcf6a8a01361b9fec41b7e245bd
5d2095cb3acf8059c64c9c2e9b46488efb3034f8
531c9d4bae70ab1e201d7b74362dd41183b667876c5f69bb98bd5e30a627625a
GET /wp-content/uploads/2022/04/atlas-crown-logo.png HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 15:15:42 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 28 Apr 2022 14:37:34 GMT
Accept-Ranges: bytes
Content-Length: 10656
Keep-Alive: timeout=5, max=75
Content-Type: image/png
www.atlascrown.net/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=3.2.15
50.87.148.136200 OK 16 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=3.2.15
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash 87880bb22a573d5119418068c0cc77ef
d1b572c579a20c0863d984c5506e7a684aed571e
c48dc88689c20653113972f12a66d90bef8b5fa7f8386c6210bea39ae7583909
GET /wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=3.2.15 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 06 Jul 2022 10:09:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 15513
content-type: text/css
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=3.2.15
50.87.148.136200 OK 4.0 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=3.2.15
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15499), with no line terminators
Hash 749c44c88a2538fb5b248e31058b61d3
ba08948b74ead6e0a6f8c963e26973287d4778e8
b3cc2018779505501063e9d3a1b2ae45d5eabeabdd9165e59379e987797485c8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=3.2.15 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 06 Jul 2022 10:09:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3993
content-type: text/css
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.6.1
50.87.148.136200 OK 1.2 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.6.1
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 57b5945094a547e06221f8f949e6d335
76fc7361f00684ea29ffbf4b7d46e5429b8c245a
f9d0da987075df31cc4cf8aed46bc193467ce7165568d83c8016e6fe904e72c3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.6.1 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 06 Jul 2022 10:09:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1200
content-type: application/javascript
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/css/pt-inline.css?ver=6.1.1
50.87.148.136200 OK 0 B URL HTTP/2 www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/css/pt-inline.css?ver=6.1.1
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/plugins/pt-holleta-addons/assets/css/pt-inline.css?ver=6.1.1 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 14:17:38 GMT
accept-ranges: bytes
content-length: 0
content-type: text/css
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/js/zilla-likes.js?ver=6.1.1
50.87.148.136200 OK 392 B URL HTTP/2 www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/js/zilla-likes.js?ver=6.1.1
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash a6d0d468d38471cbeeaca9e91ae85481
a500cbe007017fa932d3eaa7890bd15965d67cf8
8ddd7974b1341ad0eb1f01c388119242c722d0e99c3c6d7f20e928cb1bdcbe9a
GET /wp-content/plugins/pt-holleta-addons/assets/js/zilla-likes.js?ver=6.1.1 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 14:17:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 392
content-type: application/javascript
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.6.1
50.87.148.136200 OK 4.0 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.6.1
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9139)
Hash 5f3c95f97f566ce33b859d6b874d116d
e47be9178d33d8d8eefda83c853b560aaed71413
a0cea478b83a24f0c90bfaf776ed62fe8747395838a92d8c9f06ceb79b3e5918
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.6.1 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 06 Jul 2022 10:09:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3957
content-type: application/javascript
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/themes/holleta/style.css?ver=6.1.1
50.87.148.136200 OK 375 B URL HTTP/2 www.atlascrown.net/wp-content/themes/holleta/style.css?ver=6.1.1
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 215b93952bb05bfde44afb117602eaaf
9286d0be46dbea0fe8ca3d5377310d1552d22d17
7977f24666d340e256d60d1a686f2d27a058a9ad6840ab763adf5f535e07486a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/holleta/style.css?ver=6.1.1 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 06 Apr 2021 13:11:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 375
content-type: text/css
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/css/photoswipe.css
50.87.148.136200 OK 5.3 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/css/photoswipe.css
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d23efb12f4fe1652198afe2d6d86b13e
1c1a5b4d042be0dde0e5e8ef05b5bd8fa539dfb0
cc107ddb97986077168604266da722ef88fdd3d23ef0e017f645abf2bb66b7a3
GET /wp-content/plugins/pt-holleta-addons/assets/css/photoswipe.css HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 14:17:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5311
content-type: text/css
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/themes/holleta/css/select2.css?ver=6.1.1
50.87.148.136200 OK 1.4 kB URL HTTP/2 www.atlascrown.net/wp-content/themes/holleta/css/select2.css?ver=6.1.1
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 8cf329ac27ac7c10933ce3956855ff60
4acf8eb90863dc6fa32f07aa5bac3c220afe83fb
75f6bf47df03a5df5e969988eceaa63dc53e4cd59d3a7ed83307f8ff2f39ca72
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/holleta/css/select2.css?ver=6.1.1 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 06 Apr 2021 13:11:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1351
content-type: text/css
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.9.0
50.87.148.136200 OK 372 B URL HTTP/2 www.atlascrown.net/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.9.0
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 0507d06596355ea2efd09bb9c5b0e46c
9ae0e8f7847222b09264ada703c182fd89011126
fefb5c10a704ffcb6c905a785ec2af387ff7169dbe548fa4784cc5782797d4c2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.9.0 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 14:18:15 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 372
content-type: application/javascript
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/motopress-hotel-booking/vendors/kbwood/datepick/jquery.datepick-en-GB.js?ver=4.2.4
50.87.148.136200 OK 693 B URL HTTP/2 www.atlascrown.net/wp-content/plugins/motopress-hotel-booking/vendors/kbwood/datepick/jquery.datepick-en-GB.js?ver=4.2.4
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 (with BOM) text
Hash 804fe8841339b0461f9225880284e3c4
a21ab044d732f6057b6264485f8be3adf083e571
c2ac5f2f7902e55fc8f6340117aa164a938e75fca9f7ee3ea0091ed83266f1c7
GET /wp-content/plugins/motopress-hotel-booking/vendors/kbwood/datepick/jquery.datepick-en-GB.js?ver=4.2.4 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 06 Jul 2022 10:23:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 693
content-type: application/javascript
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/motopress-hotel-booking/vendors/kbwood/datepick/jquery.plugin.min.js?ver=4.2.4
50.87.148.136200 OK 1.4 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/motopress-hotel-booking/vendors/kbwood/datepick/jquery.plugin.min.js?ver=4.2.4
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 (with BOM) text, with very long lines (2986)
Hash 5554cb5473ed8112237a9d68d295f8f5
424876a9d5bda339b489f1db460ad6e3d9e21caa
bd20df48800794e66275d9e6129d80669bdd7b99655a8ec155cf359f76487cb4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/motopress-hotel-booking/vendors/kbwood/datepick/jquery.plugin.min.js?ver=4.2.4 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 06 Jul 2022 10:23:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1414
content-type: application/javascript
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/
50.87.148.136200 OK 55 kB IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (23287)
Hash 90db444f9b083128c2a7915c9886b1f3
6d29d58b1468507c8c24157bdc47311eb719814a
b14fca9c1ffe8397008f6710e2d0f1599f113828192104bc4465dea47f2d593b
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://www.atlascrown.net/wp-json/>; rel="https://api.w.org/", <https://www.atlascrown.net/wp-json/wp/v2/pages/2783>; rel="alternate"; type="application/json", <https://www.atlascrown.net/>; rel=shortlink
set-cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; expires=Sat, 19-Nov-2022 15:45:40 GMT; Max-Age=1800; path=/
mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; expires=Sat, 19-Nov-2022 15:45:40 GMT; Max-Age=1800; path=/
PHPSESSID=06f4923295a26ca09ca1d9581dff46c3; path=/
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 19 Nov 2022 15:15:40 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/motopress-hotel-booking/vendors/kbwood/datepick/jquery.datepick.min.js?ver=4.2.4
50.87.148.136200 OK 14 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/motopress-hotel-booking/vendors/kbwood/datepick/jquery.datepick.min.js?ver=4.2.4
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (37442)
Hash 7914aaa23bdaf3ae7301076ddfa04165
ffdf2b7c354b3974e7216f717902c4c1c1aa77ab
29e7980c6d15ad02091e04eba3cb1fc66ba74cb3e7b707cf7bacccb5a3de0c8f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/motopress-hotel-booking/vendors/kbwood/datepick/jquery.datepick.min.js?ver=4.2.4 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 06 Jul 2022 10:23:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 14546
content-type: application/javascript
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.6.1
50.87.148.136200 OK 1.0 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.6.1
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1668)
Hash 0bebfb5722cbc8ac04e62aa40698be49
3bc5e4f29cb19a2d80d46dee242dabf7e42c0fd3
70d02eabbadbe176455a2bb53d8d567feca69847c067a5274987a8bdc65e3c05
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.6.1 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 06 Jul 2022 10:09:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1000
content-type: application/javascript
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=3.2.15
50.87.148.136200 OK 3.3 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=3.2.15
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9346), with no line terminators
Hash eb89a4b650d11f21e8dfb8723f0beb2a
ed1ca064486e70e34967e35432442ea2759d3bb0
2293eaa848408400905e5673a1a9764e17188ca86bedff223c1664c051df5b38
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=3.2.15 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 06 Jul 2022 10:09:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3331
content-type: application/javascript
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
50.87.148.136200 OK 7.6 kB URL HTTP/2 www.atlascrown.net/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash 66c68f2158dcf7d97a02f3719a17aab0
fdb04fb4c632b9fb4275006a4e402cd0d4fa393a
e4b360f0e6ae1afc06f05f958e8696e5ae45257912bc2ab0b9334bd1382a51aa
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 02:16:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7621
content-type: application/javascript
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/js/jquery.scrollbar.min.js?ver=0.2.10
50.87.148.136200 OK 4.8 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/js/jquery.scrollbar.min.js?ver=0.2.10
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11879)
Hash 590eea8c65c75891b86d2966033e1c14
334ed55312e24b9a1023f30549df011b1cca8f24
0d1b8f11a5e441410389e308d24bc2d3dc9c5ca38cd1bfb09c02b4db0b52ba68
GET /wp-content/plugins/pt-holleta-addons/assets/js/jquery.scrollbar.min.js?ver=0.2.10 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 14:17:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4787
content-type: application/javascript
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.6.1
50.87.148.136200 OK 792 B URL HTTP/2 www.atlascrown.net/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.6.1
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2139), with no line terminators
Hash 1ca3f41c13e0027acc45f0601f8b640f
cced34af0c6a59e9cee4229faa66ab39c7031506
d3bc5eaf4c6be9473dbba690825cce9a1a6f4accb6721dae7875efef54942f41
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.6.1 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 06 Jul 2022 10:09:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 792
content-type: application/javascript
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
50.87.148.136200 OK 18 kB URL HTTP/2 www.atlascrown.net/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash cc68d5b0c405a8b4d8e850315b223df9
af47b17ccea3f27d4034797a00bbb600e63df31a
c6450717c01ec8488961b0ad9cf1a6e408547b8bea43d7ad50a317ff3a41a943
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Nov 2022 02:20:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/themes/holleta/js/magic-cursor.js?ver=1.0.0
50.87.148.136200 OK 639 B URL HTTP/2 www.atlascrown.net/wp-content/themes/holleta/js/magic-cursor.js?ver=1.0.0
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 93c13a832acf98f908a13814dd211dfb
e240bfe27f046dbc2ddf1ef5a8553c191b3fcdba
573c80a6e81daf8485494f812c75acd7024836ed1abe21f947cb1fed4de64572
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/holleta/js/magic-cursor.js?ver=1.0.0 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 06 Apr 2021 13:11:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 639
content-type: application/javascript
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/js/load-posts.js?ver=1.0.0
50.87.148.136200 OK 900 B URL HTTP/2 www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/js/load-posts.js?ver=1.0.0
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 0e70aa080adb2e06cd3ad3c49fc6032e
d6fc2fd70b6867c015f31943ee0d08cd679806fa
a209b5ae0b97224cc352c497b2d402add83f7949881be73d69c43309b20244a7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/pt-holleta-addons/assets/js/load-posts.js?ver=1.0.0 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 14:17:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 900
content-type: application/javascript
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.6.1
50.87.148.136200 OK 1.1 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.6.1
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2938), with no line terminators
Hash 769e9d3f7fc383ec1a02024e39730474
4f5a5edf28ed19b48c5e40747ec6896f0df8f09e
4636689d57889e984a7a1a1c6e2516b7a2d951407ca826aaf505c50002e2b486
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.6.1 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 06 Jul 2022 10:09:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1093
content-type: application/javascript
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-includes/js/imagesloaded.min.js?ver=4.1.4
50.87.148.136200 OK 2.1 kB URL HTTP/2 www.atlascrown.net/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5477)
Hash f0bd7ad12acdee26cbb2701c1ba3610b
53c5d15129860868b60b74cb010b2c6050a64f69
e6d0cb19e56d22e8e511c23ca2bd233bedb40e3c7cf4ff38fe6f059bc7e0c64f
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 13 Jun 2020 23:53:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2103
content-type: application/javascript
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.7
50.87.148.136200 OK 2.8 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.7
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6210), with no line terminators
Hash c74a284893e700efac7feda7f8ca29d9
e5f08422e3a5b9ed64676469e2d73ed9600ab3ee
01fb2bcfb32c7eabebccf5d1196cae451bae4f8ab247010f3cd6d86ef8521345
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.7 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 14:19:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2759
content-type: application/javascript
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/js/photoswipe-ui-default.min.js?ver=4.1.1
50.87.148.136200 OK 4.9 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/js/photoswipe-ui-default.min.js?ver=4.1.1
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (554)
Hash 9917006657347eb255684d613b1b983f
c0faad779e59e8e749a3ccb2b3a08af1a92eee23
51c6f9b10eb256005142db5ac94ba324d464f3607fd506ac23405291b96c599d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/pt-holleta-addons/assets/js/photoswipe-ui-default.min.js?ver=4.1.1 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 14:17:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4867
content-type: application/javascript
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/js/parallax.min.js
50.87.148.136200 OK 6.1 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/js/parallax.min.js
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15016), with CRLF line terminators
Hash ac3b9c921f5853fc5b6c50b5d0d00d12
3aad2194db33b72abfca21907472674eb38277bf
2435f2b9f3ca88595a1968596353e355366e40309e034cbb943d087a75bed86f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/pt-holleta-addons/assets/js/parallax.min.js HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 14:17:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6075
content-type: application/javascript
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/themes/holleta/js/scripts.js
50.87.148.136200 OK 6.1 kB URL HTTP/2 www.atlascrown.net/wp-content/themes/holleta/js/scripts.js
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash f98feb51169c6d098395e26f004f8433
3234f56a082474b85ddc4e27cc5c5836ce547b66
2e8195fb4b15a835bae217e9c8deb6fe4ba1655741ef6385b32a18c978052d15
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/holleta/js/scripts.js HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 06 Apr 2021 13:11:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6130
content-type: application/javascript
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/js/js_composer_front.min.js?ver=1.0.0
50.87.148.136200 OK 8.3 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/js/js_composer_front.min.js?ver=1.0.0
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (825), with CRLF line terminators
Hash c7768324abcc1ea66d5a5211057dbe10
f4ffab7c9783a77e3147180722759af065ff0948
55198f589ed5a4e23d39ff1a48dd92a6e1df4eb6a159397cda0f721eed9f09ed
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/pt-holleta-addons/assets/js/js_composer_front.min.js?ver=1.0.0 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 14:17:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8319
content-type: application/javascript
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/js/photoswipe.min.js?ver=4.1.1
50.87.148.136200 OK 15 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/js/photoswipe.min.js?ver=4.1.1
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (31625)
Hash ff7454b5fba5cf4d4ef9472f2392eec9
c70ee564902de08f011f18b576fd450ee28b2fd4
bb376575f21ddfa03eebd98db2b3d41b5b068cc48cd00039c01977bbc7a7ca84
GET /wp-content/plugins/pt-holleta-addons/assets/js/photoswipe.min.js?ver=4.1.1 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 14:17:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 14660
content-type: application/javascript
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/js/pt-scripts.js?ver=1.0.0
50.87.148.136200 OK 11 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/js/pt-scripts.js?ver=1.0.0
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1465), with CRLF line terminators
Hash a23691e98c6a41757568e7c25b254160
3bc13ca0b4064b6a2391a01f9b0ed98862fcbda0
22f0b4a6dc97c78da97d32988c823e6c18215c9518b84f13d5693f0298ca7fbf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/pt-holleta-addons/assets/js/pt-scripts.js?ver=1.0.0 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 14:17:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 11092
content-type: application/javascript
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/js/isotope.pkgd.min.js?ver=3.0.6
50.87.148.136200 OK 13 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/js/isotope.pkgd.min.js?ver=3.0.6
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32019)
Hash 79bdc8a5c2a9c6ba42ef1ec8ba415eec
260a40aaafeca5df5fedf236d22dea4d175f1dde
476c850c6c72f0e91c30758823a3e2959dff3c03d30accf5b026422dc824ad65
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/pt-holleta-addons/assets/js/isotope.pkgd.min.js?ver=3.0.6 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 14:17:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 13105
content-type: application/javascript
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/motopress-hotel-booking/vendors/canjs/can.custom.min.js?ver=4.2.4
50.87.148.136200 OK 10 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/motopress-hotel-booking/vendors/canjs/can.custom.min.js?ver=4.2.4
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3717)
Hash c25f1928246943d811bb0155b2380a26
d94229accb1d4a751906fe7dacb3c51f30da1222
b34c3b4b90d6d4fa48a6b7a272ced466d12cfdb045786f683dcd3d390d2e23fd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/motopress-hotel-booking/vendors/canjs/can.custom.min.js?ver=4.2.4 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 06 Jul 2022 10:23:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10087
content-type: application/javascript
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6
50.87.148.136409 Conflict 83 B URL HTTP/2 www.atlascrown.net/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
use.typekit.net/af/180254/00000000000000000001522c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
23.36.76.186200 OK 46 kB URL HTTP/2 use.typekit.net/af/180254/00000000000000000001522c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 46404, version 1.0\012- data
Hash 99c0faff718ccc006ec5d8d1e362b3f4
cbc536df2796deb56f11cd0ad39c11d26fd11b92
38c9c1413e17c7a5ee87095bdb4cad0da069451ee937cb801c8f37f2c734644f
GET /af/180254/00000000000000000001522c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.atlascrown.net
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 46404
etag: "d8f0e75543cc417069e2148d573e1b3687264d73"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Sat, 19 Nov 2022 15:15:43 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/28ba4b/000000000000000000015226/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
23.36.76.186200 OK 46 kB URL HTTP/2 use.typekit.net/af/28ba4b/000000000000000000015226/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 46340, version 1.0\012- data
Hash 398e5676d9ad93fd4c55b69ed83095e4
ba91b2500318d166b2232f9c34100365c22fd42c
13ec7d881f137d95802acedb66d820b9429d7c85756f1cf6fc98843a52a7dcc0
GET /af/28ba4b/000000000000000000015226/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.atlascrown.net
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 46340
etag: "348b996e7db4e9e75fb5ea99ce70eb0a48fff62c"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Sat, 19 Nov 2022 15:15:43 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/5be6ad/00000000000000003b9ad05d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
23.36.76.186200 OK 31 kB URL HTTP/2 use.typekit.net/af/5be6ad/00000000000000003b9ad05d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 31308, version 1.0\012- data
Hash a4bc3f0a3c4a836a37204ad5e68c0748
8776d8aff0f39bc32f6aace1b5f9482fc0c8ae5e
c56d07239552977cd9daaca2ca7a90ac2fcf2c1441df45df3f0ec29933167ecf
GET /af/5be6ad/00000000000000003b9ad05d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.atlascrown.net
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 31308
etag: "d8da753c9daf254346924988f37536aad8bdb2a8"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Sat, 19 Nov 2022 15:15:43 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/220823/000000000000000000015231/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
23.36.76.186200 OK 46 kB URL HTTP/2 use.typekit.net/af/220823/000000000000000000015231/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 46076, version 1.0\012- data
Hash 45954e79e42c0cf65d3fa93c8ac1c87c
5bdb9ede3de7329800d2861cb64459118fa21b02
73ef385046533349dbdb6264bfdb814819b44a3a7ddeedf7611db7d55f567c7c
GET /af/220823/000000000000000000015231/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.atlascrown.net
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 46076
etag: "25d9000ed11ad93413dd9fab416a1870c8ae46cd"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Sat, 19 Nov 2022 15:15:43 GMT
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=6.1.1
50.87.148.136200 OK 51 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=6.1.1
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash bc5545153400b1a783488ccf4266c4de
da1c31bbf6d66f82c47dd66ec4e375b39e858ea6
1dac3cfad90588cb248e9a2f450583c063d0eef3f97b79f1ea107e0f8618b74e
GET /wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=6.1.1 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 06 Jul 2022 10:09:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
use.typekit.net/af/a18530/00000000000000000001522e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
23.36.76.186200 OK 45 kB URL HTTP/2 use.typekit.net/af/a18530/00000000000000000001522e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 45148, version 1.0\012- data
Hash e2ac5282456f8d1f1a2acf8356c9099e
10358b8fefdb0a3d71354f82d0594a581d4902b2
d18f7face3f4bdbc708900aee3288b53e5ac617e4736804428d0a9f647e745c9
GET /af/a18530/00000000000000000001522e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.atlascrown.net
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 45148
etag: "06f4bea9fe01f1b6088c17bf6b75c9a7d32e7259"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Sat, 19 Nov 2022 15:15:43 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/acc12d/00000000000000003b9ad05b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
23.36.76.186200 OK 31 kB URL HTTP/2 use.typekit.net/af/acc12d/00000000000000003b9ad05b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 30944, version 1.0\012- data
Hash 6d9f01db4ff89bb20bfc373da1b489d1
171e23add3794a1120fbbcd3478e0b4561e94542
a7832d6a31ba9dbcbbe4d9ea044415ab34766489def58d532f473c1780878a76
GET /af/acc12d/00000000000000003b9ad05b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.atlascrown.net
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 30944
etag: "88c2d678a434632263f607a8b797884429b7d1f1"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Sat, 19 Nov 2022 15:15:43 GMT
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/imgs/pattern.php?fill=363636&type=type3
50.87.148.136200 OK 1.8 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/imgs/pattern.php?fill=363636&type=type3
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3997), with no line terminators
Hash 3ee42c9a5168f18d6e549bee408ce49a
b9cb2d9ae7fe6ae459fddf6a5cd4a4698f641751
c1e12abb178b987e03cc4ac6462d9ed6c8ef7643520e1bdd395f576f852fcc5a
GET /wp-content/plugins/pt-holleta-addons/assets/imgs/pattern.php?fill=363636&type=type3 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-length: 1841
content-type: image/svg+xml
date: Sat, 19 Nov 2022 15:15:43 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6
50.87.148.136409 Conflict 83 B URL HTTP/2 www.atlascrown.net/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Sat, 19 Nov 2022 15:15:43 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/themes/holleta/fonts/base-icon.ttf?dwj2e9
50.87.148.136200 OK 12 kB URL HTTP/2 www.atlascrown.net/wp-content/themes/holleta/fonts/base-icon.ttf?dwj2e9
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, base-icon \012- data
Hash 4eb47ec28ef1c8803d23dfad6b106fdf
50b530dd0550ac53f0d656efddf91c0adc005deb
97d8b52443e6bde721903cf116b3e8ff348456a055d3c3e000949f0d8acba099
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/holleta/fonts/base-icon.ttf?dwj2e9 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/wp-content/themes/holleta/css/iconfont.css?ver=6.1.1
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 06 Apr 2021 13:11:10 GMT
accept-ranges: bytes
content-length: 12056
content-type: font/ttf
date: Sat, 19 Nov 2022 15:15:43 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/uploads/2022/05/unnamed.png
50.87.148.136200 OK 1.3 kB URL HTTP/2 www.atlascrown.net/wp-content/uploads/2022/05/unnamed.png
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 02b1662c7db9097e4fe78d3174b7dbb1
24bc36ba56348b64abb13762ae081ed27dde8a3d
8d9fa907d4b866a39c09daf1a8ee008bc725cc0f3fd9d577a6adbb2a3a207f14
GET /wp-content/uploads/2022/05/unnamed.png HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 05 May 2022 15:54:43 GMT
accept-ranges: bytes
content-length: 1317
content-type: image/png
date: Sat, 19 Nov 2022 15:15:43 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=6.1.1
50.87.148.136200 OK 34 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=6.1.1
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 3e1449787a2becd60fcf6c5ed4d7cf34
a1858beea7fe7b602d5b83fd3a2c7935158a084e
214afa7b21c3f05915a45be609ea9f6f79179d682238a019df3e87efe4d5a5a2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=6.1.1 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 06 Jul 2022 10:09:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/uploads/2022/05/sd.png
50.87.148.136200 OK 6.4 kB URL HTTP/2 www.atlascrown.net/wp-content/uploads/2022/05/sd.png
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash bfbc91684f17d215a637d175aaf5f1bc
234fc5c3a66d780c8ae25cb835f216c924b88efa
86b9fc7fbbbb448c7a38b804a8be347e1d6ccb3d76caa088abd7a8db6c761a82
GET /wp-content/uploads/2022/05/sd.png HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 05 May 2022 15:55:29 GMT
accept-ranges: bytes
content-length: 6398
content-type: image/png
date: Sat, 19 Nov 2022 15:15:43 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/imgs/testimonials-rating.png
50.87.148.136200 OK 2.2 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/imgs/testimonials-rating.png
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 474 x 77, 8-bit/color RGBA, non-interlaced\012- data
Hash 0dcc3bf436ae1519e272b66dd9b40a82
d7c89d98dcd73e1479a4371cfcb6bec3b6ee99d8
341a6f5808919bb70cfbea234c558197dce3d71450c099408158ced0c69f0b59
GET /wp-content/plugins/pt-holleta-addons/assets/imgs/testimonials-rating.png HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/css/pt-addons.css?ver=6.1.1
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 14:17:38 GMT
accept-ranges: bytes
content-length: 2167
content-type: image/png
date: Sat, 19 Nov 2022 15:15:43 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/uploads/2022/04/food-ac-1024x683.jpg
50.87.148.136200 OK 131 kB URL HTTP/2 www.atlascrown.net/wp-content/uploads/2022/04/food-ac-1024x683.jpg
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1024x683, components 3\012- data
Size 131 kB (131253 bytes)
Hash ebaf4e55a1e87518f66022bdf6e8cb2b
c7412a12e568db2332fcb1b24247200a1cabd007
9432f9bededb65d6ea909112d855b5490f90c9f4edaf8a3f73fb02c575414222
GET /wp-content/uploads/2022/04/food-ac-1024x683.jpg HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 29 Apr 2022 11:33:01 GMT
accept-ranges: bytes
content-length: 131253
content-type: image/jpeg
date: Sat, 19 Nov 2022 15:15:43 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/uploads/2022/09/slide-5-1024x468.jpg
50.87.148.136200 OK 94 kB URL HTTP/2 www.atlascrown.net/wp-content/uploads/2022/09/slide-5-1024x468.jpg
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1024x468, components 3\012- data
Hash 352f0a1858b7c282728ca3caa1eef6b5
d27599ea55f501dd158b0a1fcff9fe1eedbbaf84
c52129bdf05efbdf0f17f291b7150a3fb4151d728d66f3c759734be7e1df45d8
GET /wp-content/uploads/2022/09/slide-5-1024x468.jpg HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 24 Sep 2022 08:42:55 GMT
accept-ranges: bytes
content-length: 93671
content-type: image/jpeg
date: Sat, 19 Nov 2022 15:15:43 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/uploads/2022/04/h-f1-1024x577.jpg
50.87.148.136200 OK 92 kB URL HTTP/2 www.atlascrown.net/wp-content/uploads/2022/04/h-f1-1024x577.jpg
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1024x577, components 3\012- data
Hash d2aa8171a5807f1c4be4f0aff8c1dd67
eccda4e33f619bb2823bf74651b3f541e1254bfb
4803637dbe6a24eeecb19b41db3e5c4331bf023dde837f6f69fe6beea5e1c301
GET /wp-content/uploads/2022/04/h-f1-1024x577.jpg HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 24 Sep 2022 09:07:44 GMT
accept-ranges: bytes
content-length: 91564
content-type: image/jpeg
date: Sat, 19 Nov 2022 15:15:43 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/uploads/2022/04/h-f2-1024x577.jpg
50.87.148.136200 OK 98 kB URL HTTP/2 www.atlascrown.net/wp-content/uploads/2022/04/h-f2-1024x577.jpg
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1024x577, components 3\012- data
Hash 17ab593e75167a7ff0dcb26e9e632af7
c6f076807fb96b3548b8dbf5a7ac2f804ef04c8f
ea180f71b55f8fd650021a0be636203abc4a89599ba224531599af3f31cdadb0
GET /wp-content/uploads/2022/04/h-f2-1024x577.jpg HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 24 Sep 2022 09:07:47 GMT
accept-ranges: bytes
content-length: 97659
content-type: image/jpeg
date: Sat, 19 Nov 2022 15:15:43 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/uploads/2022/05/DSCF4917-1024x577.jpg
50.87.148.136200 OK 102 kB URL HTTP/2 www.atlascrown.net/wp-content/uploads/2022/05/DSCF4917-1024x577.jpg
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, copyright= ], baseline, precision 8, 1024x577, components 3\012- data
Size 102 kB (101931 bytes)
Hash 955befdac8b007f1eba2b169f09b6c1c
be3937bcff497e1f3bd1f466430dcbe9f424cefd
3ed5e758d171b77d92b85c0b58500d1cb5a27176a9a450ae5a33219aafdc0bea
GET /wp-content/uploads/2022/05/DSCF4917-1024x577.jpg HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 05 May 2022 15:40:56 GMT
accept-ranges: bytes
content-length: 101931
content-type: image/jpeg
date: Sat, 19 Nov 2022 15:15:43 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/uploads/2022/04/h-f3-1024x577.jpg
50.87.148.136200 OK 105 kB URL HTTP/2 www.atlascrown.net/wp-content/uploads/2022/04/h-f3-1024x577.jpg
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1024x577, components 3\012- data
Size 105 kB (104607 bytes)
Hash 84e2b77426a20dcff80e34735471de24
95aaaa6ec88f0692909446eee121ff5c2937fa3f
9a24b28d77081aa8006b3b082e00ff4284d0edd76f33944045990f24edee9b24
GET /wp-content/uploads/2022/04/h-f3-1024x577.jpg HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 24 Sep 2022 09:07:51 GMT
accept-ranges: bytes
content-length: 104607
content-type: image/jpeg
date: Sat, 19 Nov 2022 15:15:43 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.6.2
50.87.148.136200 OK 148 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.6.2
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
Size 148 kB (147613 bytes)
Hash 591fe8538144ee2d06ebd1646ca345a3
f9f996d1f520230fed057ba3afb2057fdd4f0ff1
b80b47b6a840e03882ceda24f00b29165a399c3937806309f044be10d6f9999b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.6.2 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 06 Jul 2022 10:09:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/uploads/2022/04/h-f6-1024x577.jpg
50.87.148.136200 OK 101 kB URL HTTP/2 www.atlascrown.net/wp-content/uploads/2022/04/h-f6-1024x577.jpg
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1024x577, components 3\012- data
Size 101 kB (100577 bytes)
Hash 44fea2cc5237963247ff51d4d8c8962d
877b17ca640e361339c1342a2b75ab665e7a04b1
1449e1a26f596521f76d4c1170efc1ccd5995929b037be673a077be49f959d41
GET /wp-content/uploads/2022/04/h-f6-1024x577.jpg HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 24 Sep 2022 09:08:01 GMT
accept-ranges: bytes
content-length: 100577
content-type: image/jpeg
date: Sat, 19 Nov 2022 15:15:43 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/uploads/2019/12/s5-1024x683.jpg
50.87.148.136200 OK 164 kB URL HTTP/2 www.atlascrown.net/wp-content/uploads/2019/12/s5-1024x683.jpg
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1024x683, components 3\012- data
Size 164 kB (163528 bytes)
Hash cadb1d7cf84fd42462f3c63f967ada65
700af11e6f620d7d0e181c2818943ad0de6f560b
7a68014607782b5076566ae81bb86c6dd6ce73d7981cd71ed2bb76ae4de892f4
GET /wp-content/uploads/2019/12/s5-1024x683.jpg HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 29 Apr 2022 15:01:46 GMT
accept-ranges: bytes
content-length: 163528
content-type: image/jpeg
date: Sat, 19 Nov 2022 15:15:43 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/uploads/2022/04/lx2nckej-1024x556.jpg
50.87.148.136200 OK 150 kB URL HTTP/2 www.atlascrown.net/wp-content/uploads/2022/04/lx2nckej-1024x556.jpg
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1024x556, components 3\012- data
Size 150 kB (150100 bytes)
Hash c37896bd09c0adeb7ac953c908387e16
91ec4042c6d207c602d8b0ab984d690f151a82cd
5aa73beb8a14558d0425790342c3ff3dc358a9838641f81a9c7b195a44b1b80f
GET /wp-content/uploads/2022/04/lx2nckej-1024x556.jpg HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 29 Apr 2022 12:14:36 GMT
accept-ranges: bytes
content-length: 150100
content-type: image/jpeg
date: Sat, 19 Nov 2022 15:15:43 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/uploads/2019/04/MTB-1024x683.jpg
50.87.148.136200 OK 170 kB URL HTTP/2 www.atlascrown.net/wp-content/uploads/2019/04/MTB-1024x683.jpg
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1024x683, components 3\012- data
Size 170 kB (169615 bytes)
Hash a0e1c185a28350e3dc088c62d7c38997
303ef6938d203d7854d9a6a370cdf9b0d120734c
62cd7ba8db2aca31a4de7c42ebbaaf2bd5206f58e9d5d95df504f4cb73f0661b
GET /wp-content/uploads/2019/04/MTB-1024x683.jpg HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 29 Apr 2022 11:28:28 GMT
accept-ranges: bytes
content-length: 169615
content-type: image/jpeg
date: Sat, 19 Nov 2022 15:15:43 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/uploads/2022/05/photo_2022-04-25_09-16-31-1024x577.jpg
50.87.148.136200 OK 186 kB URL HTTP/2 www.atlascrown.net/wp-content/uploads/2022/05/photo_2022-04-25_09-16-31-1024x577.jpg
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1024x577, components 3\012- data
Size 186 kB (186538 bytes)
Hash 71e98be8b1d2e077c54d76ea13324415
2d8236b4a1c4f24b9abe18ae2bebde95e9ae990f
e472b31ca069fc1c8cb1b76bb9917b91ceb095697ead7783395d6414ed07add5
GET /wp-content/uploads/2022/05/photo_2022-04-25_09-16-31-1024x577.jpg HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 05 May 2022 15:39:44 GMT
accept-ranges: bytes
content-length: 186538
content-type: image/jpeg
date: Sat, 19 Nov 2022 15:15:43 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/js/swiper.min.js?ver=5.3.6
50.87.148.136200 OK 312 kB URL HTTP/2 www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/js/swiper.min.js?ver=5.3.6
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
Size 312 kB (311597 bytes)
Hash f025b3fbb7ca030d765d65ca4179aa0f
d211c8a2812cb340b58f76ce812706e752943623
b328295b99c4f194e57eaefea013a8e552ca07ce20def219c2c45f46ab284ce9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/pt-holleta-addons/assets/js/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 14:17:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/uploads/2019/11/pool-1024x683.jpg
50.87.148.136200 OK 215 kB URL HTTP/2 www.atlascrown.net/wp-content/uploads/2019/11/pool-1024x683.jpg
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1024x683, components 3\012- data
Size 215 kB (215060 bytes)
Hash eb9cff41e9f11430dc81d5ad198756d8
d05a8a18c7467f4c1936733ceefc565d8de99c29
9b7693c8b49d0b748f0433f80172392b6cd272750415ad5554f531ae310a38fb
GET /wp-content/uploads/2019/11/pool-1024x683.jpg HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 29 Apr 2022 11:25:58 GMT
accept-ranges: bytes
content-length: 215060
content-type: image/jpeg
date: Sat, 19 Nov 2022 15:15:43 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/uploads/2019/04/horse-3-1024x683.jpg
50.87.148.136200 OK 265 kB URL HTTP/2 www.atlascrown.net/wp-content/uploads/2019/04/horse-3-1024x683.jpg
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1024x683, components 3\012- data
Size 265 kB (265288 bytes)
Hash 6f6e72e3e7ab08f592c235f09c79aab8
3464fb41bcb97e65f267550c83300678cafbdcff
0301ced6577977e6c8162a63fc449a4e936dce24a1af37605274095957964429
GET /wp-content/uploads/2019/04/horse-3-1024x683.jpg HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 29 Apr 2022 13:24:16 GMT
accept-ranges: bytes
content-length: 265288
content-type: image/jpeg
date: Sat, 19 Nov 2022 15:15:43 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/?wc-ajax=get_refreshed_fragments
50.87.148.136200 OK 234 B URL HTTP/2 www.atlascrown.net/?wc-ajax=get_refreshed_fragments
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JSON data\012- , ASCII text, with very long lines (430), with no line terminators
Hash ed70f7d0d30de2cb32523311f0d39252
49ee9529e1c00eb36d76a9cacc7f191f82137ba1
ea01d73f16040a24604d50d1e5f036e0f8e6f3da34f2f6d756cfbb23d4265a41
Analyzer Verdict Alert fortinet Phishing
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://www.atlascrown.net
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.atlascrown.net
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; expires=Sat, 19-Nov-2022 15:45:40 GMT; Max-Age=1796; path=/
mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; expires=Sat, 19-Nov-2022 15:45:40 GMT; Max-Age=1796; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 234
content-type: application/json; charset=UTF-8
date: Sat, 19 Nov 2022 15:15:44 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/uploads/2022/09/slide-4.jpg
50.87.148.136200 OK 355 kB URL HTTP/2 www.atlascrown.net/wp-content/uploads/2022/09/slide-4.jpg
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1903x869, components 3\012- data
Size 355 kB (355079 bytes)
Hash 4887c91dcf301f3cca09875b8f260e3c
d85112342d7e47d60a4c883385a9a5ad63569764
25d26a702e30f4bf59c1006c49e12436a9930a0663aaa03bf969fba0dc622dd6
GET /wp-content/uploads/2022/09/slide-4.jpg HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 24 Sep 2022 08:42:49 GMT
accept-ranges: bytes
content-length: 355079
content-type: image/jpeg
date: Sat, 19 Nov 2022 15:15:43 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/uploads/2019/12/s1.jpg
50.87.148.136200 OK 334 kB URL HTTP/2 www.atlascrown.net/wp-content/uploads/2019/12/s1.jpg
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1200x800, components 3\012- data
Size 334 kB (333616 bytes)
Hash bef20f172e084219d2697de4532f2831
45f58139ec896bf1f5a7bf7b2ac1141017d4f168
808c63ad83b2e5704e3bbfdc759dfc2632c0a46f6cd2cc9abfd1470555f5f6d6
GET /wp-content/uploads/2019/12/s1.jpg HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 29 Apr 2022 15:01:29 GMT
accept-ranges: bytes
content-length: 333616
content-type: image/jpeg
date: Sat, 19 Nov 2022 15:15:43 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57d03484-7ccd-4a2d-81a2-0205f032f99d.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57d03484-7ccd-4a2d-81a2-0205f032f99d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f5af431deee2fb28fcc08b25f5162944
6dac89954db5946b9ac1fdca3196d8b6bb3f54c3
b22d9111361ebce06d55d14d05f4a5206ca7097b059bbe6bc02b10391b61f458
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57d03484-7ccd-4a2d-81a2-0205f032f99d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6365
x-amzn-requestid: 60bd00c0-6808-4bc5-a0cb-e4390d353d65
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: befxSFJOIAMF6Lw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636f466e-514b3be121f077d559acdb86;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 07:08:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: E-bkNv53D_wWbPQkwNATrkuxsci_F32QIg7NCRL8yL8BoF_3lV-q3A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 11:33:44 GMT
age: 13322
etag: "6dac89954db5946b9ac1fdca3196d8b6bb3f54c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/uploads/2022/04/slider-5.jpg
50.87.148.136200 OK 535 kB URL HTTP/2 www.atlascrown.net/wp-content/uploads/2022/04/slider-5.jpg
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1903x869, components 3\012- data
Size 535 kB (535090 bytes)
Hash fa941ae7d4ae0291057a476e7790b935
79a7478085664ea4697e011dc2e7648e7aac5de9
7c1983859e166c7f60633d3d280b94c9f8291f034c184d798bc6cc81a4228a4d
GET /wp-content/uploads/2022/04/slider-5.jpg HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 29 Apr 2022 10:29:47 GMT
accept-ranges: bytes
content-length: 535090
content-type: image/jpeg
date: Sat, 19 Nov 2022 15:15:43 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0
50.87.148.136200 OK 0 B URL HTTP/2 www.atlascrown.net/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 14:18:15 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/uploads/2022/04/ac1.jpg
50.87.148.136200 OK 0 B URL HTTP/2 www.atlascrown.net/wp-content/uploads/2022/04/ac1.jpg
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/uploads/2022/04/ac1.jpg HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 29 Apr 2022 10:43:22 GMT
accept-ranges: bytes
content-length: 1409466
content-type: image/jpeg
date: Sat, 19 Nov 2022 15:15:43 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/motopress-hotel-booking/assets/js/public/mphb.min.js?ver=4.2.4
50.87.148.136200 OK 0 B URL HTTP/2 www.atlascrown.net/wp-content/plugins/motopress-hotel-booking/assets/js/public/mphb.min.js?ver=4.2.4
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/motopress-hotel-booking/assets/js/public/mphb.min.js?ver=4.2.4 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 06 Jul 2022 10:23:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/uploads/2022/04/food.jpg
50.87.148.136200 OK 0 B URL HTTP/2 www.atlascrown.net/wp-content/uploads/2022/04/food.jpg
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/uploads/2022/04/food.jpg HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 29 Apr 2022 10:49:03 GMT
accept-ranges: bytes
content-length: 500961
content-type: image/jpeg
date: Sat, 19 Nov 2022 15:15:43 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/css/pt-addons.css?ver=6.1.1
50.87.148.136200 OK 0 B URL HTTP/2 www.atlascrown.net/wp-content/plugins/pt-holleta-addons/assets/css/pt-addons.css?ver=6.1.1
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/plugins/pt-holleta-addons/assets/css/pt-addons.css?ver=6.1.1 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 30 Sep 2022 14:49:35 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/uploads/2022/04/slide2.jpg
50.87.148.136200 OK 0 B URL HTTP/2 www.atlascrown.net/wp-content/uploads/2022/04/slide2.jpg
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/uploads/2022/04/slide2.jpg HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 29 Apr 2022 10:39:10 GMT
accept-ranges: bytes
content-length: 672649
content-type: image/jpeg
date: Sat, 19 Nov 2022 15:15:43 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/uploads/2022/04/ac2.jpg
50.87.148.136200 OK 0 B URL HTTP/2 www.atlascrown.net/wp-content/uploads/2022/04/ac2.jpg
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/uploads/2022/04/ac2.jpg HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 29 Apr 2022 10:43:17 GMT
accept-ranges: bytes
content-length: 1301479
content-type: image/jpeg
date: Sat, 19 Nov 2022 15:15:43 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/uploads/2022/04/slider.jpg
50.87.148.136200 OK 0 B URL HTTP/2 www.atlascrown.net/wp-content/uploads/2022/04/slider.jpg
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/uploads/2022/04/slider.jpg HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 28 Apr 2022 11:23:44 GMT
accept-ranges: bytes
content-length: 752399
content-type: image/jpeg
date: Sat, 19 Nov 2022 15:15:43 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/uploads/2022/04/slider-6.jpg
50.87.148.136200 OK 0 B URL HTTP/2 www.atlascrown.net/wp-content/uploads/2022/04/slider-6.jpg
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/uploads/2022/04/slider-6.jpg HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 29 Apr 2022 10:37:41 GMT
accept-ranges: bytes
content-length: 745710
content-type: image/jpeg
date: Sat, 19 Nov 2022 15:15:43 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/uploads/2022/04/food2.jpg
50.87.148.136200 OK 0 B URL HTTP/2 www.atlascrown.net/wp-content/uploads/2022/04/food2.jpg
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/uploads/2022/04/food2.jpg HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 29 Apr 2022 10:49:07 GMT
accept-ranges: bytes
content-length: 597868
content-type: image/jpeg
date: Sat, 19 Nov 2022 15:15:43 GMT
server: Apache
X-Firefox-Spdy: h2
www.atlascrown.net/wp-content/themes/holleta/css/main.css?ver=6.1.1
50.87.148.136200 OK 0 B URL HTTP/2 www.atlascrown.net/wp-content/themes/holleta/css/main.css?ver=6.1.1
IP 50.87.148.136:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/holleta/css/main.css?ver=6.1.1 HTTP/1.1
Host: www.atlascrown.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.atlascrown.net/
Cookie: ppwp_wp_session=eb8b4247180d982e06158be0d2213353%7C%7C1668872740%7C%7C1668872380; mphb_session=ab59eb7a86437a0d9cc4787818cc88a9%7C%7C1668872740%7C%7C1668872380; PHPSESSID=06f4923295a26ca09ca1d9581dff46c3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 24 Sep 2022 09:30:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Sat, 19 Nov 2022 15:15:42 GMT
server: Apache
X-Firefox-Spdy: h2