r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2186
Expires: Wed, 30 Nov 2022 13:12:47 GMT
Date: Wed, 30 Nov 2022 12:36:21 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3260
Cache-Control: max-age=168558
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 12:36:21 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 11:25:39 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
accessholds.com/
199.188.200.35301 Moved Permanently 707 B IP 199.188.200.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: accessholds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Wed, 30 Nov 2022 12:36:21 GMT
server: LiteSpeed
location: https://accessholds.com/
x-turbo-charged-by: LiteSpeed
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8578
Expires: Wed, 30 Nov 2022 14:59:19 GMT
Date: Wed, 30 Nov 2022 12:36:21 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 12:19:41 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1000
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: IJp5pRqCgXlj+cvGptyTy4uARGGosMm+aAFmQ8FM//pIEl9C4G3Ev30fCAEdfCiKHPyCeaSiVJU=
x-amz-request-id: 6602E5AQ4BCSRRWZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 11:45:13 GMT
age: 3068
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 12:36:21 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 9369c83b966b7dfc2064f5cee89a38e7
00b8abc58c6836d6209763cc48e48957fa888134
32994b66d0bcb3952a7a30f4ec9ac789707302df3e24a0368f4ecde18d2c41d3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:36:22 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 13:56:04 GMT
Expires: Tue, 06 Dec 2022 13:56:03 GMT
Etag: "00b8abc58c6836d6209763cc48e48957fa888134"
Cache-Control: max-age=522580,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7723a0d52bd5b529-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 12:11:14 GMT
cache-control: public,max-age=3600
age: 1508
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3266
Cache-Control: max-age=163495
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 12:36:22 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 10:01:17 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.39.94.191101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.94.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mA4f3qU3RLeBrvm1AzrlaQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lisKdbZDdvw64R3oadAwKs3v1vo=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 12:36:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accessholds.com/wp-content/themes/themify-ultra/themify/themify-builder/js/themify.builder.script.min.js?ver=5.5.6
199.188.200.35200 OK 3.0 kB URL HTTP/2 accessholds.com/wp-content/themes/themify-ultra/themify/themify-builder/js/themify.builder.script.min.js?ver=5.5.6
IP 199.188.200.35:0
File type ASCII text, with very long lines (595)
Hash 46ca89ce35ee70d72cfecac734197c0b
c361dc7824b5b8eb57808c4ea7b102e72f6f2054
66eb24036421232da8344bd3c89c2ea9f0b7b6a22471500968de6b82a28fb3f4
GET /wp-content/themes/themify-ultra/themify/themify-builder/js/themify.builder.script.min.js?ver=5.5.6 HTTP/1.1
Host: accessholds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accessholds.com/
Cookie: twk_uuid_6205842b9bd1f31184dc095f=%7B%22uuid%22%3A%221.WromkpZ2jdSYrQYoPWC4zHtHYQrojI5jKgArUMoHc3lrB1Is0LE827Cc2zVSsO3BOZihPav9ceExd5OnvUKP73JIVfI3GeJiIlJPuAlQcXu57l3fMxtuABASV%22%2C%22version%22%3A3%2C%22domain%22%3A%22accessholds.com%22%2C%22ts%22%3A1669811757827%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:36:22 GMT
content-type: application/javascript
last-modified: Wed, 23 Mar 2022 19:05:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3028
date: Wed, 30 Nov 2022 12:36:22 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
accessholds.com/wp-content/uploads/2022/02/LogoMakr-5xotSc.png
199.188.200.35200 OK 4.3 kB URL HTTP/2 accessholds.com/wp-content/uploads/2022/02/LogoMakr-5xotSc.png
IP 199.188.200.35:0
File type PNG image data, 200 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash 04ef8bd43187b5ef6a9aeb60f0e8a692
249e7b2a97aec008c13200ff046a141747e9454a
aa77638bd97b038f5af575f3168db90f4f3ca73b437b0cc18558f2d9e47f5469
GET /wp-content/uploads/2022/02/LogoMakr-5xotSc.png HTTP/1.1
Host: accessholds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accessholds.com/
Cookie: twk_uuid_6205842b9bd1f31184dc095f=%7B%22uuid%22%3A%221.WromkpZ2jdSYrQYoPWC4zHtHYQrojI5jKgArUMoHc3lrB1Is0LE827Cc2zVSsO3BOZihPav9ceExd5OnvUKP73JIVfI3GeJiIlJPuAlQcXu57l3fMxtuABASV%22%2C%22version%22%3A3%2C%22domain%22%3A%22accessholds.com%22%2C%22ts%22%3A1669811757827%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:36:22 GMT
content-type: image/png
last-modified: Thu, 10 Feb 2022 20:39:15 GMT
accept-ranges: bytes
content-length: 4269
date: Wed, 30 Nov 2022 12:36:22 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
accessholds.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=5.9.5
199.188.200.35200 OK 237 B URL HTTP/2 accessholds.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=5.9.5
IP 199.188.200.35:0
Hash 83042c9c72bc38390b52906120f81c35
98a9789c05c0f981dca01d2c3622b5e458ba7589
a193b2efbe3e706cc8c633fff822f5a64eb0ee5f692c4a3495f3c7e58e8b7637
GET /wp-content/plugins/gtranslate/gtranslate-style24.css?ver=5.9.5 HTTP/1.1
Host: accessholds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accessholds.com/
Cookie: twk_uuid_6205842b9bd1f31184dc095f=%7B%22uuid%22%3A%221.WromkpZ2jdSYrQYoPWC4zHtHYQrojI5jKgArUMoHc3lrB1Is0LE827Cc2zVSsO3BOZihPav9ceExd5OnvUKP73JIVfI3GeJiIlJPuAlQcXu57l3fMxtuABASV%22%2C%22version%22%3A3%2C%22domain%22%3A%22accessholds.com%22%2C%22ts%22%3A1669811757827%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:36:22 GMT
content-type: text/css
last-modified: Thu, 10 Feb 2022 20:31:01 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 237
date: Wed, 30 Nov 2022 12:36:22 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
accessholds.com/wp-content/uploads/themify-concate/2641432782/themify-3870928748.min.css
199.188.200.35200 OK 29 kB URL HTTP/2 accessholds.com/wp-content/uploads/themify-concate/2641432782/themify-3870928748.min.css
IP 199.188.200.35:0
File type ASCII text, with very long lines (33783)
Hash 9bad7431c48610b9413d9a6e1e6797b6
8b6704e7c7bd5021c43a9598480d2820ea94901d
e60959aea3cf187090435e006f1f925eda86c4f0b9b150d0d6d026cd2e2cc591
GET /wp-content/uploads/themify-concate/2641432782/themify-3870928748.min.css HTTP/1.1
Host: accessholds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accessholds.com/
Cookie: twk_uuid_6205842b9bd1f31184dc095f=%7B%22uuid%22%3A%221.WromkpZ2jdSYrQYoPWC4zHtHYQrojI5jKgArUMoHc3lrB1Is0LE827Cc2zVSsO3BOZihPav9ceExd5OnvUKP73JIVfI3GeJiIlJPuAlQcXu57l3fMxtuABASV%22%2C%22version%22%3A3%2C%22domain%22%3A%22accessholds.com%22%2C%22ts%22%3A1669811757827%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:36:22 GMT
content-type: text/css
last-modified: Thu, 20 Oct 2022 10:15:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 29164
date: Wed, 30 Nov 2022 12:36:22 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
accessholds.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.4
199.188.200.35200 OK 848 B URL HTTP/2 accessholds.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.4
IP 199.188.200.35:0
Hash c962ba8e7d42ff9da18392b41dad5151
7b89bc5e6ad161df2e6d7f7fb3ad894aa04b827f
322a4949c5bdd82eb80c13bbbd407ce30a7ad226685c54270d246cb6960e524e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.4 HTTP/1.1
Host: accessholds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accessholds.com/
Cookie: twk_uuid_6205842b9bd1f31184dc095f=%7B%22uuid%22%3A%221.WromkpZ2jdSYrQYoPWC4zHtHYQrojI5jKgArUMoHc3lrB1Is0LE827Cc2zVSsO3BOZihPav9ceExd5OnvUKP73JIVfI3GeJiIlJPuAlQcXu57l3fMxtuABASV%22%2C%22version%22%3A3%2C%22domain%22%3A%22accessholds.com%22%2C%22ts%22%3A1669811757827%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:36:22 GMT
content-type: text/css
last-modified: Thu, 10 Feb 2022 20:25:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 848
date: Wed, 30 Nov 2022 12:36:22 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
accessholds.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
199.188.200.35200 OK 30 kB URL HTTP/2 accessholds.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 199.188.200.35:0
File type ASCII text, with very long lines (65447)
Hash 34f918ada1fe4f01c5a4b90065bbc37a
a731f6ce2d413805e39ae45994012b1bd5ea1e2b
eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: accessholds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accessholds.com/
Cookie: twk_uuid_6205842b9bd1f31184dc095f=%7B%22uuid%22%3A%221.WromkpZ2jdSYrQYoPWC4zHtHYQrojI5jKgArUMoHc3lrB1Is0LE827Cc2zVSsO3BOZihPav9ceExd5OnvUKP73JIVfI3GeJiIlJPuAlQcXu57l3fMxtuABASV%22%2C%22version%22%3A3%2C%22domain%22%3A%22accessholds.com%22%2C%22ts%22%3A1669811757827%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:36:22 GMT
content-type: application/javascript
last-modified: Thu, 10 Feb 2022 20:25:39 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30273
date: Wed, 30 Nov 2022 12:36:22 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 63554b60bb305a45c430613fd013bbc3
8767dfe76ea8295d596eadc765eabc8a5475ee11
d22618294684c21f2bfdc38a141702c6f08e32a0fbcf0862427c3d9dd849e1f9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3386
Cache-Control: max-age=99896
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 12:36:23 GMT
Etag: "63862445-117"
Expires: Thu, 01 Dec 2022 16:21:19 GMT
Last-Modified: Tue, 29 Nov 2022 15:24:53 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
accessholds.com/wp-content/uploads/2022/02/jgfc-1024x678-740x490.jpg
199.188.200.35200 OK 30 kB URL HTTP/2 accessholds.com/wp-content/uploads/2022/02/jgfc-1024x678-740x490.jpg
IP 199.188.200.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=2996, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=4523], baseline, precision 8, 740x490, components 3\012- data
Hash 8144cfc331e7c3e71d3dc12a07d80388
779e93d137fe3eb109674913ccd954f1d04af427
a51042e1027765b5e865dd58682184601958f345eca9cc00a2e044523dad6044
GET /wp-content/uploads/2022/02/jgfc-1024x678-740x490.jpg HTTP/1.1
Host: accessholds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accessholds.com/
Cookie: twk_uuid_6205842b9bd1f31184dc095f=%7B%22uuid%22%3A%221.WromkpZ2jdSYrQYoPWC4zHtHYQrojI5jKgArUMoHc3lrB1Is0LE827Cc2zVSsO3BOZihPav9ceExd5OnvUKP73JIVfI3GeJiIlJPuAlQcXu57l3fMxtuABASV%22%2C%22version%22%3A3%2C%22domain%22%3A%22accessholds.com%22%2C%22ts%22%3A1669811757827%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:36:22 GMT
content-type: image/jpeg
last-modified: Thu, 10 Feb 2022 21:57:59 GMT
accept-ranges: bytes
content-length: 30112
date: Wed, 30 Nov 2022 12:36:22 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
accessholds.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
199.188.200.35200 OK 2.3 kB URL HTTP/2 accessholds.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 199.188.200.35:0
File type ASCII text, with very long lines (6494), with no line terminators
Hash d36aa71a696fa330e746e020f51706c1
d562000b49ba8a70ae9a0f7cfff1b879fcf978b0
fb18eb2f616d3ccb9f8d8ce3d01f4ada3f0a269eab413b7bd7ad38ebfe8d781a
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: accessholds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accessholds.com/
Cookie: twk_uuid_6205842b9bd1f31184dc095f=%7B%22uuid%22%3A%221.WromkpZ2jdSYrQYoPWC4zHtHYQrojI5jKgArUMoHc3lrB1Is0LE827Cc2zVSsO3BOZihPav9ceExd5OnvUKP73JIVfI3GeJiIlJPuAlQcXu57l3fMxtuABASV%22%2C%22version%22%3A3%2C%22domain%22%3A%22accessholds.com%22%2C%22ts%22%3A1669811757827%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:36:22 GMT
content-type: application/javascript
last-modified: Thu, 10 Feb 2022 20:30:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2330
date: Wed, 30 Nov 2022 12:36:22 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
accessholds.com/wp-content/themes/themify-ultra/themify/js/main.min.js?ver=5.5.6
199.188.200.35200 OK 9.1 kB URL HTTP/2 accessholds.com/wp-content/themes/themify-ultra/themify/js/main.min.js?ver=5.5.6
IP 199.188.200.35:0
File type ASCII text, with very long lines (607)
Hash 6e8f5f393239693df29b64a50b06a350
64ac7f713301640adf178e2ed6d7c0503e30b48f
ee36327625b75d81896f4e68a217db56d1fb2783152302f1e7a4518a48f9353d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/themify-ultra/themify/js/main.min.js?ver=5.5.6 HTTP/1.1
Host: accessholds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accessholds.com/
Cookie: twk_uuid_6205842b9bd1f31184dc095f=%7B%22uuid%22%3A%221.WromkpZ2jdSYrQYoPWC4zHtHYQrojI5jKgArUMoHc3lrB1Is0LE827Cc2zVSsO3BOZihPav9ceExd5OnvUKP73JIVfI3GeJiIlJPuAlQcXu57l3fMxtuABASV%22%2C%22version%22%3A3%2C%22domain%22%3A%22accessholds.com%22%2C%22ts%22%3A1669811757827%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:36:22 GMT
content-type: application/javascript
last-modified: Wed, 23 Mar 2022 19:05:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9118
date: Wed, 30 Nov 2022 12:36:22 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
accessholds.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.4
199.188.200.35200 OK 3.1 kB URL HTTP/2 accessholds.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.4
IP 199.188.200.35:0
File type HTML document, ASCII text, with very long lines (9720), with no line terminators
Hash 7b3d5adb95a380672e7d5da68b57b3c0
58db2566c56407e29d4557d912663b36ec328b14
aaa8914b936896ede7bb53ba3a4273d63bf82ed918efe0cfac6f2b3f4641a423
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.4 HTTP/1.1
Host: accessholds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accessholds.com/
Cookie: twk_uuid_6205842b9bd1f31184dc095f=%7B%22uuid%22%3A%221.WromkpZ2jdSYrQYoPWC4zHtHYQrojI5jKgArUMoHc3lrB1Is0LE827Cc2zVSsO3BOZihPav9ceExd5OnvUKP73JIVfI3GeJiIlJPuAlQcXu57l3fMxtuABASV%22%2C%22version%22%3A3%2C%22domain%22%3A%22accessholds.com%22%2C%22ts%22%3A1669811757827%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:36:22 GMT
content-type: application/javascript
last-modified: Thu, 10 Feb 2022 20:25:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3050
date: Wed, 30 Nov 2022 12:36:22 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
accessholds.com/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.6
199.188.200.35200 OK 8.6 kB URL HTTP/2 accessholds.com/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.6
IP 199.188.200.35:0
File type Unicode text, UTF-8 text, with very long lines (24733), with no line terminators
Hash 68595c6cc0dcbfdacf99bc94ff77ad86
2b2719f3d55566841af05dacf068dc2d3c10dcce
5ce4baf7eead42a8568d54a21c089360bb8667b592908350c1d8cb454844e2ce
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.6 HTTP/1.1
Host: accessholds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accessholds.com/
Cookie: twk_uuid_6205842b9bd1f31184dc095f=%7B%22uuid%22%3A%221.WromkpZ2jdSYrQYoPWC4zHtHYQrojI5jKgArUMoHc3lrB1Is0LE827Cc2zVSsO3BOZihPav9ceExd5OnvUKP73JIVfI3GeJiIlJPuAlQcXu57l3fMxtuABASV%22%2C%22version%22%3A3%2C%22domain%22%3A%22accessholds.com%22%2C%22ts%22%3A1669811757827%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:36:22 GMT
content-type: application/javascript
last-modified: Thu, 10 Feb 2022 20:51:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8563
date: Wed, 30 Nov 2022 12:36:22 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
accessholds.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
199.188.200.35200 OK 6.8 kB URL HTTP/2 accessholds.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 199.188.200.35:0
File type Unicode text, UTF-8 text, with very long lines (19111)
Hash d626306dffd33f5fe5c26a7f3eb31e11
c6a49756a49e4e3b65834485e4755b021cff392c
f96d9b10de2d4256189f9e282c2f400cb8d59e23d7a6845b62e4c8aa820cea84
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: accessholds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accessholds.com/
Cookie: twk_uuid_6205842b9bd1f31184dc095f=%7B%22uuid%22%3A%221.WromkpZ2jdSYrQYoPWC4zHtHYQrojI5jKgArUMoHc3lrB1Is0LE827Cc2zVSsO3BOZihPav9ceExd5OnvUKP73JIVfI3GeJiIlJPuAlQcXu57l3fMxtuABASV%22%2C%22version%22%3A3%2C%22domain%22%3A%22accessholds.com%22%2C%22ts%22%3A1669811757827%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:36:22 GMT
content-type: application/javascript
last-modified: Thu, 10 Feb 2022 20:30:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6810
date: Wed, 30 Nov 2022 12:36:22 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
accessholds.com/wp-content/uploads/2022/01/arlington-research-Kz8nHVg_tGI-unsplash-1024x683-880x587.jpg
199.188.200.35200 OK 77 kB URL HTTP/2 accessholds.com/wp-content/uploads/2022/01/arlington-research-Kz8nHVg_tGI-unsplash-1024x683-880x587.jpg
IP 199.188.200.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 880x587, components 3\012- data
Hash 0eb2754defe84f6de564f0e5f42b4485
84076583a4c5dcff52837a1acbe54d7cc459bf91
9440848b376697c0cccf8b95266df9e857b0e85b3cede294310109c99deeea2b
GET /wp-content/uploads/2022/01/arlington-research-Kz8nHVg_tGI-unsplash-1024x683-880x587.jpg HTTP/1.1
Host: accessholds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accessholds.com/
Cookie: twk_uuid_6205842b9bd1f31184dc095f=%7B%22uuid%22%3A%221.WromkpZ2jdSYrQYoPWC4zHtHYQrojI5jKgArUMoHc3lrB1Is0LE827Cc2zVSsO3BOZihPav9ceExd5OnvUKP73JIVfI3GeJiIlJPuAlQcXu57l3fMxtuABASV%22%2C%22version%22%3A3%2C%22domain%22%3A%22accessholds.com%22%2C%22ts%22%3A1669811757827%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:36:22 GMT
content-type: image/jpeg
last-modified: Thu, 10 Feb 2022 21:57:59 GMT
accept-ranges: bytes
content-length: 77399
date: Wed, 30 Nov 2022 12:36:22 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
accessholds.com/wp-content/themes/themify-ultra/skins/software/images/footer-overlay.png
199.188.200.35200 OK 6.4 kB URL HTTP/2 accessholds.com/wp-content/themes/themify-ultra/skins/software/images/footer-overlay.png
IP 199.188.200.35:0
File type PNG image data, 1417 x 272, 8-bit/color RGBA, non-interlaced\012- data
Hash 23bd74306f54f8b05e4777c0033e9e4d
562a166aaaf9b811fed8f226104e3ef2f8b69942
b9f38ff5905d0f9bfcab3d9a70357e0cdf8ea7c3511b42633056af9bfa9f0c3e
GET /wp-content/themes/themify-ultra/skins/software/images/footer-overlay.png HTTP/1.1
Host: accessholds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accessholds.com/wp-content/uploads/themify-concate/2641432782/themify-3870928748.min.css
Cookie: twk_uuid_6205842b9bd1f31184dc095f=%7B%22uuid%22%3A%221.WromkpZ2jdSYrQYoPWC4zHtHYQrojI5jKgArUMoHc3lrB1Is0LE827Cc2zVSsO3BOZihPav9ceExd5OnvUKP73JIVfI3GeJiIlJPuAlQcXu57l3fMxtuABASV%22%2C%22version%22%3A3%2C%22domain%22%3A%22accessholds.com%22%2C%22ts%22%3A1669811757827%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:36:23 GMT
content-type: image/png
last-modified: Wed, 23 Mar 2022 19:05:26 GMT
accept-ranges: bytes
content-length: 6429
date: Wed, 30 Nov 2022 12:36:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd528f6c2c45e38c52095a73a9cd8c68
dca2df874a830edac932136d474453c18d933024
4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 12:36:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accessholds.com/wp-content/uploads/2022/02/jgfc-scaled.jpg
199.188.200.35200 OK 161 kB URL HTTP/2 accessholds.com/wp-content/uploads/2022/02/jgfc-scaled.jpg
IP 199.188.200.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=2996, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=4523], baseline, precision 8, 2560x1696, components 3\012- data
Size 161 kB (160716 bytes)
Hash af8fa134b026ca1a8b15b6d8a5403692
ba0d13119828049bf22171395242c62145ac501b
3545a7ef818a01d44e6f510c3e34e298720fd226cabbd4635de68a84ff877e45
GET /wp-content/uploads/2022/02/jgfc-scaled.jpg HTTP/1.1
Host: accessholds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accessholds.com/wp-content/uploads/themify-concate/2641432782/themify-3870928748.min.css
Cookie: twk_uuid_6205842b9bd1f31184dc095f=%7B%22uuid%22%3A%221.WromkpZ2jdSYrQYoPWC4zHtHYQrojI5jKgArUMoHc3lrB1Is0LE827Cc2zVSsO3BOZihPav9ceExd5OnvUKP73JIVfI3GeJiIlJPuAlQcXu57l3fMxtuABASV%22%2C%22version%22%3A3%2C%22domain%22%3A%22accessholds.com%22%2C%22ts%22%3A1669811757827%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:36:23 GMT
content-type: image/jpeg
last-modified: Thu, 10 Feb 2022 20:25:39 GMT
accept-ranges: bytes
content-length: 160716
date: Wed, 30 Nov 2022 12:36:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
accessholds.com/wp-content/uploads/2022/02/cropped-LogoMakr-5xotSc-32x32.png
199.188.200.35200 OK 988 B URL HTTP/2 accessholds.com/wp-content/uploads/2022/02/cropped-LogoMakr-5xotSc-32x32.png
IP 199.188.200.35:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 3bc4a431b503c14f5d67240fa92356e1
beab154ce2ae4704df0f0889f9bc99df9c1d25f2
184a8ae0c44ca02492b7b73b3ee0f472ece4744bda9a0bd3b506df1a05a52dce
GET /wp-content/uploads/2022/02/cropped-LogoMakr-5xotSc-32x32.png HTTP/1.1
Host: accessholds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accessholds.com/
Cookie: twk_uuid_6205842b9bd1f31184dc095f=%7B%22uuid%22%3A%221.WromkpZ2jdSYrQYoPWC4zHtHYQrojI5jKgArUMoHc3lrB1Is0LE827Cc2zVSsO3BOZihPav9ceExd5OnvUKP73JIVfI3GeJiIlJPuAlQcXu57l3fMxtuABASV%22%2C%22version%22%3A3%2C%22domain%22%3A%22accessholds.com%22%2C%22ts%22%3A1669811757827%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:36:23 GMT
content-type: image/png
last-modified: Thu, 10 Feb 2022 20:39:42 GMT
accept-ranges: bytes
content-length: 988
date: Wed, 30 Nov 2022 12:36:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
accessholds.com/wp-content/uploads/2022/02/cropped-LogoMakr-5xotSc-192x192.png
199.188.200.35200 OK 9.4 kB URL HTTP/2 accessholds.com/wp-content/uploads/2022/02/cropped-LogoMakr-5xotSc-192x192.png
IP 199.188.200.35:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 67973cd40eadc234f7a9a1b4d6c82e94
65a65c91a06ed36ffee5336ff5599848084d1147
8e89ff031d9e195fdaf31456f6b43f381010baa27e1786e8b1182df53f45532b
GET /wp-content/uploads/2022/02/cropped-LogoMakr-5xotSc-192x192.png HTTP/1.1
Host: accessholds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accessholds.com/
Cookie: twk_uuid_6205842b9bd1f31184dc095f=%7B%22uuid%22%3A%221.WromkpZ2jdSYrQYoPWC4zHtHYQrojI5jKgArUMoHc3lrB1Is0LE827Cc2zVSsO3BOZihPav9ceExd5OnvUKP73JIVfI3GeJiIlJPuAlQcXu57l3fMxtuABASV%22%2C%22version%22%3A3%2C%22domain%22%3A%22accessholds.com%22%2C%22ts%22%3A1669811757827%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:36:23 GMT
content-type: image/png
last-modified: Thu, 10 Feb 2022 20:39:42 GMT
accept-ranges: bytes
content-length: 9402
date: Wed, 30 Nov 2022 12:36:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 12:36:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8536
Expires: Wed, 30 Nov 2022 14:58:39 GMT
Date: Wed, 30 Nov 2022 12:36:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8536
Expires: Wed, 30 Nov 2022 14:58:39 GMT
Date: Wed, 30 Nov 2022 12:36:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8536
Expires: Wed, 30 Nov 2022 14:58:39 GMT
Date: Wed, 30 Nov 2022 12:36:23 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e00769bd1391b8f4f5b8ab128a825355
e4ddf955e8ac1986045ed55880c43c69e588a021
81ca4d20c28fed8fd3135515daadc1fdbfb4198535d7c46021b418b8b98e59a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8heT2eN5oLbO14R9qLq78Vma_TkteufTyKM5i3K2XoJYXfWNwLMEwQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:25 GMT
age: 52798
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 777ce44582c70bf01a31da4cab366f36
57e1d34f146d5ccd9943aa97bcc3158f7103bb07
fbdc8f65ae74dc13b7aafec464f08fdc9902af519946200ec52432ac3ca55982
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10958
x-amzn-requestid: abfea5b0-58f5-49e1-b78e-7cf456d03cb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFHF9oIAMF5lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a20-5ab719292d440d083b07a478;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gCt9oHpZ68tLCYHIYpI1XLtADkScxwf12kDFnU0o5WoQIVSzWlqozw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:16:52 GMT
etag: "57e1d34f146d5ccd9943aa97bcc3158f7103bb07"
content-type: image/jpeg
age: 51571
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05196ec43964cf559caa0c0279148d62
6170d6776615503e3e29f86783febc3e3e78ca66
47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9051
x-amzn-requestid: 1032dd9c-a15e-4e8a-9c81-07419e8caf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEMNIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1005c20a33320dbf6567ca31;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IMaVlQblNnh9mFKwb2LG7hw7h_f1_nVYqO4aEUqY01a2HofnnQqcFQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:49:31 GMT
age: 53212
etag: "6170d6776615503e3e29f86783febc3e3e78ca66"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bbe350ea797a0fec5a19a450fc5de4b4
2f3a39a528d3b759060203931de33c12303592e1
4d661dac2e19e07ae15d0f8cf00bd268c6c2defb2f5e4de38fcb6e7031dfd605
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9330
x-amzn-requestid: 3fad352d-7664-43e0-9395-e840f671ca61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFQFIdoAMFSmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a21-5e9847852f8435231d401fe6;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mCEtSOenWKxay4vNy5mN9cexxXKXKt7TMuLaLw-M86tLKwQ2MwuxPg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:00:54 GMT
age: 52529
etag: "2f3a39a528d3b759060203931de33c12303592e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:51 GMT
age: 53012
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59baec8db5ced0210ab766ea5636a5fd
f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QhUrNKIJUxXTYFTgfCwizAd9L4PdLMVLbqv1sHmmnrWya0xz1MTSiw==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:08:46 GMT
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
content-type: image/jpeg
age: 52057
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
accessholds.com/wp-content/themes/themify-ultra/js/themify.script.min.js?ver=5.5.9
199.188.200.35200 OK 2.7 kB URL HTTP/2 accessholds.com/wp-content/themes/themify-ultra/js/themify.script.min.js?ver=5.5.9
IP 199.188.200.35:0
File type ASCII text, with very long lines (558)
Hash 7a311b2c40116d0debb7591abeb7d6be
9a0bfe900d1afcf96fda5cc5ed164b75f2f6d0e7
806b9468cf5114739c30f761317a6931356ee31597353843c51df53f34a7181c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/themify-ultra/js/themify.script.min.js?ver=5.5.9 HTTP/1.1
Host: accessholds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accessholds.com/
Cookie: twk_uuid_6205842b9bd1f31184dc095f=%7B%22uuid%22%3A%221.WromkpZ2jdSYrQYoPWC4zHtHYQrojI5jKgArUMoHc3lrB1Is0LE827Cc2zVSsO3BOZihPav9ceExd5OnvUKP73JIVfI3GeJiIlJPuAlQcXu57l3fMxtuABASV%22%2C%22version%22%3A3%2C%22domain%22%3A%22accessholds.com%22%2C%22ts%22%3A1669811757827%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:36:24 GMT
content-type: application/javascript
last-modified: Wed, 23 Mar 2022 19:05:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2654
date: Wed, 30 Nov 2022 12:36:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
accessholds.com/wp-content/themes/themify-ultra/themify/themify-builder/css/modules/responsive-column.min.css?ver=5.5.6
199.188.200.35200 OK 28 kB URL HTTP/2 accessholds.com/wp-content/themes/themify-ultra/themify/themify-builder/css/modules/responsive-column.min.css?ver=5.5.6
IP 199.188.200.35:0
File type ASCII text, with very long lines (65472)
Hash 92100a3318ec061953c498bd0911fad6
458357ce479eef183777f8c8e635cb1ba749dfa8
d8590cc8be7937c0937b70efde01240f22b1c017e309089a10a01f2f05ba5c22
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/themify-ultra/themify/themify-builder/css/modules/responsive-column.min.css?ver=5.5.6 HTTP/1.1
Host: accessholds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accessholds.com/
Cookie: twk_uuid_6205842b9bd1f31184dc095f=%7B%22uuid%22%3A%221.WromkpZ2jdSYrQYoPWC4zHtHYQrojI5jKgArUMoHc3lrB1Is0LE827Cc2zVSsO3BOZihPav9ceExd5OnvUKP73JIVfI3GeJiIlJPuAlQcXu57l3fMxtuABASV%22%2C%22version%22%3A3%2C%22domain%22%3A%22accessholds.com%22%2C%22ts%22%3A1669811757827%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:36:24 GMT
content-type: text/css
last-modified: Wed, 23 Mar 2022 19:05:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 823
date: Wed, 30 Nov 2022 12:36:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
accessholds.com/wp-content/themes/themify-ultra/themify/js/modules/lax.min.js?ver=5.5.6
199.188.200.35200 OK 1.8 kB URL HTTP/2 accessholds.com/wp-content/themes/themify-ultra/themify/js/modules/lax.min.js?ver=5.5.6
IP 199.188.200.35:0
File type ASCII text, with very long lines (517)
Hash 6caa42d4fe13f344341e9efd8f13bd91
d1bb9103f5460746497762f7fcb8a0585e8f9942
a643841c3157b6cf3890b2fc0e56b951d2c7be121a21a7f57e752f3e8d741d5c
GET /wp-content/themes/themify-ultra/themify/js/modules/lax.min.js?ver=5.5.6 HTTP/1.1
Host: accessholds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accessholds.com/
Cookie: twk_uuid_6205842b9bd1f31184dc095f=%7B%22uuid%22%3A%221.WromkpZ2jdSYrQYoPWC4zHtHYQrojI5jKgArUMoHc3lrB1Is0LE827Cc2zVSsO3BOZihPav9ceExd5OnvUKP73JIVfI3GeJiIlJPuAlQcXu57l3fMxtuABASV%22%2C%22version%22%3A3%2C%22domain%22%3A%22accessholds.com%22%2C%22ts%22%3A1669811757827%7D; TawkConnectionTime=1669811783035
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:36:24 GMT
content-type: application/javascript
last-modified: Wed, 23 Mar 2022 19:05:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1765
date: Wed, 30 Nov 2022 12:36:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
accessholds.com/wp-content/themes/themify-ultra/themify/js/modules/themify.sidemenu.min.js?ver=5.5.6
199.188.200.35200 OK 1.0 kB URL HTTP/2 accessholds.com/wp-content/themes/themify-ultra/themify/js/modules/themify.sidemenu.min.js?ver=5.5.6
IP 199.188.200.35:0
File type ASCII text, with very long lines (530)
Hash 73e3665beeb45e8c24a47df55a49f770
4f739aff97f8ecdc03970725f70037185421bbca
8d9842453b8933a338514ae08c4a3d3e7a2a192129f5b452e79055c9286c667b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/themify-ultra/themify/js/modules/themify.sidemenu.min.js?ver=5.5.6 HTTP/1.1
Host: accessholds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accessholds.com/
Cookie: twk_uuid_6205842b9bd1f31184dc095f=%7B%22uuid%22%3A%221.WromkpZ2jdSYrQYoPWC4zHtHYQrojI5jKgArUMoHc3lrB1Is0LE827Cc2zVSsO3BOZihPav9ceExd5OnvUKP73JIVfI3GeJiIlJPuAlQcXu57l3fMxtuABASV%22%2C%22version%22%3A3%2C%22domain%22%3A%22accessholds.com%22%2C%22ts%22%3A1669811757827%7D; TawkConnectionTime=1669811783035
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:36:24 GMT
content-type: application/javascript
last-modified: Wed, 23 Mar 2022 19:05:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1013
date: Wed, 30 Nov 2022 12:36:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
accessholds.com/wp-content/themes/themify-ultra/themify/js/modules/fixedheader.min.js?ver=5.5.6
199.188.200.35200 OK 1.9 kB URL HTTP/2 accessholds.com/wp-content/themes/themify-ultra/themify/js/modules/fixedheader.min.js?ver=5.5.6
IP 199.188.200.35:0
File type ASCII text, with very long lines (575)
Hash 65d4b0211f269f1e64f3c3da33c6c1cf
69a1458a6b40332b6e6b0552619e479cd14dd0da
93126d1569f9e42054dfa4d564a6bdb056881f82f5d9773cc93799b4afe03dfe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/themify-ultra/themify/js/modules/fixedheader.min.js?ver=5.5.6 HTTP/1.1
Host: accessholds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accessholds.com/
Cookie: twk_uuid_6205842b9bd1f31184dc095f=%7B%22uuid%22%3A%221.WromkpZ2jdSYrQYoPWC4zHtHYQrojI5jKgArUMoHc3lrB1Is0LE827Cc2zVSsO3BOZihPav9ceExd5OnvUKP73JIVfI3GeJiIlJPuAlQcXu57l3fMxtuABASV%22%2C%22version%22%3A3%2C%22domain%22%3A%22accessholds.com%22%2C%22ts%22%3A1669811757827%7D; TawkConnectionTime=1669811783035
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:36:24 GMT
content-type: application/javascript
last-modified: Wed, 23 Mar 2022 19:05:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1860
date: Wed, 30 Nov 2022 12:36:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
themify.me/demo/themes/ultra-agency-2/files/2019/04/bg-dots.png
50.28.18.33302 Found 279 B URL HTTP/2 themify.me/demo/themes/ultra-agency-2/files/2019/04/bg-dots.png
IP 50.28.18.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d7fa7b3722e02aec698953b1ae4c4d25
07e1a28cc364ee03314ffdc03febe24a11e8740b
1ca52e1dff798b59c76da29ca44bbb9367e90317720390af8572eca2ae79fa6a
GET /demo/themes/ultra-agency-2/files/2019/04/bg-dots.png HTTP/1.1
Host: themify.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accessholds.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://themify.me/demo/themes/ultra-agency2/files/2019/04/bg-dots.png?file=2019/04/bg-dots.png
cache-control: max-age=604800
expires: Wed, 07 Dec 2022 12:36:24 GMT
content-length: 279
content-type: text/html; charset=iso-8859-1
date: Wed, 30 Nov 2022 12:36:24 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 5.0 kB IP 93.184.220.29:0
Hash 935ae91adaa6e2f956064747ce27fad9
bd5d19ffd5ac0093f6e75f833488533f4655b844
6bafdba445c6efa9a9cfe5cc348131dbc16fb215ff0b6560d870e4f2dea00e95
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3387
Cache-Control: max-age=99896
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 12:36:24 GMT
Etag: "63862445-117"
Expires: Thu, 01 Dec 2022 16:21:20 GMT
Last-Modified: Tue, 29 Nov 2022 15:24:53 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
themify.me/demo/themes/ultra-agency2/files/2019/04/bg-dots.png?file=2019/04/bg-dots.png
50.28.18.33200 OK 2.7 kB URL HTTP/2 themify.me/demo/themes/ultra-agency2/files/2019/04/bg-dots.png?file=2019/04/bg-dots.png
IP 50.28.18.33:0
Hash 8f78f6f150216cb04a32b3faf32453b0
2af73d3c62ff581a5211c084a5fa58a1d1d52a38
4ce6985d010adf4add4d8ee0e64c1afc9ec6f6809c9bec00087d787a0eb0195c
GET /demo/themes/ultra-agency2/files/2019/04/bg-dots.png?file=2019/04/bg-dots.png HTTP/1.1
Host: themify.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://accessholds.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Fri, 30 Jan 2026 22:23:04 GMT
content-length: 399
last-modified: Tue, 27 Oct 2020 20:03:26 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-type: image/png
date: Wed, 30 Nov 2022 12:36:24 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash fe58fb8f7d5837568d4480d31ec4d1c5
cdc4351995771a0fe9a628cade93ebac3f8263cb
d8acd575a4bc3047b8cfe69245144ffe4d68084ccfc9860f6633200817cada91
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3309
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 12:36:24 GMT
Last-Modified: Wed, 30 Nov 2022 11:41:15 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
accessholds.com/wp-content/themes/themify-ultra/styles/modules/filters/none.min.css?ver=5.5.9
199.188.200.35200 OK 3.9 kB URL HTTP/2 accessholds.com/wp-content/themes/themify-ultra/styles/modules/filters/none.min.css?ver=5.5.9
IP 199.188.200.35:0
File type ASCII text, with very long lines (11056), with no line terminators
Hash f7755dc9cb67ca9cb709c6e57a52e727
d0b6e032db2c798abfe7bf8342252c7d84f4300a
7547e4cd3f5fb7124ac731f7ab9bbef1c837aa33ab9cfe34708aecae0d00a5d4
GET /wp-content/themes/themify-ultra/styles/modules/filters/none.min.css?ver=5.5.9 HTTP/1.1
Host: accessholds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accessholds.com/
Cookie: twk_uuid_6205842b9bd1f31184dc095f=%7B%22uuid%22%3A%221.WromkpZ2jdSYrQYoPWC4zHtHYQrojI5jKgArUMoHc3lrB1Is0LE827Cc2zVSsO3BOZihPav9ceExd5OnvUKP73JIVfI3GeJiIlJPuAlQcXu57l3fMxtuABASV%22%2C%22version%22%3A3%2C%22domain%22%3A%22accessholds.com%22%2C%22ts%22%3A1669811783434%7D; TawkConnectionTime=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:36:25 GMT
content-type: text/css
last-modified: Wed, 23 Mar 2022 19:05:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 143
date: Wed, 30 Nov 2022 12:36:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vsb78.tawk.to/s/?k=63874e2e3f52a35ac5d71fd7&cver=1&pop=false&asver=16&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MjA1ODQyYjliZDFmMzExODRkYzA5NWYiLCJ2aWQiOiI2MjA1ODQyYjliZDFmMzExODRkYzA5NWYtRmlkcTQxVUhpT3BZZ2dGdUlfTnZMIiwic2lkIjoiNjM4NzRlMmUzZjUyYTM1YWM1ZDcxZmQ3IiwiaWF0IjoxNjY5ODExNzU4LCJleHAiOjE2Njk4MTM1NTgsImp0aSI6ImxBMmJUa2xoZnpid0tXeXVVamU3NiJ9.eZ0v-qkzkbiDQHpmr2yZ-4Taff74rpn56Bmpbzndqu2vlQzld4Qwo2pn1eWhQK_5pyZy1VyxA-GgsI-lOqwdyQ&EIO=3&transport=websocket&__t=OJ8YSSN
104.22.25.131101 Switching Protocols 4.5 kB URL HTTP/1.1 vsb78.tawk.to/s/?k=63874e2e3f52a35ac5d71fd7&cver=1&pop=false&asver=16&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MjA1ODQyYjliZDFmMzExODRkYzA5NWYiLCJ2aWQiOiI2MjA1ODQyYjliZDFmMzExODRkYzA5NWYtRmlkcTQxVUhpT3BZZ2dGdUlfTnZMIiwic2lkIjoiNjM4NzRlMmUzZjUyYTM1YWM1ZDcxZmQ3IiwiaWF0IjoxNjY5ODExNzU4LCJleHAiOjE2Njk4MTM1NTgsImp0aSI6ImxBMmJUa2xoZnpid0tXeXVVamU3NiJ9.eZ0v-qkzkbiDQHpmr2yZ-4Taff74rpn56Bmpbzndqu2vlQzld4Qwo2pn1eWhQK_5pyZy1VyxA-GgsI-lOqwdyQ&EIO=3&transport=websocket&__t=OJ8YSSN
IP 104.22.25.131:0
Hash 4d6951f2abe146a74c3d52917ad53ac2
d33741751a816b64d3860c64d9aa8b66e2ce7d69
89f515ea82eceacf6b76adc3e584983413099ebe1d1a421bb6f5e4932781fec3
GET /s/?k=63874e2e3f52a35ac5d71fd7&cver=1&pop=false&asver=16&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MjA1ODQyYjliZDFmMzExODRkYzA5NWYiLCJ2aWQiOiI2MjA1ODQyYjliZDFmMzExODRkYzA5NWYtRmlkcTQxVUhpT3BZZ2dGdUlfTnZMIiwic2lkIjoiNjM4NzRlMmUzZjUyYTM1YWM1ZDcxZmQ3IiwiaWF0IjoxNjY5ODExNzU4LCJleHAiOjE2Njk4MTM1NTgsImp0aSI6ImxBMmJUa2xoZnpid0tXeXVVamU3NiJ9.eZ0v-qkzkbiDQHpmr2yZ-4Taff74rpn56Bmpbzndqu2vlQzld4Qwo2pn1eWhQK_5pyZy1VyxA-GgsI-lOqwdyQ&EIO=3&transport=websocket&__t=OJ8YSSN HTTP/1.1
Host: vsb78.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://accessholds.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: r4hZAzuW3pRXHOVV56z/bg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Wed, 30 Nov 2022 12:36:25 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: unLiF8xyADCWMCtpDYcMe39d8ZU=
sec-websocket-extensions: permessage-deflate
strict-transport-security: max-age=0; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 7723a0e64bb8b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
accessholds.com/wp-content/themes/themify-ultra/themify/js/modules/edge.Menu.min.js?ver=5.5.6
199.188.200.35200 OK 57 kB URL HTTP/2 accessholds.com/wp-content/themes/themify-ultra/themify/js/modules/edge.Menu.min.js?ver=5.5.6
IP 199.188.200.35:0
File type ASCII text, with very long lines (10469), with no line terminators
Hash 37d914a6d4dad60b482fb5051de07619
1c959885415c3ce0f9c9722c0d01aa2c726c8287
b9af9ca2d49f438195a7c61abd918993b2df4fa35f3e277d0b5090fa6d18495e
GET /wp-content/themes/themify-ultra/themify/js/modules/edge.Menu.min.js?ver=5.5.6 HTTP/1.1
Host: accessholds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accessholds.com/
Cookie: twk_uuid_6205842b9bd1f31184dc095f=%7B%22uuid%22%3A%221.WromkpZ2jdSYrQYoPWC4zHtHYQrojI5jKgArUMoHc3lrB1Is0LE827Cc2zVSsO3BOZihPav9ceExd5OnvUKP73JIVfI3GeJiIlJPuAlQcXu57l3fMxtuABASV%22%2C%22version%22%3A3%2C%22domain%22%3A%22accessholds.com%22%2C%22ts%22%3A1669811783434%7D; TawkConnectionTime=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:36:25 GMT
content-type: application/javascript
last-modified: Wed, 23 Mar 2022 19:05:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 437
date: Wed, 30 Nov 2022 12:36:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
accessholds.com/
199.188.200.35200 OK 0 B IP 199.188.200.35:0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: accessholds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: twk_uuid_6205842b9bd1f31184dc095f=%7B%22uuid%22%3A%221.WromkpZ2jdSYrQYoPWC4zHtHYQrojI5jKgArUMoHc3lrB1Is0LE827Cc2zVSsO3BOZihPav9ceExd5OnvUKP73JIVfI3GeJiIlJPuAlQcXu57l3fMxtuABASV%22%2C%22version%22%3A3%2C%22domain%22%3A%22accessholds.com%22%2C%22ts%22%3A1669811757827%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
link: <https://accessholds.com/wp-json/>; rel="https://api.w.org/", <https://accessholds.com/wp-json/wp/v2/pages/9>; rel="alternate"; type="application/json", <https://accessholds.com/>; rel=shortlink
etag: "24-1669296629;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:36:22 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2