nestfs.com/
18.133.177.169301 Moved Permanently 162 B IP 18.133.177.169:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 29 Nov 2022 13:11:22 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://nestfs.com/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7881
Expires: Tue, 29 Nov 2022 15:22:44 GMT
Date: Tue, 29 Nov 2022 13:11:23 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5885
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 13:11:23 GMT
Last-Modified: Tue, 29 Nov 2022 11:33:18 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10263
Expires: Tue, 29 Nov 2022 16:02:26 GMT
Date: Tue, 29 Nov 2022 13:11:23 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 12:17:54 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3209
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: F3TSF83kPztikgQnXaX33GTaMi3pFjnqkhwDaWTwlcEEXLS/KAfwLd+Zg0YfEBIpG1/HYdINXbM=
x-amz-request-id: 2HWVT0K64XYWRWC8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 12:42:30 GMT
age: 1733
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
nestfs.com/
18.133.177.169200 OK 26 kB IP 18.133.177.169:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13466), with CRLF, LF line terminators
Hash 620b1c8dec0e528c96ba071ed2603db5
283cc6ac1d26b1d284d17872319075105e14d6e9
e356d23bf92751f8e2c1564e223d144847945d5984edb8f5c0dc7a95202d8144
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:23 GMT
content-type: text/html; charset=UTF-8
content-length: 26410
link: <https://nestfs.com/wp-json/>; rel="https://api.w.org/", <https://nestfs.com/wp-json/wp/v2/pages/604>; rel="alternate"; type="application/json", <https://nestfs.com/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
x-cache-status: STALE
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:23 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 13:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 13:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 13:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 13:11:13 GMT
cache-control: public,max-age=3600
age: 11
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
nestfs.com/wp-includes/css/classic-themes.min.css?ver=1
18.133.177.169200 OK 189 B URL HTTP/2 nestfs.com/wp-includes/css/classic-themes.min.css?ver=1
IP 18.133.177.169:0
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: text/css
content-length: 189
x-accel-version: 0.01
last-modified: Wed, 02 Nov 2022 05:17:43 GMT
etag: "d9-5ec75f5d86a24-gzip"
vary: Accept-Encoding
content-encoding: gzip
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
nestfs.com/wp-content/uploads/2022/10/NestFS-Logo-Full-2.png
18.133.177.169200 OK 163 kB URL HTTP/2 nestfs.com/wp-content/uploads/2022/10/NestFS-Logo-Full-2.png
IP 18.133.177.169:0
File type PNG image data, 5833 x 1042, 8-bit/color RGBA, non-interlaced\012- data
Size 163 kB (162953 bytes)
Hash ad850ce0cdac1d3c57228e12322acfa3
b63b70d6c38b62790c285cbd0a93773f8de07f2e
51869347338c910c9409fa4e25f471d3b7c8b0ab49e2d9819121092e2d12960e
GET /wp-content/uploads/2022/10/NestFS-Logo-Full-2.png HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: image/png
content-length: 162953
last-modified: Tue, 18 Oct 2022 08:04:55 GMT
etag: "634e5e27-27c89"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
nestfs.com/wp-content/themes/porto/js/libs/owl.carousel.min.js?ver=2.3.4
18.133.177.169200 OK 20 kB URL HTTP/2 nestfs.com/wp-content/themes/porto/js/libs/owl.carousel.min.js?ver=2.3.4
IP 18.133.177.169:0
File type ASCII text, with CRLF line terminators
Hash 8f206355ffb28ead621e1a0c9864c82b
92d54e2417551e716f18d3cb4f30ada1fc0358cb
b7a859c3785ad6fa107a844a5764d0ca687a39b26b18a5d12eef0afd5a9e57db
GET /wp-content/themes/porto/js/libs/owl.carousel.min.js?ver=2.3.4 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: application/javascript
last-modified: Thu, 21 Jul 2022 12:36:30 GMT
etag: W/"62d9484e-1c4b0"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.portotheme.com/wordpress/porto/elementor/business-consulting2/wp-content/uploads/sites/43/2020/06/coaching-3.jpg
66.198.246.22200 OK 11 kB URL HTTP/2 www.portotheme.com/wordpress/porto/elementor/business-consulting2/wp-content/uploads/sites/43/2020/06/coaching-3.jpg
IP 66.198.246.22:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 267x330, components 3\012- data
Hash 8bb925b54d76760038a0cd91fe8b3287
094d8709a7b856f7e3e5b0ac8626555036fc54e3
0904d53de39690282a392d1cbc28d32c6f94d1212ca5e04f7e9707b9b9abe38e
GET /wordpress/porto/elementor/business-consulting2/wp-content/uploads/sites/43/2020/06/coaching-3.jpg HTTP/1.1
Host: www.portotheme.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 24 Nov 2022 11:02:58 GMT
accept-ranges: bytes
content-length: 10902
vary: User-Agent
access-control-allow-origin: *
cache-control: max-age=31536000, public
content-type: image/jpeg
date: Tue, 29 Nov 2022 13:11:24 GMT
server: Apache
X-Firefox-Spdy: h2
nestfs.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.20
18.133.177.169200 OK 12 kB URL HTTP/2 nestfs.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.20
IP 18.133.177.169:0
File type Unicode text, UTF-8 text, with very long lines (12602)
Hash 152a8b8c0da365819b434c4a238ca00a
fe2e7024ae736fdec84ad81aae9c03b50355ab5a
6fcf870232216e0986aa80ace7f58a24909e73293234d5b5a1f7b644676a99a3
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.20 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: text/css
last-modified: Tue, 18 Oct 2022 05:57:24 GMT
etag: W/"634e4044-e245"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
18.133.177.169200 OK 3.3 kB URL HTTP/2 nestfs.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP 18.133.177.169:0
File type ASCII text, with very long lines (9680), with no line terminators
Hash 56ff6cc972a9117df357292d627f30d6
67174581ec8c87a0c0fcf7fd30691441dc2e42ae
a1dddd792c3b8c4e12e30167d90a0264d5c82b88ddeb1966bdaa57c73c46ffbc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 05:58:49 GMT
etag: W/"634e4099-25d0"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/plugins/revslider/public/assets/assets/dummy.png
18.133.177.169200 OK 68 B URL HTTP/2 nestfs.com/wp-content/plugins/revslider/public/assets/assets/dummy.png
IP 18.133.177.169:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 2a637d3d825673c0e3462fa4ed9a1c5c
81668d396da22832d75a986407ff10035e0d5899
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
GET /wp-content/plugins/revslider/public/assets/assets/dummy.png HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: image/png
content-length: 68
x-accel-version: 0.01
last-modified: Tue, 18 Oct 2022 05:57:25 GMT
etag: "44-5eb48c433f98e"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
sw-themes.com/porto_dummy/wp-content/uploads/images/business-consulting-2/icons/calendar.svg
162.144.217.30200 OK 1.4 kB URL HTTP/1.1 sw-themes.com/porto_dummy/wp-content/uploads/images/business-consulting-2/icons/calendar.svg
IP 162.144.217.30:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (1434), with no line terminators
Hash 0101bda16d00a7d5c7872456d308f038
a14b16088233fb20a48c2a61922661b6ae98a878
94686c340c95901f721ebf896fe46f24c34af9f7f60f815bacfef2f7def7037a
GET /porto_dummy/wp-content/uploads/images/business-consulting-2/icons/calendar.svg HTTP/1.1
Host: sw-themes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 12:54:13 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 12:13:28 GMT
Accept-Ranges: bytes
Content-Length: 1434
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
sw-themes.com/porto_dummy/wp-content/uploads/images/business-consulting-2/icons/mail.svg
162.144.217.30200 OK 880 B URL HTTP/1.1 sw-themes.com/porto_dummy/wp-content/uploads/images/business-consulting-2/icons/mail.svg
IP 162.144.217.30:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (880), with no line terminators
Hash 3721bf6fdc8ad5203d3ebf1ed381b36d
873c1b269602285c8b9e3bdff53b4c1cab0ab226
f1a0b74b38e33f83f865cf7fdecc422da70059e0d25d90cc57349076cf5f884f
GET /porto_dummy/wp-content/uploads/images/business-consulting-2/icons/mail.svg HTTP/1.1
Host: sw-themes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 12:54:13 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 12:13:28 GMT
Accept-Ranges: bytes
Content-Length: 880
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
nestfs.com/wp-content/uploads/2022/10/hero-section-3-1-1024x414-1.jpg
18.133.177.169200 OK 26 kB URL HTTP/2 nestfs.com/wp-content/uploads/2022/10/hero-section-3-1-1024x414-1.jpg
IP 18.133.177.169:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x414, components 3\012- data
Hash 125f88430c39cc22e14262c8a17c374c
b892d5301b0d3f4e5cba70a46bd919db40a6d819
1f2386e50e8ed0159986407812d984d2823db477d986d1a9a0c7f732ccb64747
GET /wp-content/uploads/2022/10/hero-section-3-1-1024x414-1.jpg HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/wp-content/uploads/elementor/css/post-604.css?ver=1667198822
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: image/jpeg
content-length: 25950
last-modified: Wed, 19 Oct 2022 05:16:47 GMT
etag: "634f883f-655e"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
nestfs.com/wp-content/themes/porto/js/theme-async.js?ver=6.5.1
18.133.177.169200 OK 337 kB URL HTTP/2 nestfs.com/wp-content/themes/porto/js/theme-async.js?ver=6.5.1
IP 18.133.177.169:0
File type assembler source, ASCII text, with very long lines (492)
Size 337 kB (337105 bytes)
Hash d67f4aa7848842aabfff1d0e4a5bc65a
704ea85269f6291fcd5a7751a69c6807c26f6b16
4eb862a6f10b190c798c46eee5b362c2db79489e5deee761a2cfbbfbc8cb5dc7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/porto/js/theme-async.js?ver=6.5.1 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: application/javascript
last-modified: Mon, 12 Sep 2022 10:29:24 GMT
etag: W/"631f0a04-18656"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.166.172.24101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.166.172.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QBX8RlOXE5Na31YhPY54nA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NGbuyKtFDGE/3vp28RnO72foCPo=
nestfs.com/wp-content/themes/porto/js/theme.js?ver=6.5.1
18.133.177.169200 OK 94 kB URL HTTP/2 nestfs.com/wp-content/themes/porto/js/theme.js?ver=6.5.1
IP 18.133.177.169:0
File type ASCII text, with very long lines (10900), with CRLF line terminators
Hash a84ef48b590631f642b7e29a897cb083
35afa8d48f28e927dbea6a8ee6bcc73bee1a3cbe
a54d54c15aeb62b1bc764af279d153b1e79548725498c021dfeebd96a7482be1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/porto/js/theme.js?ver=6.5.1 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: application/javascript
last-modified: Tue, 06 Sep 2022 11:21:56 GMT
etag: W/"63172d54-2bb94"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.8
18.133.177.169200 OK 90 kB URL HTTP/2 nestfs.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.8
IP 18.133.177.169:0
File type Unicode text, UTF-8 text, with very long lines (32889)
Hash 846441e9461bc68833eb9f651bb4b18c
0ec3b6597d8b3de219dfcb5ecb5f3f825c39b6b5
5cfd02005a757abe6eceec6bf8f626655fbde54dd629529a87b075ba49bdbea2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.8 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 05:57:39 GMT
etag: W/"634e4053-80a1"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/themes/porto/fonts/fontawesome/fa-brands-400.woff2
18.133.177.169200 OK 77 kB URL HTTP/2 nestfs.com/wp-content/themes/porto/fonts/fontawesome/fa-brands-400.woff2
IP 18.133.177.169:0
File type Web Open Font Format (Version 2), TrueType, length 77400, version 331.17301\012- data
Hash cac68c831145804808381a7032fdc7c2
62584b9868428fd75af3fc5ee2f9918dda428be5
1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/porto/fonts/fontawesome/fa-brands-400.woff2 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://nestfs.com/wp-content/themes/porto/css/plugins.css?ver=6.5.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: font/woff2
content-length: 77400
last-modified: Thu, 21 Jul 2022 12:37:14 GMT
etag: "62d9487a-12e58"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
nestfs.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
18.133.177.169200 OK 54 kB URL HTTP/2 nestfs.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 18.133.177.169:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 5624758f6d15a0d5daa24f9ef5230085
d2fe9872a65ab60256ab73c7102c37bd776a1582
7e87464ff18ffcb5bbaeaaf7e7a14ac3024fafa706bee1994f77e80b436bcd30
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-194b"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/themes/porto/css/theme_elementor.css?ver=6.5.1
18.133.177.169200 OK 117 kB URL HTTP/2 nestfs.com/wp-content/themes/porto/css/theme_elementor.css?ver=6.5.1
IP 18.133.177.169:0
Size 117 kB (116721 bytes)
Hash 2efc39b04329842fcc91ca6597fea44a
86eba1f6a2e324b7fa13acb696417bc4b44571a3
3eabdf322da2301e4c7f28af67d6dc0f107037a233b67ea85933dbad5c1493f1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/porto/css/theme_elementor.css?ver=6.5.1 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: text/css
last-modified: Fri, 29 Jul 2022 05:08:16 GMT
etag: W/"62e36b40-1fa6"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
18.133.177.169200 OK 4.5 kB URL HTTP/2 nestfs.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 18.133.177.169:0
File type ASCII text, with very long lines (11126)
Hash a9782a10ac5708d39ef2bdb77ed7d7b2
51c743617946a6923c487bb2372635852e9ca7c4
e67bc14b779c0c0cbdb0faa926bda7070b81d73dfb38f5b1661e329587e9e0b7
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
etag: W/"5fb4e3fe-2bd8"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
18.133.177.169200 OK 23 kB URL HTTP/2 nestfs.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 18.133.177.169:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 17b06e08936fbfc7cf8fcce4994c53f0
7c5ebb9c036a767082b8f41eef1d297c601ac6bb
f3e564d600bdb612fe554c36864ebce5235b4af90906107de4f3955e2b9e95c7
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 05:17:42 GMT
etag: W/"6361fd76-53c0"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/uploads/porto_styles/dynamic_style.css?ver=6.5.1
18.133.177.169200 OK 14 kB URL HTTP/2 nestfs.com/wp-content/uploads/porto_styles/dynamic_style.css?ver=6.5.1
IP 18.133.177.169:0
File type ASCII text, with very long lines (40434), with no line terminators
Hash 602bbff5bee5c4c8e76985bdaf78987e
ae22b13f0ce2ced99100898cc11656a9d0d05061
b48edf047468c58aa8cc7450b06406c53770a2f2b48d327d4aca7240af7497d1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/porto_styles/dynamic_style.css?ver=6.5.1 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: text/css
last-modified: Thu, 20 Oct 2022 06:31:51 GMT
etag: W/"6350eb57-9df2"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 13:11:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.195200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nestfs.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 21:48:50 GMT
expires: Thu, 23 Nov 2023 21:48:50 GMT
cache-control: public, max-age=31536000
age: 487355
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
nestfs.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.8
18.133.177.169200 OK 10 kB URL HTTP/2 nestfs.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.8
IP 18.133.177.169:0
File type ASCII text, with very long lines (10019)
Hash 6b24fbe35fbcae4e7f61d9d8b59aa649
5b81d0bf4af64ebd9365aa57069ad830a720f6ba
f596bec992511537faa4d154153630b8941003a70342b3ae39a9b2102916133d
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.8 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: text/css
last-modified: Tue, 18 Oct 2022 05:57:39 GMT
etag: W/"634e4053-4824"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
216.58.207.195200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nestfs.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 08:32:10 GMT
expires: Thu, 23 Nov 2023 08:32:10 GMT
cache-control: public, max-age=31536000
age: 535155
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
nestfs.com/wp-content/uploads/2022/10/NestFS-Logo-Icon-1024x1024-1.png
18.133.177.169200 OK 38 kB URL HTTP/2 nestfs.com/wp-content/uploads/2022/10/NestFS-Logo-Icon-1024x1024-1.png
IP 18.133.177.169:0
File type PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced\012- data
Hash 6d6812c1bdf2dc88a8b45330e50829d4
dee4248756a1c83cc7015fdb3c8509538361b80f
7ec3f526166acc7d16f62c759e9d82a8c18ecb3dcbe0b42403656fd9ec6824a1
GET /wp-content/uploads/2022/10/NestFS-Logo-Icon-1024x1024-1.png HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:25 GMT
content-type: image/png
content-length: 37736
last-modified: Tue, 18 Oct 2022 14:00:38 GMT
etag: "634eb186-9368"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
sw-themes.com/porto_dummy/wp-content/uploads/images/business-consulting-2/icons/phone.svg
162.144.217.30200 OK 972 B URL HTTP/1.1 sw-themes.com/porto_dummy/wp-content/uploads/images/business-consulting-2/icons/phone.svg
IP 162.144.217.30:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (972), with no line terminators
Hash 14d0d032d3ade9e500f8ac7f23ec7304
03ed2e48f45de6eac047604396d69650082ee6c9
af124c9555e7559cdc94bef2babe7df18999f400f3a0f95f9b3831cd09aac25c
GET /porto_dummy/wp-content/uploads/images/business-consulting-2/icons/phone.svg HTTP/1.1
Host: sw-themes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 12:54:14 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 12:13:28 GMT
Accept-Ranges: bytes
Content-Length: 972
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
nestfs.com/wp-content/uploads/porto_styles/bootstrap.css?ver=6.5.1
18.133.177.169200 OK 57 kB URL HTTP/2 nestfs.com/wp-content/uploads/porto_styles/bootstrap.css?ver=6.5.1
IP 18.133.177.169:0
File type assembler source, ASCII text, with very long lines (804)
Hash fd0c5de7e86b2d62df82a92bc95bf4d2
948ed83a801542f45b4f0385325158a160a6671e
f66cce0db5a20f3cf73d881727a04b084bf274d448e2bfab444f19e8c8eaaaa1
GET /wp-content/uploads/porto_styles/bootstrap.css?ver=6.5.1 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: text/css
last-modified: Tue, 18 Oct 2022 14:45:26 GMT
etag: W/"634ebc06-2d6f4"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888
18.133.177.169200 OK 8.6 kB URL HTTP/2 nestfs.com/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888
IP 18.133.177.169:0
File type gzip compressed data, max compression\012- data
Hash 603da5cdfcb0b0d1f6b5c7c00ccf223b
69d10ac2be4ae921674a63a218935dfb28efde74
9310977e06f1307d373f759e93242711801c7958a519039d37e0a10ca08f5055
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://nestfs.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.20
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:25 GMT
content-type: font/woff
content-length: 7536
last-modified: Tue, 18 Oct 2022 05:57:24 GMT
etag: "634e4044-1d70"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
nestfs.com/wp-content/uploads/revslider/home-business-consulting-21/bc2-s-1.jpg
18.133.177.169200 OK 92 kB URL HTTP/2 nestfs.com/wp-content/uploads/revslider/home-business-consulting-21/bc2-s-1.jpg
IP 18.133.177.169:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1920x840, components 3\012- data
Hash 1a3edbc39b23ac7ca52e82d69d17479f
8556fadebb34ccf775ad7c42b8cfe2ff926b5694
917e265acaf8ef2f08af3dd81c4afc8b82b6adfe76bb791990594311c828267d
GET /wp-content/uploads/revslider/home-business-consulting-21/bc2-s-1.jpg HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:25 GMT
content-type: image/jpeg
content-length: 91920
last-modified: Tue, 18 Oct 2022 06:41:26 GMT
etag: "634e4a96-16710"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
nestfs.com/wp-content/uploads/revslider/home-business-consulting-21/bc2-s-2.jpg
18.133.177.169200 OK 88 kB URL HTTP/2 nestfs.com/wp-content/uploads/revslider/home-business-consulting-21/bc2-s-2.jpg
IP 18.133.177.169:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1920x840, components 3\012- data
Hash e52c30eb31f6f76860cfd9f3c3a85a44
1c82e63a259a7e3e43279fec5b2a63efb2da747c
cbf2176e0ebd78fb239dc3d2da27d79359d2456904574ff8adf26edf1093546d
GET /wp-content/uploads/revslider/home-business-consulting-21/bc2-s-2.jpg HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:25 GMT
content-type: image/jpeg
content-length: 87777
last-modified: Tue, 18 Oct 2022 06:41:26 GMT
etag: "634e4a96-156e1"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6529
Expires: Tue, 29 Nov 2022 15:00:15 GMT
Date: Tue, 29 Nov 2022 13:11:26 GMT
Connection: keep-alive
nestfs.com/wp-content/plugins/porto-functionality/builders/assets/type-builder.css?ver=6.1.1
18.133.177.169200 OK 1.9 kB URL HTTP/2 nestfs.com/wp-content/plugins/porto-functionality/builders/assets/type-builder.css?ver=6.1.1
IP 18.133.177.169:0
File type ASCII text, with very long lines (6599), with no line terminators
Hash daf42923b5972ef083a87ce2daf6dd82
d9a80216e676b2773de42dfd606934bdfda69222
95f7a65d5ea39f5cc90a19e519bdda91f7e0dd897d18adfcb6cbb7d46924a859
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/porto-functionality/builders/assets/type-builder.css?ver=6.1.1 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: text/css
last-modified: Tue, 18 Oct 2022 05:56:57 GMT
etag: W/"634e4029-19c7"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6529
Expires: Tue, 29 Nov 2022 15:00:15 GMT
Date: Tue, 29 Nov 2022 13:11:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uGocx-Lv8ieJVvICjnTGQZyzaQzjVdICX2RZaNyBTQvUKeIcNxaCJQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:49:50 GMT
age: 30096
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
nestfs.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
18.133.177.169200 OK 6.5 kB URL HTTP/2 nestfs.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP 18.133.177.169:0
File type ASCII text, with very long lines (4875)
Hash 1963c87787f41c24703cb30b8e6c3a85
ed4cd8274ab64656c88b9201b42c5f7663965158
f8ae01bf9d9e97de8b362b8fbaaa0be9210563e0acb6c7b31d843a9048cf9402
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-132e"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 22:01:55 GMT
age: 54571
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faee65fe0-e370-42e3-be13-065dcb4d76e1.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faee65fe0-e370-42e3-be13-065dcb4d76e1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 748366131b496e41f92e15ce7d1cd0e0
a6c7a59a6599ece2cf0e76c778c920dea94ff469
b9ea2d419742c67e2b14536379e7383524f22645b1af988d5bd72154647fc602
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faee65fe0-e370-42e3-be13-065dcb4d76e1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4862
x-amzn-requestid: 17c6fb35-2dc8-45e4-a226-a74ba94323b3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYlHXxIAMFcpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5d0-5a0f4f667a3747166eb2b338;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2ImCYNlZ1ri4mMpJhMnoucEoQPgKly8gj7KvMPFYb6WpsoJ18WyFog==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 13:28:25 GMT
age: 85381
etag: "a6c7a59a6599ece2cf0e76c778c920dea94ff469"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 22e7d3e11e78242383e452adb9299016
035a1b4a2a7889787532ec2637d5c21e06daf672
990f18423bafc9cc3daaa1bd1290313b6cb3d3a391f642d01fd6797ad4fc9ca8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3004
x-amzn-requestid: 1e6e228a-fb73-4ed3-881b-6b0e5c8297c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrFRXoAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-45059338501b45d943d7e08c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rmBhEB-x2sOvI7XfEpZQ0-lXEDWZ4los77q017Im-Lwb32ZLA0Zvcg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:45:15 GMT
age: 30371
etag: "035a1b4a2a7889787532ec2637d5c21e06daf672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2a5c8d4113d282600462749315f2c4f
e2b4d2e15bb7c086333c0da438873e4c139ba931
9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wqEe45jzMOryT-E-vThc39-cLiZudKF4gn6cS3LBmeaJ2amJF5GPIA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:54 GMT
age: 55472
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
nestfs.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.6.4
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.6.4
IP 18.133.177.169:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.6.4 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: application/javascript
last-modified: Tue, 15 Mar 2022 22:30:00 GMT
etag: W/"62311368-4fbf"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP 18.133.177.169:0
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: text/css
last-modified: Tue, 18 Oct 2022 05:58:49 GMT
etag: W/"634e4099-aab"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.8
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.8
IP 18.133.177.169:0
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.8 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 05:57:39 GMT
etag: W/"634e4053-9e41"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/themes/porto/style.css?ver=6.5.1
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-content/themes/porto/style.css?ver=6.5.1
IP 18.133.177.169:0
GET /wp-content/themes/porto/style.css?ver=6.5.1 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: text/css
last-modified: Tue, 11 Oct 2022 20:40:56 GMT
etag: W/"6345d4d8-408"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/uploads/porto_styles/theme_css_vars.css?ver=6.5.1
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-content/uploads/porto_styles/theme_css_vars.css?ver=6.5.1
IP 18.133.177.169:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/porto_styles/theme_css_vars.css?ver=6.5.1 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: text/css
last-modified: Thu, 20 Oct 2022 06:31:51 GMT
etag: W/"6350eb57-1653"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
IP 18.133.177.169:0
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 05:58:49 GMT
etag: W/"634e4099-2fb3"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP 142.250.74.10:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 13:11:23 GMT
date: Tue, 29 Nov 2022 13:11:23 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
nestfs.com/wp-content/themes/porto/js/libs/jquery.magnific-popup.min.js?ver=1.1.0
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-content/themes/porto/js/libs/jquery.magnific-popup.min.js?ver=1.1.0
IP 18.133.177.169:0
GET /wp-content/themes/porto/js/libs/jquery.magnific-popup.min.js?ver=1.1.0 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: application/javascript
last-modified: Thu, 21 Jul 2022 12:36:28 GMT
etag: W/"62d9484c-4f12"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/uploads/2021/07/pexels-kuncheek-210990-scaled.jpg
18.133.177.169404 Not Found 0 B URL HTTP/2 nestfs.com/wp-content/uploads/2021/07/pexels-kuncheek-210990-scaled.jpg
IP 18.133.177.169:0
GET /wp-content/uploads/2021/07/pexels-kuncheek-210990-scaled.jpg HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://nestfs.com/wp-json/>; rel="https://api.w.org/"
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.8
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.8
IP 18.133.177.169:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.8 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 05:57:39 GMT
etag: W/"634e4053-135d"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.6.4
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.6.4
IP 18.133.177.169:0
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.6.4 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: application/javascript
last-modified: Tue, 15 Mar 2022 22:30:00 GMT
etag: W/"62311368-1405"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/uploads/elementor/css/custom-pro-frontend-lite.min.css?ver=1667198105
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-content/uploads/elementor/css/custom-pro-frontend-lite.min.css?ver=1667198105
IP 18.133.177.169:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/custom-pro-frontend-lite.min.css?ver=1667198105 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: text/css
last-modified: Mon, 31 Oct 2022 06:35:05 GMT
etag: W/"635f6c99-2c62"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/uploads/elementor/css/custom-widget-icon-box.min.css?ver=1667198293
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-content/uploads/elementor/css/custom-widget-icon-box.min.css?ver=1667198293
IP 18.133.177.169:0
GET /wp-content/uploads/elementor/css/custom-widget-icon-box.min.css?ver=1667198293 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: text/css
last-modified: Mon, 31 Oct 2022 06:38:13 GMT
etag: W/"635f6d55-3298"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins:700%7CRoboto:400&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins:700%7CRoboto:400&display=swap
IP 142.250.74.10:0
GET /css?family=Poppins:700%7CRoboto:400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 13:11:23 GMT
date: Tue, 29 Nov 2022 13:11:23 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
nestfs.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18
IP 18.133.177.169:0
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 05:57:24 GMT
etag: W/"634e4044-1f69c"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/themes/porto/css/theme_radius.css?ver=6.5.1
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-content/themes/porto/css/theme_radius.css?ver=6.5.1
IP 18.133.177.169:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/porto/css/theme_radius.css?ver=6.5.1 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: text/css
last-modified: Thu, 21 Jul 2022 12:37:28 GMT
etag: W/"62d94888-457b"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 18.133.177.169:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
etag: W/"62551487-48b9"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/themes/porto/js/bootstrap.js?ver=5.0.1
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-content/themes/porto/js/bootstrap.js?ver=5.0.1
IP 18.133.177.169:0
GET /wp-content/themes/porto/js/bootstrap.js?ver=5.0.1 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: application/javascript
last-modified: Thu, 21 Jul 2022 12:36:26 GMT
etag: W/"62d9484a-2e756"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 18.133.177.169:0
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 05:17:42 GMT
etag: W/"6361fd76-459f"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/themes/porto/css/theme.css?ver=6.5.1
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-content/themes/porto/css/theme.css?ver=6.5.1
IP 18.133.177.169:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/porto/css/theme.css?ver=6.5.1 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 12:31:16 GMT
etag: W/"6319e094-48036"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 18.133.177.169:0
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 05:57:39 GMT
etag: W/"634e4053-2fa6"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/uploads/elementor/css/post-5.css?ver=1667198109
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-content/uploads/elementor/css/post-5.css?ver=1667198109
IP 18.133.177.169:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-5.css?ver=1667198109 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: text/css
last-modified: Mon, 31 Oct 2022 06:35:09 GMT
etag: W/"635f6c9d-498"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/themes/porto/inc/lib/live-search/live-search.min.js?ver=6.5.1
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-content/themes/porto/inc/lib/live-search/live-search.min.js?ver=6.5.1
IP 18.133.177.169:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/porto/inc/lib/live-search/live-search.min.js?ver=6.5.1 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: application/javascript
last-modified: Thu, 21 Jul 2022 12:36:40 GMT
etag: W/"62d94858-378c"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 18.133.177.169:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 05:17:42 GMT
etag: W/"6361fd76-15e54"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/uploads/elementor/css/post-604.css?ver=1667198822
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-content/uploads/elementor/css/post-604.css?ver=1667198822
IP 18.133.177.169:0
GET /wp-content/uploads/elementor/css/post-604.css?ver=1667198822 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: text/css
last-modified: Mon, 31 Oct 2022 06:47:02 GMT
etag: W/"635f6f66-5635"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 18.133.177.169:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: application/javascript
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
etag: W/"5ee520a7-15fd"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP 18.133.177.169:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: text/css
last-modified: Tue, 18 Oct 2022 05:57:39 GMT
etag: W/"634e4053-4b4f"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/themes/porto/js/libs/jquery.cookie.min.js?ver=1.4.1
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-content/themes/porto/js/libs/jquery.cookie.min.js?ver=1.4.1
IP 18.133.177.169:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/porto/js/libs/jquery.cookie.min.js?ver=1.4.1 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: application/javascript
last-modified: Thu, 21 Jul 2022 12:36:28 GMT
etag: W/"62d9484c-506"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.6.4
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.6.4
IP 18.133.177.169:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.6.4 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: application/javascript
last-modified: Tue, 15 Mar 2022 22:30:00 GMT
etag: W/"62311368-5e95"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/themes/porto/css/plugins.css?ver=6.5.1
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-content/themes/porto/css/plugins.css?ver=6.5.1
IP 18.133.177.169:0
GET /wp-content/themes/porto/css/plugins.css?ver=6.5.1 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: text/css
last-modified: Thu, 21 Jul 2022 12:37:30 GMT
etag: W/"62d9488a-1b7fd"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/uploads/elementor/css/custom-frontend-lite.min.css?ver=1667198117
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-content/uploads/elementor/css/custom-frontend-lite.min.css?ver=1667198117
IP 18.133.177.169:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/custom-frontend-lite.min.css?ver=1667198117 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: text/css
last-modified: Mon, 31 Oct 2022 06:35:17 GMT
etag: W/"635f6ca5-1a7c4"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.20
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.20
IP 18.133.177.169:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.20 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 05:57:24 GMT
etag: W/"634e4044-5ec80"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP 18.133.177.169:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 05:17:42 GMT
etag: W/"6361fd76-27f6"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
nestfs.com/wp-content/uploads/porto_styles/shortcodes.css?ver=6.5.1
18.133.177.169200 OK 0 B URL HTTP/2 nestfs.com/wp-content/uploads/porto_styles/shortcodes.css?ver=6.5.1
IP 18.133.177.169:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/porto_styles/shortcodes.css?ver=6.5.1 HTTP/1.1
Host: nestfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nestfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:11:24 GMT
content-type: text/css
last-modified: Tue, 18 Oct 2022 13:29:40 GMT
etag: W/"634eaa44-2f122"
x-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2