Overview

URLelmstreetfurniture.com/
IP 38.45.121.155 (United States)
ASN#174 COGENT-174
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-11 15:44:57 UTC
StatusLoading report..
IDS alerts0
Blocklist alert51
urlquery alerts
55
Phishing - Apple
Phishing - Apple
Tags None

Domain Summary (14)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ocsp.pki.goog (2) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.35
ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
ocsp.trust-provider.cn (1) 0 No data No data 47.246.44.205 Domain (trust-provider.cn) ranked at: 847612
www.gstatic.com (2) 0 2016-07-26 09:37:06 UTC 2022-11-11 10:32:09 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-11 05:46:42 UTC 34.102.187.140
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 35.165.143.157
www.apple.com (1) 182 2015-07-28 17:33:42 UTC 2020-05-06 13:52:27 UTC 23.38.200.210
cdn.bootcdn.net (1) 87757 2022-02-14 11:43:03 UTC 2022-10-07 09:47:37 UTC 120.52.95.234
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
appleid.cdn-apple.com (3) 3288 2013-09-15 17:16:35 UTC 2019-05-16 05:37:30 UTC 23.60.29.145
r3.o.lencr.org (5) 344 No data No data 23.36.77.32
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-11 05:51:39 UTC 34.117.237.239
elmstreetfurniture.com (51) 0 2016-04-06 01:53:29 UTC 2022-11-11 15:35:30 UTC 38.45.121.155 Unknown ranking

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/login.php Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.
2022-11-11 2 elmstreetfurniture.com/ Apple Inc.

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-11 2 elmstreetfurniture.com/ Phishing
2022-11-11 2 elmstreetfurniture.com/login.php Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 38.45.121.155
Date UQ / IDS / BL URL IP
2022-11-14 15:35:51 +0000 54 - 0 - 87 ruciane-nida.com/login.php 38.45.121.155
2022-11-14 14:16:47 +0000 43 - 0 - 72 ruciane-nida.com/login.php 38.45.121.155
2022-11-14 10:14:24 +0000 54 - 0 - 87 ruciane-nida.com/login.php 38.45.121.155
2022-11-13 20:07:22 +0000 54 - 0 - 41 fgbbq.com/login.php 38.45.121.155
2022-11-13 14:25:13 +0000 26 - 0 - 0 kaapor.com/login.php 38.45.121.155


Last 5 reports on ASN: COGENT-174
Date UQ / IDS / BL URL IP
2023-02-08 09:56:26 +0000 0 - 5 - 1 38.153.157.57/213/vbc.exe 38.153.157.57
2023-02-08 09:56:20 +0000 0 - 1 - 1 38.153.157.57/13.doc 38.153.157.57
2023-02-08 09:24:42 +0000 0 - 2 - 11 bcfty.com/ 38.6.87.42
2023-02-08 08:18:34 +0000 0 - 2 - 2 70809010.com/verify.php 38.239.185.167
2023-02-08 06:32:04 +0000 0 - 1 - 0 562014.installic.com/o/skypetalk/Setup.exe?mo (...) 38.238.251.226


Last 5 reports on domain: elmstreetfurniture.com
Date UQ / IDS / BL URL IP
2022-11-11 18:36:54 +0000 53 - 0 - 48 elmstreetfurniture.com/login.php 38.45.121.155
2022-11-11 17:13:51 +0000 53 - 0 - 48 elmstreetfurniture.com/login.php 38.45.121.155
2022-11-11 15:44:57 +0000 55 - 0 - 51 elmstreetfurniture.com/ 38.45.121.155
2022-11-11 15:44:29 +0000 53 - 0 - 48 elmstreetfurniture.com/login.php 38.45.121.155
2022-11-11 15:35:56 +0000 53 - 0 - 48 elmstreetfurniture.com/login.php 38.45.121.155


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-16 21:19:03 +0000 0 - 1 - 30 applesacxx.top/ 47.243.112.87
2023-01-16 07:22:51 +0000 0 - 1 - 9 appleassdx.top/ 47.243.112.87
2023-01-15 18:44:33 +0000 0 - 1 - 6 applesacc.top/ 47.243.112.87
2023-01-15 17:14:56 +0000 0 - 2 - 0 applecss.top/ 47.243.112.87
2023-01-11 12:35:50 +0000 50 - 0 - 49 192.252.188.41/login.php 192.252.188.41

JavaScript

Executed Scripts (11)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (80)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9798
Expires: Fri, 11 Nov 2022 18:28:03 GMT
Date: Fri, 11 Nov 2022 15:44:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2572
Cache-Control: max-age=156574
Date: Fri, 11 Nov 2022 15:44:45 GMT
Etag: "636e247f-1d7"
Expires: Sun, 13 Nov 2022 11:14:19 GMT
Last-Modified: Fri, 11 Nov 2022 10:31:27 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "00E3B967C579B0CCF709B78D497A43D95646B16EB50925FEF1E2694C58F290B2"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3609
Expires: Fri, 11 Nov 2022 16:44:54 GMT
Date: Fri, 11 Nov 2022 15:44:45 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 11 Nov 2022 15:43:53 GMT
cache-control: public,max-age=3600
age: 52
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    d130218d0e2841f39c99610fe1a2ab90
Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945
Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: i+BNA/M8Cc0ua50GoqUipsi1iy8YjXT5lbhcbnWS2inl1pCA1PzPNd+vjv2NXuXjnA/hGPdT+M0=
x-amz-request-id: PM0DSWKEGE89W8RB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 11 Nov 2022 15:12:37 GMT
age: 1928
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 11 Nov 2022 15:44:45 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Last-Modified, ETag, Alert, Backoff, Content-Type, Retry-After, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 11 Nov 2022 14:44:48 GMT
cache-control: public,max-age=3600
age: 3598
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET / HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         38.45.121.155
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
location: login.php


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2100
Cache-Control: max-age=151026
Date: Fri, 11 Nov 2022 15:44:46 GMT
Etag: "636e10ac-1d7"
Expires: Sun, 13 Nov 2022 09:41:52 GMT
Last-Modified: Fri, 11 Nov 2022 09:06:52 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vjqv2PcO39olspPzWkpyag==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.165.143.157
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: L2bNfTAjIvPj3gK8bIpD49Q6y7s=

                                        
                                            GET /fonts?families=SF+Pro,v3|SF+Pro+Icons,v3|SF+Pro+JP,v1 HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/login.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:46 GMT
Content-Length: 18
Last-Modified: Mon, 19 Sep 2022 13:18:14 GMT
Connection: keep-alive
ETag: "63286c16-12"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   18
Md5:    97f0f9e4a7bed947f3e1d424cc95f05e
Sha1:   4ce3a5ef51a9c96360e4fc2155c4a5b3e34ab933
Sha256: ae18c3e0e5e181a76a9c3f5bede0d1b312efb6f93af0f3a041097246665d7281

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /css/ac-globalfooter.built.css HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/login.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:47 GMT
Last-Modified: Mon, 19 Sep 2022 13:18:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63286c3a-b0d8"
Expires: Sat, 12 Nov 2022 03:44:47 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (45087), with no line terminators
Size:   6946
Md5:    7adc13a71a35542f0b86d38b3ac029ac
Sha1:   293b76daffee14cee3cbd6c9e198148364ed829c
Sha256: 92083ba586e967e2979b4ecad1451cef0391a560cee77739ccfeee91c92e3ff8

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /js/common-header.js HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/login.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:47 GMT
Last-Modified: Sat, 02 Apr 2022 01:03:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6247a0d4-3344"
Expires: Sat, 12 Nov 2022 03:44:47 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   3931
Md5:    8176e29a62b2ed33cea92bc491ddd4d7
Sha1:   4bcbec4561393e5a8a604dfeb1b84d0bf4378862
Sha256: a5a9cc96525232ee144297e08f1a5dc611fcf065a3f1a513e235eca394c75a23

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            POST / HTTP/1.1 
Host: ocsp.trust-provider.cn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         47.246.44.205
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Tengine
Transfer-Encoding: chunked
Connection: keep-alive
date: Fri, 11 Nov 2022 15:42:31 GMT
last-modified: Fri, 11 Nov 2022 02:10:46 GMT
expires: Fri, 18 Nov 2022 02:10:45 GMT
etag: "dd2d5a94a6f70129ea90e0be3a1f713d4bbd9133"
cache-control: max-age=602850,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb4
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 768823672c059019-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1668181351
via: cache2.l2de2[0,0,304-0,H], cache17.l2de2[1,0], cache4.se1[0,0,200-0,H], cache2.se1[1,0], cache3.se1[3,0]
age: 136
x-cache: HIT TCP_MEM_HIT dirn:2:460082978
x-swift-savetime: Fri, 11 Nov 2022 15:42:45 GMT
x-swift-cachetime: 1786
timing-allow-origin: *, *
eagleid: 2ff62c9716681814872214339e, 2ff62c9716681814872214339e

                                        
                                            GET /css/9-f0662a8d608d440419bb.css HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/login.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:47 GMT
Last-Modified: Mon, 19 Sep 2022 13:32:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63286f7c-1cdb9"
Expires: Sat, 12 Nov 2022 03:44:47 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   8524
Md5:    0b642ee6ce702c2db5ceffc6c1c936dc
Sha1:   5b87a0d206578ddc4a057c95e22bccbc4e38350e
Sha256: 759db4a757498ebe7caa6be23a698019074eb1d64821f93505f82e69f0910ad8

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /css/ac-globalnav.built.css HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/login.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:47 GMT
Last-Modified: Tue, 20 Sep 2022 00:47:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63290db2-22299"
Expires: Sat, 12 Nov 2022 03:44:47 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (712), with CRLF line terminators
Size:   17761
Md5:    cac0cca22926419fcf64d96acec483d3
Sha1:   1fe71b2a20f4f0cbd8abbaf42f6cbf04f091644a
Sha256: dfb5528773c48716b77dadaf67ca4b7d5333bd8bcf22c58a45e14437c89cfbb2

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /css/translateelement.css HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/login.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:47 GMT
Last-Modified: Mon, 19 Sep 2022 13:34:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63286fcc-5c9c"
Expires: Sat, 12 Nov 2022 03:44:47 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (514), with CRLF line terminators
Size:   4637
Md5:    9c297658f042cc72171ee3fe82aa421f
Sha1:   62230faf93a85ffaaea2b312056a100750107667
Sha256: dfc3bd6cf45b00f9f2ecd7b1804201010f5d33c003622c298b67bb473673fe9c

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /js/authService.latest.min.js HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/login.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:47 GMT
Last-Modified: Fri, 01 Apr 2022 11:21:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6246e056-b10c"
Expires: Sat, 12 Nov 2022 03:44:47 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (45212)
Size:   14983
Md5:    402af65fb6f987a35c1216d3a764fac2
Sha1:   53118a28cd1940d988a6adef97b483d857b42b1a
Sha256: 431a2ffbdaf402ae477e88a754363bf9a226cd3adbda875b239bf4434ca421ba

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /ajax/libs/layer/3.5.1/theme/default/layer.min.css HTTP/1.1 
Host: cdn.bootcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://elmstreetfurniture.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         120.52.95.234
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Fri, 11 Nov 2022 15:44:47 GMT
content-length: 2655
server: openresty
access-control-allow-origin: *
age: 13678632
cf-cache-status: MISS
cf-ray: 716f9b8aef137e9f-LAX
cache-control: public, max-age=30672000
content-encoding: gzip
cross-origin-resource-policy: cross-origin
etag: "60c373da-a5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Sat, 27 May 2023 07:59:15 GMT
last-modified: Fri, 11 Jun 2021 14:31:54 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=48xpaZOmBqYDa%2BYmD8uAG7J4y9708fRESewOa4rF3Sx0OQuZ0eSkqF9PL2RlSyd6lGGx1n3fnGLy4y7PHARsQcxYflRJHhKcHMHb0e8FBWU22pcpz3ddrEQ4xhjUoWasid2nNLvC"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
timing-allow-origin: *
x-ccdn-cachettl: 31536000
x-ccdn-expires: 17857395
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cdnjs-via: cfworker/kv
nginx-hit: 1
nginx-vary: Accept-Encoding
via: CHN-HElangfang-AREACUCC1-CACHE24[3],CHN-HElangfang-AREACUCC1-CACHE11[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE14[9],CHN-TJ-GLOBAL1-CACHE118[0,TCP_HIT,0]
x-hcs-proxy-type: 1
vary: Accept-Encoding
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13770), with no line terminators
Size:   2655
Md5:    05ae802f2b0c046ea76de17d3bdda747
Sha1:   a56f4ce1f0d1583ca8a2d4452927e735a2872f4d
Sha256: 338fbbaf917ace7fb44fd37cc78fdbcc5a8bc93663d2544744fa93537dc75cc8
                                        
                                            GET /css/WebApp-03d2d506104af95e9403.css HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/login.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:47 GMT
Last-Modified: Mon, 19 Sep 2022 13:33:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63286f96-36687"
Expires: Sat, 12 Nov 2022 03:44:47 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (64346), with no line terminators
Size:   20513
Md5:    a2c7869970bc2601f28902bba63469a4
Sha1:   96062241a094ff239e0a9510a4fb844d2c10ec2e
Sha256: 3a8553a03f206c216a7c2426058cf7f80a7f4361673f1877e55a075d4c13418d

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /css/home-fb52c0bef2f9283c9396.css HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/login.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:47 GMT
Last-Modified: Mon, 19 Sep 2022 13:22:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63286d26-af2e5"
Expires: Sat, 12 Nov 2022 03:44:47 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65298), with no line terminators
Size:   67068
Md5:    8ff19cce10edb67b378c2de498c78940
Sha1:   d70966eaf71279d0dfd48807caed0729ad297ee6
Sha256: b096b6d21f5264ee8d42e4b32edf9ea247b53e202c981b7af1dd8e808f6cbd5c

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3487
Expires: Fri, 11 Nov 2022 16:42:55 GMT
Date: Fri, 11 Nov 2022 15:44:48 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3487
Expires: Fri, 11 Nov 2022 16:42:55 GMT
Date: Fri, 11 Nov 2022 15:44:48 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3487
Expires: Fri, 11 Nov 2022 16:42:55 GMT
Date: Fri, 11 Nov 2022 15:44:48 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c9847f2-3b5e-4950-9792-a512af36da58.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6517
x-amzn-requestid: 78eb1490-4afb-497e-9dbd-afd6ddf9cc48
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bG23pFPLoAMFxcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6365d1ca-4c9caca164576bfe07c9c05c;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 03:00:26 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zllrXRZmtjHqA98lS_q0Wtx5TeEh2cEy3tr_eGkozM_jWxTIA5d60g==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 21:48:34 GMT
age: 64574
etag: "96de8f2627e1103c5e6beb5d64cdbc09f97fce82"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6517
Md5:    f29164fb4dd64d9ce60566fbebd40f0a
Sha1:   96de8f2627e1103c5e6beb5d64cdbc09f97fce82
Sha256: 8eba6095edfed1ee1402c050727f81b8a9942625fd1c9cbb3bac4e51ee178577
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e7dc40a-e47f-44b5-b3b4-87b10cd8669d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10671
x-amzn-requestid: 1b6053eb-64ac-4c24-a750-c1b8cd69157f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJEh8GxPoAMFhPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366b472-56c6a3bc07ec89ab56d4f3bd;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 19:07:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qJeWGvC4DM_d3k66OHN2V19elou-xoSNkep1BNalBO0NtKyQtAFzNQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 04:30:53 GMT
age: 40435
etag: "5fe340bf33ac219f6a3d44810f31d0a8796c83a9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10671
Md5:    e72f32944d6f03e005f7b6f3e87d8c72
Sha1:   5fe340bf33ac219f6a3d44810f31d0a8796c83a9
Sha256: bcdcba30210d276996d0fe749bbfc69d666ae11ddfbfdb57307e4bb4d6e43d1f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad1abae5-6437-44bf-8428-756b825e5be6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8294
x-amzn-requestid: 233f9724-1c36-426d-8299-1f6577a6e5e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bZ4lmE60IAMF1Lw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636d6e23-4b2763b42d8a57044dfa8144;Sampled=0
x-amzn-remapped-date: Thu, 10 Nov 2022 21:33:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QaMTrn0ZUptFLGY0x7bytPsJZHnLvdpMnU0XGCBU2pkmiA4MO8DIUw==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 21:46:56 GMT
etag: "815a4a1eb8c8e2a138fb3d65ba777b0c18fa15d0"
age: 64672
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8294
Md5:    88c9931a009690991e73c5b37a1aa085
Sha1:   815a4a1eb8c8e2a138fb3d65ba777b0c18fa15d0
Sha256: 74e70391889e4b46742033b1d5daccfec415ba2ee999e429d1013fd4a1ebc61a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5530631-4859-4685-8ab3-a5b1013cd2cb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11527
x-amzn-requestid: a2a00c3d-12f7-412b-ba02-6bda7aa60586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bNfYZHXhIAMFVYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63687902-593d2a380bac7a567af893d3;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 03:18:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: -4aHIcRGJA05uxZs2HkLI5SBdino1x_a5dIH9soWfxKe1mVNhwpglA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 09:59:00 GMT
age: 20748
etag: "d43bb27911013930ed09d9609a71d737e0838556"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11527
Md5:    1ae1fe42d639643009ccee5a7ef770fd
Sha1:   d43bb27911013930ed09d9609a71d737e0838556
Sha256: d5fc8515f49a0b90e083f6a6025c3dc71dba286e15d5b3f841772d60d2e68fb2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5583
x-amzn-requestid: e844f42a-e87e-4e61-8c97-137c07c5ae28
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bNeQ9Ho7IAMF5_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63687739-62c44d2f7d23632e74895bd8;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 03:10:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: uHlIN1IVGCFUVl5lx5pFSux0YncseT2HQjiwFDL9eaEaBa9CdnCl8g==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 07:47:38 GMT
age: 28630
etag: "691f59b65ca9fde4f59bbf96b37071e07351f190"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5583
Md5:    85c6f450b38f41a2fb924d6d9a9cbff8
Sha1:   691f59b65ca9fde4f59bbf96b37071e07351f190
Sha256: c8f877488a2cf65f0d9829384fd4113847722a1b4df94b6b1d5788699689722c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4094512-9a5a-47aa-9796-9f630fb1c13f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8581
x-amzn-requestid: 385174fe-153f-448f-be5e-9ea3b5757ff9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bZ4u1EYOIAMFncA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636d6e5e-6084a34f58df22037275e676;Sampled=0
x-amzn-remapped-date: Thu, 10 Nov 2022 21:34:22 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xSnHWpFlXeyf08gYjPn02H88Hta9fhiDjDOukoKtt6PPVBl_gNTfgw==
via: 1.1 dfc972676b24a6d23251d4f298dfa08c.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 21:46:56 GMT
age: 64672
etag: "e0d1ebb35a16c686eae3d31eb85ac72278459b05"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8581
Md5:    13f7b6eea163326da8c58ae5c09efccd
Sha1:   e0d1ebb35a16c686eae3d31eb85ac72278459b05
Sha256: 13f2f428acb7806808d957a8167ab2c139a5d0f59798671465717f2b39b914a9
                                        
                                            GET /login.php HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr
Upgrade-Insecure-Requests: 1

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (40674), with CRLF line terminators
Size:   1657203
Md5:    af30bda75cac46698ecfcba811f31699
Sha1:   2acf03a5ce7f0b0de6cc4faf15dbabd6aa9690e2
Sha256: 9f7311658cc418038df71d25804dd94b4d80e25d428faec5c81661cbeaf85a62

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
    - fortinet: Phishing
                                        
                                            GET /js/layui.js HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/login.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:47 GMT
Last-Modified: Mon, 20 Sep 2021 12:34:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61487fba-471da"
Expires: Sat, 12 Nov 2022 03:44:47 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   107116
Md5:    2f29f76899a0b33ccaca0092e04b6310
Sha1:   1149691c480dde19aec3069a50e8118d582be115
Sha256: ea64b8c305fdd45231245ff14af8c10eb88623c7cc4182bda1b2d1df711c1090

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /js/runtime-1e5270356d25a1c3f4d6.js HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/login.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:48 GMT
Last-Modified: Mon, 19 Sep 2022 13:22:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63286d2a-1159"
Expires: Sat, 12 Nov 2022 03:44:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (4441), with no line terminators
Size:   2224
Md5:    dde9647e9d282ff020d482198f805c6b
Sha1:   1a41ec371d4985e6ace437a03f37ee4e548eef45
Sha256: 93fcc3f17d1daadbe8dbedc3dbd26b39cfd8c464f84d713d1acdf6347af9691d

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /js/css/modules/laydate/default/laydate.css?v=5.3.1 HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/login.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:48 GMT
Content-Length: 146
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  urlquery:
    - Phishing - Apple
                                        
                                            GET /js/css/modules/layer/default/layer.css?v=3.5.1 HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/login.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:48 GMT
Content-Length: 146
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /js/css/modules/code.css?v=2 HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/login.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:48 GMT
Content-Length: 146
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /ifam.php HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/login.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr
Upgrade-Insecure-Requests: 1

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (342), with CRLF line terminators
Size:   3826
Md5:    247dfd7db0dd56a38b5b66408d5f270f
Sha1:   ff59526171d586c770c17397c4d6155019dc214a
Sha256: 72915cea85f470e4997ec711a379eba47bc02fad80263b485704fa56aa03f5d1

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6395
Cache-Control: max-age=96309
Date: Fri, 11 Nov 2022 15:44:49 GMT
Etag: "636d2a2b-1d7"
Expires: Sat, 12 Nov 2022 18:29:58 GMT
Last-Modified: Thu, 10 Nov 2022 16:43:23 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /appleauth/static/cssj/N917722969/widget/auth/app-sk7.css HTTP/1.1 
Host: appleid.cdn-apple.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://elmstreetfurniture.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.60.29.145
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: Apple
Cache-Control: public, max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
ETag: W/"432198-1662741474924"
Last-Modified: Fri, 09 Sep 2022 16:37:54 GMT
Vary: accept-encoding
Content-Encoding: gzip
Content-Length: 42117
Date: Fri, 11 Nov 2022 15:44:49 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (64877), with no line terminators
Size:   42117
Md5:    487bae6b2682e508bdfb59eb0f5e0d38
Sha1:   aadb8e297f18585ba87c1839d7455adfb5ee5d18
Sha256: 785dbe4b513e1884bfb5ceea62345ba2c4c18682afabf8910d0e8dc0b186afe8
                                        
                                            GET /images/appleicons_text.woff HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://elmstreetfurniture.com/css/ac-globalfooter.built.css
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:48 GMT
Content-Length: 146
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /images/globalnav_apple_image__b5er5ngrzxqq_large.svg HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/css/ac-globalnav.built.css
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:48 GMT
Content-Length: 863
Last-Modified: Mon, 19 Sep 2022 13:18:14 GMT
Connection: keep-alive
ETag: "63286c16-35f"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (863), with no line terminators
Size:   863
Md5:    4dae9194a5e65e014b2041b611b48cb8
Sha1:   d483dc0b8dfa26b582d3c317f7321f274ddd486a
Sha256: 185fef753937fdebf36104cf6481152e587d964a1b3496ab5d7623922a147a44

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /images/globalnav_links_store_image__c7jy08initqq_large.svg HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/css/ac-globalnav.built.css
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:48 GMT
Content-Length: 2512
Last-Modified: Mon, 19 Sep 2022 13:18:16 GMT
Connection: keep-alive
ETag: "63286c18-9d0"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2420)
Size:   2512
Md5:    399f0509fef7c1cada7ceefd42399232
Sha1:   c3211314a7f159e7a7b5178b469adb707d2180b7
Sha256: 55d7561df16af1de5799324be81a44754dad9dab88ff218332afe9f025d77cc6

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1|SF+Pro+JP,v1 HTTP/1.1 
Host: www.apple.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://elmstreetfurniture.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.38.200.210
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
server: Apple
content-length: 0
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
cache-control: max-age=3600
expires: Fri, 11 Nov 2022 16:44:49 GMT
date: Fri, 11 Nov 2022 15:44:49 GMT
x-cache: TCP_MISS from a23-36-79-12.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
x-cache-remote: TCP_MISS from a2-22-54-102.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2

                                        
                                            GET /images/globalnav_links_mac_image__dazlko3t9a6a_large.svg HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/css/ac-globalnav.built.css
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:49 GMT
Content-Length: 1105
Last-Modified: Mon, 19 Sep 2022 13:18:16 GMT
Connection: keep-alive
ETag: "63286c18-451"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1105), with no line terminators
Size:   1105
Md5:    36666f15bc54f2814c47f77a14c39ec1
Sha1:   8b001bdd20709a6d493a736db25f638313b9475a
Sha256: 85b8c05e05b9e061cc54ea913585892d53a4a924e21ca56a5e8a157530fcadec

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /js/initBootData.js HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/ifam.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:49 GMT
Last-Modified: Fri, 01 Apr 2022 12:49:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6246f4be-152f"
Expires: Sat, 12 Nov 2022 03:44:49 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (5423), with no line terminators
Size:   1995
Md5:    779674048d60b3b4d6c3190b8feb6abe
Sha1:   499576d96f5178b10ad36d4236f1017f5ee172f6
Sha256: 688cbb22dd58fea52b88b4a93346b5a542b641c98ecb13973ae22e44b379229c

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /js/react-redux-kit-1e87608eed8058e6ffc0.js HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/login.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:48 GMT
Last-Modified: Mon, 19 Sep 2022 13:22:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63286d2a-29d5b"
Expires: Sat, 12 Nov 2022 03:44:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65441)
Size:   63884
Md5:    d30d66e8f3b40ea2bf93d80ab3de0e90
Sha1:   28438d647b58c9e4bb53543efb0c76339aebae37
Sha256: 9f79529397e733a6f27b910a5f505f94ae4b6ed9cd534fc70d47ecef7e4461b1

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /images/appleicons_text.woff HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://elmstreetfurniture.com/css/ac-globalfooter.built.css
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:49 GMT
Content-Length: 146
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /js/initLocalizationStrings.js HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/ifam.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:49 GMT
Last-Modified: Fri, 01 Apr 2022 12:48:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6246f4a6-717"
Expires: Sat, 12 Nov 2022 03:44:49 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (1815), with no line terminators
Size:   721
Md5:    eade3574489cc198a02efd6d573a805c
Sha1:   6f68b1a6b01c3db710a3237969025540f6bb9072
Sha256: 6922f2855512b4f1cf2c7e1df5cd5a86491c340dd0994eea16c8df0bced98e39

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /js/jquery-3.4.1.min.js HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/ifam.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:49 GMT
Last-Modified: Wed, 22 Dec 2021 15:01:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61c33dc0-15853"
Expires: Sat, 12 Nov 2022 03:44:49 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65450), with CRLF line terminators
Size:   34496
Md5:    667c9c5dd8a5359706c30ee4caed17a5
Sha1:   ad6cc9c3a980ab49b4f866d8f9a07e9f1430ee61
Sha256: a7bfb24a1de261b50caa4fe9fa4ba397af22972fce7c759a419dce3dd3d2a8a4

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /images/appleicons_text.ttf HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/css/ac-globalfooter.built.css
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:49 GMT
Content-Length: 146
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /js/home-e276699b7bbc33a79594.js HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/login.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:48 GMT
Last-Modified: Mon, 19 Sep 2022 13:22:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63286d2c-8868a"
Expires: Sat, 12 Nov 2022 03:44:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65452)
Size:   176400
Md5:    ceb484bf47a3d636f1c3d99165de328a
Sha1:   01709f893d33b68f6d83de8572722f33add3f26a
Sha256: 973ef68bf499f80b65c66033dc41cfe540f7bafa318e28fc8d36c05346c8a6e2

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /images/globalnav_links_ipad_image__fw9qyj9lloi2_large.svg HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/css/ac-globalnav.built.css
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:49 GMT
Content-Length: 1164
Last-Modified: Mon, 19 Sep 2022 13:18:18 GMT
Connection: keep-alive
ETag: "63286c1a-48c"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1164), with no line terminators
Size:   1164
Md5:    5a9af6ecd77077002610bf47d03dbd76
Sha1:   78be8bef9a06877016142a3a02dd6dc285997707
Sha256: 31543acd0ac919c7d8f12cdc9e825b73a9e9ee49c6401a3b71eb56dc36610873

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /images/globalnav_links_iphone_image__ko7x4isga4ia_large.svg HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/css/ac-globalnav.built.css
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:49 GMT
Content-Length: 1405
Last-Modified: Mon, 19 Sep 2022 13:18:20 GMT
Connection: keep-alive
ETag: "63286c1c-57d"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1405), with no line terminators
Size:   1405
Md5:    06aaf09947f2ba9606781517d5e16d49
Sha1:   85ead5f8d49704fea33096acdab98d84db2d3228
Sha256: 1ef5ee6840f53e79a2d93d107829d6abfb11e1f9f2e0891bd320619ff5ce7799

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /images/globalnav_links_watch_image__gkoblojrlsqe_large.svg HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/css/ac-globalnav.built.css
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:49 GMT
Content-Length: 1309
Last-Modified: Mon, 19 Sep 2022 13:18:20 GMT
Connection: keep-alive
ETag: "63286c1c-51d"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1309), with no line terminators
Size:   1309
Md5:    ae648f9c024ce0cd752fb5f62d527075
Sha1:   1013d4e8819e9b83e3de2c708452b617ce3643f4
Sha256: 7889fed7ca01fa0705b734d8374be93aabe54474b7fb9879bd483b396465c22e

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /images/globalnav_links_airpods_image__f969s84ivmaa_large.svg HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/css/ac-globalnav.built.css
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:49 GMT
Content-Length: 1722
Last-Modified: Mon, 19 Sep 2022 13:18:22 GMT
Connection: keep-alive
ETag: "63286c1e-6ba"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1722), with no line terminators
Size:   1722
Md5:    532c4211677add3e58c31720ac151c35
Sha1:   9400f7e77d5fd117ec45dbc376ae6eb887ff12d2
Sha256: e7f5e4bb2a9897973aad5732fa800bcf8609ce74f54b6d5621077e51d0cdd800

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /js/css/modules/laydate/default/laydate.css?v=5.3.1 HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/ifam.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:49 GMT
Content-Length: 146
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  urlquery:
    - Phishing - Apple
                                        
                                            GET /js/css/modules/layer/default/layer.css?v=3.5.1 HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/ifam.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:49 GMT
Content-Length: 146
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /js/css/modules/code.css?v=2 HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/ifam.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:49 GMT
Content-Length: 146
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /appleauth/static/bin/cb1633718600/dist/assets/HR_gradient_dark.png HTTP/1.1 
Host: appleid.cdn-apple.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleid.cdn-apple.com/appleauth/static/cssj/N917722969/widget/auth/app-sk7.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         23.60.29.145
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: Apple
Cache-Control: public, max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
ETag: W/"1240-1666126709463"
Last-Modified: Tue, 18 Oct 2022 20:58:29 GMT
Vary: accept-encoding
Content-Encoding: gzip
Content-Length: 1263
Date: Fri, 11 Nov 2022 15:44:50 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  PNG image data, 382 x 50, 4-bit colormap, non-interlaced\012- data
Size:   1263
Md5:    94ac33ef626d201b1093264f6438c201
Sha1:   341cc1e181909f6feb6f0b97b9aadfa79bae00be
Sha256: f1eba2e630f0c5f98187b94528869e15a8ab6558a8cb96f68339875b6d5c27e7
                                        
                                            GET /appleauth/static/bin/cb3432457731/dist/assets/shared-icons.woff HTTP/1.1 
Host: appleid.cdn-apple.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://elmstreetfurniture.com
Connection: keep-alive
Referer: https://appleid.cdn-apple.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         23.60.29.145
HTTP/1.1 200 OK
Content-Type: application/x-font-woff
                                        
Server: Apple
Cache-Control: public, max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Origin: *
ETag: W/"9552-1666126710017"
Last-Modified: Tue, 18 Oct 2022 20:58:30 GMT
Vary: Accept-Encoding
Date: Fri, 11 Nov 2022 15:44:50 GMT
Content-Length: 9552
Connection: keep-alive


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 9552, version 1.0\012- data
Size:   9552
Md5:    e9e7624727ba14678b9a71b6f90745e3
Sha1:   0f0b7625cd06387c601f1632b0f69719b920f68a
Sha256: 6de3580fdeace0ff74927b2449e34587dd0b2a03c7711cf0087925e25429efe3
                                        
                                            GET /js/439-1cb23e3fe41edc2eeb1b.js HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/login.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:49 GMT
Content-Length: 146
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /js/78-b1ce7e924e41ab3814e3.js HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/login.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:49 GMT
Content-Length: 146
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /bootstrap/portal HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Apple-I-Request-Context: ca
X-Apple-I-TimeZone: UTC
X-Apple-I-FD-Client-Info: {"U":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0","L":"en-US","Z":"GMT+00:00","V":"1.1","F":"Fla44j1e3NlY5BNlY5BSmHACVZXnN9.6JjJcTjN3A2.2dI_AIQjvEodUW2vqBBNkWikkJdlHb9WJfSuMsFjkxjTlWY5BNlYJNNlY5QB4bVNjMk.5Tg"}
Content-Type: application/json
Connection: keep-alive
Referer: http://elmstreetfurniture.com/login.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:49 GMT
Content-Length: 146
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /js/9-f0662a8d608d440419bb.css HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/login.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:50 GMT
Content-Length: 146
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /js/9-2ba66973e16431b07303.js HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/login.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:50 GMT
Content-Length: 146
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /js/WebApp-03d2d506104af95e9403.css HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/login.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:50 GMT
Content-Length: 146
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /js/WebApp-0dfaede4b4b378c105c6.js HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/login.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:50 GMT
Content-Length: 146
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /js/app.js HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/ifam.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:49 GMT
Last-Modified: Fri, 01 Apr 2022 12:47:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6246f460-6557c"
Expires: Sat, 12 Nov 2022 03:44:49 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (44609), with CRLF line terminators
Size:   138385
Md5:    0262e57e57d63f5e6cf5c75e488e2771
Sha1:   25b39ce874446f5f38bf4de477f8164021195367
Sha256: 2f0af3b16cfc3fbf13f0bd34228fd88963d00c8426f06c569e4b187136a075f1

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /account/manage/gs/ws/token HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Apple-I-Request-Context: ca
X-Apple-I-TimeZone: UTC
X-Apple-I-FD-Client-Info: {"U":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0","L":"en-US","Z":"GMT+00:00","V":"1.1","F":"Nla44j1e3NlY5BNlY5BSmHACVZXnN9.6JjJcTjQhpCSV0odm_dhrxbuJjkWxv55BNJrNN9JsdI_FeKixAw7MsTrjNklY5BNleBBNlYCa1nkBMfs.7TN"}
Content-Type: application/json
Connection: keep-alive
Referer: http://elmstreetfurniture.com/login.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:50 GMT
Content-Length: 146
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /images/globalnav_links_accessories_image__edj0wqmfwxyu_large.svg HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/css/ac-globalnav.built.css
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:50 GMT
Content-Length: 3656
Last-Modified: Mon, 19 Sep 2022 13:18:24 GMT
Connection: keep-alive
ETag: "63286c20-e48"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3656), with no line terminators
Size:   3656
Md5:    566c30209ebb4397f11080360820eb0f
Sha1:   78ed9fca55ef33248492b2c6440b213ea2cf05e7
Sha256: 17aa4b44dae653f9a47130f8b6dcd98ec680f08a5bee286c8a9cdc8e5a3d678d

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /images/globalnav_links_support_image__bw9kctll7u3m_large.svg HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/css/ac-globalnav.built.css
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:50 GMT
Content-Length: 1934
Last-Modified: Mon, 19 Sep 2022 13:18:26 GMT
Connection: keep-alive
ETag: "63286c22-78e"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1934), with no line terminators
Size:   1934
Md5:    ee2b0ca1781358693a311e0bc878044d
Sha1:   79b573a8fd08146b3cd0bd44024b3b4c4b91a3d1
Sha256: 71392abcfe2eac44a408c9a10ee75abb8661fa50072880379cb00833142370b7

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /images/globalnav_links_tvhome_image__zb2ewyxbi6ae_large.svg HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/css/ac-globalnav.built.css
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:50 GMT
Content-Length: 2194
Last-Modified: Mon, 19 Sep 2022 13:18:22 GMT
Connection: keep-alive
ETag: "63286c1e-892"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2194), with no line terminators
Size:   2194
Md5:    e3b8b69654ba6d67509f816476742077
Sha1:   663c6a90703589eb654acd92a6e4d4e5239c617a
Sha256: a1a6667c2d48c2865744854bebc70c4c526d0060aaa841662c4bd16deac78f07

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /images/globalnav_links_onlyonapple_image__c4t8k97tougm_large.svg HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/css/ac-globalnav.built.css
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:50 GMT
Content-Length: 3177
Last-Modified: Mon, 19 Sep 2022 13:18:24 GMT
Connection: keep-alive
ETag: "63286c20-c69"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3005)
Size:   3177
Md5:    50de11e2f0aa5753701ce19750732b22
Sha1:   45eb97fa5125b99b8e75f84aa7f722befe894587
Sha256: f4f0faac906bf261752abe7ed163f6207b3c894548972d3f4e9d47c93fd1ae3e

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /images/globalnav_search_image__cbllq1gkias2_large.svg HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/css/ac-globalnav.built.css
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:50 GMT
Content-Length: 541
Last-Modified: Mon, 19 Sep 2022 13:18:26 GMT
Connection: keep-alive
ETag: "63286c22-21d"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (541), with no line terminators
Size:   541
Md5:    dcce8dc625344dbb357d0ba1a490d632
Sha1:   08e6421db8f4b80aec102ebb1f0c45d1c40154c1
Sha256: a744871014431ff682fd7c87ed6fd05fb502dcd707c971b070cc88fc18f881d3

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /images/branding/product/2x/translate_24dp.png HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/

search
                                         142.250.74.163
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Content-Length: 1842
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 11 Nov 2022 01:33:10 GMT
Expires: Sat, 11 Nov 2023 01:33:10 GMT
Cache-Control: public, max-age=31536000
Age: 51100
Last-Modified: Thu, 14 Oct 2021 09:08:00 GMT


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size:   1842
Md5:    c69c796362406f9e11c7f4bf5bb628da
Sha1:   e489ce95ab56208090868882113d7416abf46775
Sha256: 4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Alerts:
  urlquery:
    - Phishing - Apple
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 11 Nov 2022 15:44:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /images/globalnav_bag_image__yzte50i47ciu_large.svg HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/css/ac-globalnav.built.css
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:50 GMT
Content-Length: 477
Last-Modified: Mon, 19 Sep 2022 13:18:28 GMT
Connection: keep-alive
ETag: "63286c24-1dd"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (477), with no line terminators
Size:   477
Md5:    5e492adfec449ed0274f1da0a2877ee6
Sha1:   eb85381b2fbc061b4692d47da187b00f89604a03
Sha256: 9f86e7072e1441b16c4f9bb1dcde29f5e4f57409aa0e1f23462222ee7a0935af

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.
                                        
                                            GET /images/branding/product/1x/translate_24dp.png HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://elmstreetfurniture.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Nov 2022 15:42:06 GMT
expires: Sat, 11 Nov 2023 15:42:06 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
age: 164
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   846
Md5:    e9cd262114358f26b7608b56905185dc
Sha1:   6dbde0a96deaab2b529723ce26c62043cf9180ab
Sha256: 5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Alerts:
  urlquery:
    - Phishing - Apple
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 11 Nov 2022 15:44:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /images/favicon.ico HTTP/1.1 
Host: elmstreetfurniture.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmstreetfurniture.com/login.php
Cookie: PHPSESSID=fsujfoel6dtj8nrqbvnnlf1fqr

search
                                         38.45.121.155
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Fri, 11 Nov 2022 15:44:50 GMT
Content-Length: 58543
Last-Modified: Mon, 19 Sep 2022 13:18:14 GMT
Connection: keep-alive
ETag: "63286c16-e4af"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size:   58543
Md5:    20185e47c8d4cba3665c0945f5dce680
Sha1:   d0f284533fbd5d1dea6922cf3b16b43e30bc0275
Sha256: 777eafe3dd18fa7e25672ad507d0a3890b7ccfdc88a1bc506e3b3b27371e72c8

Alerts:
  urlquery:
    - Phishing - Apple
  Blocklists:
    - openphish: Apple Inc.