Report - conocotradings.co/

Report Overview

Submitted URL
conocotradings.co/
IP
68.65.122.147
ASN
#22612 NAMECHEAP-NET
Submitted
2022-10-27 04:08:22
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
44

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
conocotradings.co	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	24 kB	969 kB	68.65.122.147
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	964 B	104.18.32.68
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	466 B	746 B	142.250.74.10
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.4 kB	93.184.220.29
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	4.2 kB	142.250.74.35
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.210.158.59
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	50 kB	216.58.207.195
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	48 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-27	medium	conocotradings.co/	Phishing
2022-10-27	medium	conocotradings.co/	Phishing
2022-10-27	medium	conocotradings.co/wp-content/themes/astra/assets/css/minified/compatibility/page-builder/bb-plugin.min.css?ver=3.9.2	Phishing
2022-10-27	medium	conocotradings.co/wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.9.2	Phishing
2022-10-27	medium	conocotradings.co/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3	Phishing
2022-10-27	medium	conocotradings.co/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.5.1	Phishing
2022-10-27	medium	conocotradings.co/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4	Phishing
2022-10-27	medium	conocotradings.co/wp-content/uploads/bb-plugin/cache/10-layout.css?ver=95ab821563d45677defed724e424ba63	Phishing
2022-10-27	medium	conocotradings.co/wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.9.2	Phishing
2022-10-27	medium	conocotradings.co/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout.min.css?ver=3.9.2	Phishing
2022-10-27	medium	conocotradings.co/wp-content/plugins/creame-whatsapp-me/public/css/joinchat-btn.min.css?ver=4.5.11	Phishing
2022-10-27	medium	conocotradings.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Phishing
2022-10-27	medium	conocotradings.co/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.2	Phishing
2022-10-27	medium	conocotradings.co/wp-content/themes/astra/assets/js/minified/mobile-cart.min.js?ver=3.9.2	Phishing
2022-10-27	medium	conocotradings.co/wp-content/plugins/beaver-builder-lite-version/js/jquery.waypoints.min.js?ver=2.5.5.5	Phishing
2022-10-27	medium	conocotradings.co/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4	Phishing
2022-10-27	medium	conocotradings.co/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4	Phishing
2022-10-27	medium	conocotradings.co/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.0.0	Phishing
2022-10-27	medium	conocotradings.co/wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.11	Phishing
2022-10-27	medium	conocotradings.co/wp-content/uploads/bb-plugin/cache/wholesale-80gsm-thin-a4-copy-paper-high-quality-1556313275-4876174-square.jpeg	Phishing
2022-10-27	medium	conocotradings.co/wp-content/themes/astra/assets/fonts/astra.woff	Phishing
2022-10-27	medium	conocotradings.co/?wc-ajax=get_refreshed_fragments	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (24)

	URL	Size	First Seen	Last Seen
	conocotradings.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-27
Pretty URL conocotradings.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 68.65.122.147 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-27 02:39:29 Times Seen68686 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	conocotradings.co/wp-content/uploads/bb-plugin/cache/10-layout.js?ver=161f5d375033354b822bb13a04954bfc	37 kB	2023-03-10	2023-03-10
Pretty URL conocotradings.co/wp-content/uploads/bb-plugin/cache/10-layout.js?ver=161f5d375033354b822bb13a04954bfc IP 68.65.122.147 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 16:15:54 Last Seen2023-03-10 16:15:54 Times Seen1 Hash 161f5d375033354b822bb13a04954bfc b00537185ecc67ff499b99b9f39d4848fac8427a a4dc2c9b7296a336051a950cd1d03be56cf9a6a208e33972d4741610e9bdcbb1 Loading...

	conocotradings.co/	47 B	2023-03-07	2024-04-15
Pretty URL conocotradings.co/ IP 68.65.122.147 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:12 Last Seen2024-04-15 01:25:33 Times Seen193 Hash 056d107e95a01e8475b27390ee6d4740 58722677205061bd24469e41c6b2278e65962cff b426361adc5bf62e0b72036e046b1e0c614eae05ac0e1f37be2eb43cd7f8b8b2 Loading...

	conocotradings.co/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4	12 kB	2023-03-08	2024-04-24
Pretty URL conocotradings.co/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 IP 68.65.122.147 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:19 Last Seen2024-04-24 20:13:16 Times Seen3481 Hash 1f9968a7c7a2a02491393fb9d4103dae 0032c8a6a692e6f072b2cef20828449402fdd57d f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49 Loading...

	conocotradings.co/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3	19 kB	2023-03-07	2024-04-26
Pretty URL conocotradings.co/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 IP 68.65.122.147 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-26 23:19:42 Times Seen38071 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	conocotradings.co/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.0.0	9.5 kB	2023-03-07	2024-04-25
Pretty URL conocotradings.co/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.0.0 IP 68.65.122.147 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-25 13:07:05 Times Seen1881 Hash a5451283952efd5df49466bbeace6911 dce405842471c303c3d8fd6fa3c084aa56a71029 f4e38e5ef16efe51836cf7142412b8e1aa8b73ce89afed23be0cf77dfd8e095d Loading...

	conocotradings.co/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.0.0	1.8 kB	2023-03-07	2024-04-26
Pretty URL conocotradings.co/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.0.0 IP 68.65.122.147 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-26 23:19:41 Times Seen21612 Hash d0a6d8547c66b0d7b0172466558d1208 ff93916519c7b9483251f609e4d29f38c30a66e3 3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612 Loading...

	conocotradings.co/	109 B	2023-03-07	2024-04-27
Pretty URL conocotradings.co/ IP 68.65.122.147 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-27 01:32:58 Times Seen4212 Hash c3041f910d72f3447c03a53d6b8df977 d2959e0ca4bfa2ec8613d1fba8ae2399aebdd123 9b5e9931c5ad5f273f4c6eb5988506ef60471957923124b28aab2f8563e8b7fd Loading...

	conocotradings.co/	105 B	2023-03-10	2023-03-10
Pretty URL conocotradings.co/ IP 68.65.122.147 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 16:15:54 Last Seen2023-03-10 16:15:54 Times Seen1 Hash c17202c63a371fec6ab62b303848411f 60bbeb7e6af7ee9ef4bb81019ac1c05da5c9582c e9668003e6997c20ca1cabd8e1158da41b3353c7669b0520ab67aa19b4b1f756 Loading...

	conocotradings.co/	234 B	2023-03-10	2023-03-10
Pretty URL conocotradings.co/ IP 68.65.122.147 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 16:15:55 Last Seen2023-03-10 16:15:55 Times Seen1 Hash e2a1798a6280207a6ed2fd14afb4cc45 4fd79c1c70ff40b37d4735e144f60ea855a6adf3 d3ec63901b7ea8b587f02bb21cb01de757220fe95710d378f85db6cf6bfcaeb3 Loading...

	conocotradings.co/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.0.0	3.0 kB	2023-03-07	2024-04-25
Pretty URL conocotradings.co/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.0.0 IP 68.65.122.147 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-25 13:07:05 Times Seen1755 Hash 4e544022235ced14996464116a9ed9b2 31ee19d95973124b812a22c5ff5944d5b5bf8147 4ef2d5b0ef62523af87f3e13d8061449b2ddbfce07064f26b1305084abbf18f1 Loading...

	conocotradings.co/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.0.0	2.9 kB	2023-03-07	2024-04-26
Pretty URL conocotradings.co/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.0.0 IP 68.65.122.147 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-26 23:19:40 Times Seen13992 Hash 0fd625c3991a4015814cffdc88e2fc82 d7c2f53e058210ff3ea773297641008bab71a5f3 2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1 Loading...

	conocotradings.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-04-27
Pretty URL conocotradings.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 68.65.122.147 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-27 02:39:29 Times Seen31858 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	conocotradings.co/	152 B	2023-03-07	2024-04-27
Pretty URL conocotradings.co/ IP 68.65.122.147 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-27 05:20:16 Times Seen19941 Hash b8c40bf7c92768058d743847cccdb147 4fbbbcb2dda4d05e2e58bf43330c559b4165fc0b 7872ff233c7b2bfa962f491d0575e71f0b0b487bc63899ff4c72c7c9d5197688 Loading...

	conocotradings.co/	47 B	2023-03-07	2024-04-27
Pretty URL conocotradings.co/ IP 68.65.122.147 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-27 02:39:28 Times Seen2009 Hash 2c51b5be11f71c5e12aff7f05787fdfd 5e99384e82d66bdfa4db7c8b43a9066c2896e46d f305ca5823e9ef3bf3cdd312369057a018addabb859d129e07543349fdd74d35 Loading...

	conocotradings.co/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4	9.9 kB	2023-03-08	2024-04-24
Pretty URL conocotradings.co/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 IP 68.65.122.147 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:19 Last Seen2024-04-24 20:13:16 Times Seen3136 Hash dc74c9954b1944928eca0172c3b8c6b3 e9e00e587e0e28491b69563b4e768945ff2e0ed5 d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b Loading...

	conocotradings.co/	333 B	2023-03-07	2024-04-27
Pretty URL conocotradings.co/ IP 68.65.122.147 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-27 05:24:48 Times Seen7499 Hash 3688fd64c409264431201fa55a828e81 2b7eeefaa1edf3a7621f7576b35b01c895ef5367 944433761a880eab1d567dd5389499af76aa03582c82a8aa88838e3c6c2134c6 Loading...

	conocotradings.co/	2.2 kB	2023-03-10	2023-03-10
Pretty URL conocotradings.co/ IP 68.65.122.147 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 16:15:55 Last Seen2023-03-10 16:15:55 Times Seen1 Hash bcdb0de670ad21260f9f8fc05fd14d9b fad15ffaa724db9cf7cef41e9af39cc86a33f230 7daa7cc7344fdd656534f08694ae860958ad4c65378e44f2888007d8ccc08d01 Loading...

	conocotradings.co/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.2	17 kB	2023-03-07	2024-04-24
Pretty URL conocotradings.co/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.2 IP 68.65.122.147 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:22:33 Last Seen2024-04-24 17:28:41 Times Seen1026 Hash 423e4eab18767461cb68a11c5b2a0cb4 d5c17c5fbecfe815e7c27347155158e90e9fb709 d6a23f9c4dec2f455c8e2340a99ad4db01a1d538bb1f2537bab3991ec64e14c7 Loading...

	conocotradings.co/wp-content/plugins/beaver-builder-lite-version/js/jquery.waypoints.min.js?ver=2.5.5.5	8.8 kB	2023-03-07	2024-04-26
Pretty URL conocotradings.co/wp-content/plugins/beaver-builder-lite-version/js/jquery.waypoints.min.js?ver=2.5.5.5 IP 68.65.122.147 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:49 Last Seen2024-04-26 10:42:39 Times Seen1874 Hash 43b1aa1ea2d73e79e9d45980c7920446 1bef149aedeafff7a797e799cfba168bed0d6dc6 9c7bd3dadf6edc19d3b8876a8e2b0b0ae6b54f403d7e987ec82b041128cfdd35 Loading...

	conocotradings.co/wp-content/themes/astra/assets/js/minified/mobile-cart.min.js?ver=3.9.2	2.9 kB	2023-03-07	2024-04-24
Pretty URL conocotradings.co/wp-content/themes/astra/assets/js/minified/mobile-cart.min.js?ver=3.9.2 IP 68.65.122.147 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:30 Last Seen2024-04-24 11:47:13 Times Seen67 Hash 8ee91edf712dabf984ae1a839c96611e cfc231a9813a1dd78a73126e6afe17ffbe9c8ac4 519b13dc8da11713eb75d921d74cd5aa7ac25feb544195312ff79e6b43e13c7e Loading...

	conocotradings.co/wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.11	8.1 kB	2023-03-08	2024-02-25
Pretty URL conocotradings.co/wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.11 IP 68.65.122.147 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:01 Last Seen2024-02-25 03:12:16 Times Seen155 Hash d722044cc0ba8301aa6e215203f3299f 87ebd8f71d38dccb9c2dcebbb7203dd836257b8b 59fc5a88fa6aad3642d9914c53490174cef0abce3ab397589364018c4acd74e0 Loading...

	conocotradings.co/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.0.0	2.1 kB	2023-03-07	2024-04-27
Pretty URL conocotradings.co/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.0.0 IP 68.65.122.147 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-27 03:45:21 Times Seen22416 Hash b72c1cbb1530a011a27bd9800f26765a 27b825c5d8255f33b8427a059d4545ebd65e1746 a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8 Loading...

	conocotradings.co/	268 B	2023-03-10	2023-03-10
Pretty URL conocotradings.co/ IP 68.65.122.147 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 16:15:55 Last Seen2023-03-10 16:15:55 Times Seen1 Hash 0014236b2456e6202866fa02c7febb00 ab37ece9c508e4fa9508710bbe7245015aa04ab7 498e6f5a2dc88d0374bb5801bfd4913a20377d979a523ef0b9f8c69832ca10d8 Loading...

HTTP Transactions (81)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e36c852b5e145f2f09fe73111fb162e1
e439c6a462f86a3003d6464a8b9999b1c4d1e210
52a721168d0c41cb0854ff8c730fce3b79db2e804b383238e95ff1401922bd74

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52A721168D0C41CB0854FF8C730FCE3B79DB2E804B383238E95FF1401922BD74"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4973
Expires: Thu, 27 Oct 2022 05:31:04 GMT
Date: Thu, 27 Oct 2022 04:08:11 GMT
Connection: keep-alive

conocotradings.co/

68.65.122.147

301 Moved Permanently

707 B

URL HTTP/1.1
conocotradings.co/
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 27 Oct 2022 04:08:11 GMT
server: LiteSpeed
location: https://conocotradings.co/
x-turbo-charged-by: LiteSpeed

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6472
Cache-Control: max-age=112243
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:08:11 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 11:18:54 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6472
Cache-Control: max-age=112243
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:08:11 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 11:18:54 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a39eea1096852891690eaee02a64383e
c273000f799fc3676e8e3ef3617611a31252cffc
d9d95319013d64bc2ef6d9870f4adba902ee970b6f9e96279c9ed86f556e0001

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9D95319013D64BC2EF6D9870F4ADBA902EE970B6F9E96279C9ED86F556E0001"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2558
Expires: Thu, 27 Oct 2022 04:50:49 GMT
Date: Thu, 27 Oct 2022 04:08:11 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: PFB2yaeuuGYLWHv0WPLt0yXv8dZA4fOfRIHzj9Nl/whG6htarssIBnPYub9lBnC49+GEgRpM/OB6zX16x11zeg==
x-amz-request-id: P6B71QQNTH4JFCXD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 27 Oct 2022 03:39:27 GMT
age: 1724
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 04:08:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
03f398b44693f9963829a9451d375cf0
cb80f648620ee3cb5e82ae5f7e72edd2193aef62
952e5a4c3f88acd45755476de798917550e946d5572c37d9b2cd79f44e562717

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 04:08:12 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 26 Oct 2022 02:52:09 GMT
Expires: Wed, 02 Nov 2022 02:52:08 GMT
Etag: "cb80f648620ee3cb5e82ae5f7e72edd2193aef62"
Cache-Control: max-age=513235,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 760891b2c98bb51e-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
dd283dfc036535bdeb8a8be1310ef930
d3b1c300dd75d7af630e0f3112e49d7492d66c17
578f9256faa188facb3f2d68b02b0c7fb2e30e02e2e74234d015429563cba7aa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4235
Cache-Control: max-age=104950
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:08:12 GMT
Etag: "6358ea97-1d7"
Expires: Fri, 28 Oct 2022 09:17:22 GMT
Last-Modified: Wed, 26 Oct 2022 08:06:47 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

conocotradings.co/

68.65.122.147

200 OK

26 kB

URL HTTP/2
conocotradings.co/
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56892), with CRLF, LF line terminators
Size
26 kB (25590 bytes)
Hash
352eb33ef6d6309865d7290d6d2f02cc
900beabc9d573356f461e38d4f2e469046c8acd9
60eed473a9a2aa77e44cd93dfddd3a859f7c0fd46f1180f7256d47ee8c4b7d86

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
link: <https://conocotradings.co/wp-json/>; rel="https://api.w.org/", <https://conocotradings.co/wp-json/wp/v2/pages/10>; rel="alternate"; type="application/json", <https://conocotradings.co/>; rel=shortlink
etag: "730-1666735468;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 25590
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f046e6113dd1e5e499c765516be08b17
c2253055e09b46209469853cad8720e64f84a1bf
18663a8f0b5d4d7581b771da6c2dc897bc2b82d51d7dac1a56d22f9bebab6fb3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:08:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f046e6113dd1e5e499c765516be08b17
c2253055e09b46209469853cad8720e64f84a1bf
18663a8f0b5d4d7581b771da6c2dc897bc2b82d51d7dac1a56d22f9bebab6fb3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:08:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

34.210.158.59

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.210.158.59:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: X/9BrF1n/dOaESzvKKq2WQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QhadVqaokYiZBx0CGqv/NpD8Dgw=

conocotradings.co/wp-content/themes/astra/assets/css/minified/compatibility/page-builder/bb-plugin.min.css?ver=3.9.2

68.65.122.147

200 OK

127 B

URL HTTP/2
conocotradings.co/wp-content/themes/astra/assets/css/minified/compatibility/page-builder/bb-plugin.min.css?ver=3.9.2
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (302), with no line terminators
Size
127 B (127 bytes)
Hash
09707d8249bff41ab9b149ef2fc6b72c
5238d701eaed208e52bac629e8ff59f2b94f815c
30c92fe46deaaac369efa9cb07d71427069fe60b46a095917d65d10fce6046ca

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/astra/assets/css/minified/compatibility/page-builder/bb-plugin.min.css?ver=3.9.2 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: text/css
last-modified: Mon, 24 Oct 2022 04:16:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 127
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.9.2

68.65.122.147

200 OK

8.4 kB

URL HTTP/2
conocotradings.co/wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.9.2
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (44114)
Size
8.4 kB (8419 bytes)
Hash
161f99d3338e0e49293d3095994acf22
42619cd9255821306c5fa37b6c58c3f9cb0fe700
74c4d05146c54581e48f71e69aabf5b5a7a3e9970aaa1a2fe8381b2f73ac0d24

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.9.2 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: text/css
last-modified: Mon, 24 Oct 2022 04:16:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8419
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3

68.65.122.147

200 OK

11 kB

URL HTTP/2
conocotradings.co/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (43771)
Size
11 kB (10946 bytes)
Hash
d45207ee05c1f0c57dfa075e61405ccd
a8d35143a2d828a739ea0fdde75f97d33621e7ec
a9a4adbbcee31ec277f1bdd573eef97dc4341f29f2db3b5685a02dfe4d2fe9bb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: text/css
last-modified: Mon, 04 Jul 2022 21:40:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10946
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.5.1

68.65.122.147

200 OK

1.8 kB

URL HTTP/2
conocotradings.co/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.5.1
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (10435), with no line terminators
Size
1.8 kB (1754 bytes)
Hash
f7237084ac82ea6a4f5bf1448c3a2148
60457635a5e809ee1199c61090d8e33b91e8e1f2
18a1cb7f08c1ace52a79f46d73461ed03bf8cf5c9e8a3687eacc3e04f08e7a09

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.5.1 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: text/css
last-modified: Mon, 24 Oct 2022 04:31:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1754
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.5.1

68.65.122.147

200 OK

22 kB

URL HTTP/2
conocotradings.co/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.5.1
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Size
22 kB (22437 bytes)
Hash
66c0d8e7043ce32a0a22feffb13557ff
5c31173df12f7ac740c078a1b56f8e64dbb789aa
44705113051545459aedc2d4463156019b3119ed6c278dc31d7d5f4a6a66d9cd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.5.1 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: text/css
last-modified: Mon, 24 Oct 2022 04:31:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 22437
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4

68.65.122.147

200 OK

848 B

URL HTTP/2
conocotradings.co/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
848 B (848 bytes)
Hash
c962ba8e7d42ff9da18392b41dad5151
7b89bc5e6ad161df2e6d7f7fb3ad894aa04b827f
322a4949c5bdd82eb80c13bbbd407ce30a7ad226685c54270d246cb6960e524e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: text/css
last-modified: Mon, 24 Oct 2022 09:15:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 848
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/uploads/bb-plugin/cache/10-layout.css?ver=95ab821563d45677defed724e424ba63

68.65.122.147

200 OK

8.6 kB

URL HTTP/2
conocotradings.co/wp-content/uploads/bb-plugin/cache/10-layout.css?ver=95ab821563d45677defed724e424ba63
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
8.6 kB (8570 bytes)
Hash
436fe3b5536b0bf31680f2ebdc1c388e
ffc0249e3ddbf5ab83197db59a87ad6a055990c2
82eaaafeca927fea358af11f03b29137067f9b7238d7dfbfc6936a747fe0ac90

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/bb-plugin/cache/10-layout.css?ver=95ab821563d45677defed724e424ba63 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: text/css
last-modified: Mon, 24 Oct 2022 18:33:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8570
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.9.2

68.65.122.147

200 OK

344 B

URL HTTP/2
conocotradings.co/wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.9.2
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (882), with no line terminators
Size
344 B (344 bytes)
Hash
3451c3b3d0677e5875de4c69462938cc
8ffbe1fe3f2e3fa5f47e3988b4cd645670280dc2
4f6bdfd0a626ab45f0ef60de99c73adafde68d55d3a4bbf4723ba3ddcf045420

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.9.2 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: text/css
last-modified: Mon, 24 Oct 2022 04:16:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 344
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout.min.css?ver=3.9.2

68.65.122.147

200 OK

2.0 kB

URL HTTP/2
conocotradings.co/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout.min.css?ver=3.9.2
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (18333), with no line terminators
Size
2.0 kB (1954 bytes)
Hash
2dc4f2958888c14f5ab19ffbd13166bd
9b76b636181455e889739393b7dc518ff162b7eb
ac7e28d4aad4c1332951c076253f9c566bcbf4008b65d73457be397b5adf4395

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout.min.css?ver=3.9.2 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: text/css
last-modified: Mon, 24 Oct 2022 04:16:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1954
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.5.5.5

68.65.122.147

200 OK

3.0 kB

URL HTTP/2
conocotradings.co/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.5.5.5
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
3.0 kB (3031 bytes)
Hash
034e5b3214e219e60571be47c6e0f448
d42309513ec24f80cee57333ad153c2d529a4f94
1e1d229846da1d49c1cffb1168f0a4e3089c358a0fc70216ee3e2e261d1f1be0

HTTP Headers

GET /wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.5.5.5 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: text/css
last-modified: Mon, 24 Oct 2022 04:16:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3031
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce.min.css?ver=3.9.2

68.65.122.147

200 OK

15 kB

URL HTTP/2
conocotradings.co/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce.min.css?ver=3.9.2
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (65526), with no line terminators
Size
15 kB (15163 bytes)
Hash
d090dda06acf6104acbbf1244344027d
706d61a8128061aaceb7c5244037bce6977a734d
db2dfe8554887e5e54a5f4aa38912d8bf398f27911b2cdd136a293cf293a7048

HTTP Headers

GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce.min.css?ver=3.9.2 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: text/css
last-modified: Mon, 24 Oct 2022 04:16:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15163
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/plugins/creame-whatsapp-me/public/css/joinchat-btn.min.css?ver=4.5.11

68.65.122.147

200 OK

2.0 kB

URL HTTP/2
conocotradings.co/wp-content/plugins/creame-whatsapp-me/public/css/joinchat-btn.min.css?ver=4.5.11
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (6021), with no line terminators
Size
2.0 kB (1951 bytes)
Hash
96919ed3a12fa25443b0296b5d59c1d3
0e29f4090fb2622e4b123bb730c556a59e3600c6
ae94826ae36282085de96bba35b22015da1c378f86f79e4bb8f5d0d08ccf8090

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/creame-whatsapp-me/public/css/joinchat-btn.min.css?ver=4.5.11 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: text/css
last-modified: Mon, 24 Oct 2022 05:23:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1951
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

68.65.122.147

200 OK

4.0 kB

URL HTTP/2
conocotradings.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (11126)
Size
4.0 kB (3995 bytes)
Hash
7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/uploads/2022/10/cropped-logo-1-80x76.png

68.65.122.147

200 OK

3.5 kB

URL HTTP/2
conocotradings.co/wp-content/uploads/2022/10/cropped-logo-1-80x76.png
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 80 x 76, 8-bit/color RGBA, non-interlaced\012- data
Size
3.5 kB (3521 bytes)
Hash
378d571a40294f3dcabe64780c6c5148
b46848da663df79980f5718098e789ffae891bfa
7b2ea4f320de302abf5afdbd8ff24c424abdf9ce960732eb789b43576cdcd7f6

HTTP Headers

GET /wp-content/uploads/2022/10/cropped-logo-1-80x76.png HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/png
last-modified: Mon, 24 Oct 2022 10:54:07 GMT
accept-ranges: bytes
content-length: 3521
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

68.65.122.147

200 OK

30 kB

URL HTTP/2
conocotradings.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65447)
Size
30 kB (30273 bytes)
Hash
34f918ada1fe4f01c5a4b90065bbc37a
a731f6ce2d413805e39ae45994012b1bd5ea1e2b
eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: application/javascript
last-modified: Thu, 11 Mar 2021 01:37:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30273
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d14190b7d44355f74384008fc2bc965b
8899240507992ceba98f567c079650149cc583a4
2db73ab3dfce1101ff8aaa09fe7227ad8017486b3ec3f536b7f8a1102ec0c267

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:08:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d14190b7d44355f74384008fc2bc965b
8899240507992ceba98f567c079650149cc583a4
2db73ab3dfce1101ff8aaa09fe7227ad8017486b3ec3f536b7f8a1102ec0c267

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:08:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2

216.58.207.195

200 OK

20 kB

URL HTTP/2
fonts.gstatic.com/s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 19860, version 1.0\012- data
Size
20 kB (19860 bytes)
Hash
a95e391373ad634c3b7dbaf77de3f40e
ddc4638bc28c21a400fcd2df94448743f198a257
fa3d5a0422c9b413abb4c78f8ff80de8a8ed58766f7110c82febf5296e899b47

HTTP Headers

GET /s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://conocotradings.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 24 Oct 2022 22:46:46 GMT
expires: Tue, 24 Oct 2023 22:46:46 GMT
cache-control: public, max-age=31536000
age: 192087
last-modified: Mon, 18 Jul 2022 19:06:33 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d14190b7d44355f74384008fc2bc965b
8899240507992ceba98f567c079650149cc583a4
2db73ab3dfce1101ff8aaa09fe7227ad8017486b3ec3f536b7f8a1102ec0c267

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:08:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2

216.58.207.195

200 OK

14 kB

URL HTTP/2
fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 14060, version 1.0\012- data
Size
14 kB (14060 bytes)
Hash
aacf0f4f8b5d693087b4d8ac6c86d2ae
ad06f3ffd0db6034eb0a12f98aa8aa4dead430fb
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7

HTTP Headers

GET /s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://conocotradings.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14060
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 24 Oct 2022 21:11:50 GMT
expires: Tue, 24 Oct 2023 21:11:50 GMT
cache-control: public, max-age=31536000
age: 197783
last-modified: Mon, 18 Jul 2022 19:44:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2

216.58.207.195

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12848, version 1.0\012- data
Size
13 kB (12848 bytes)
Hash
f0b3206d02a2f684530117ce1d7e8ce0
f3708b707b65e241b0f1c819d5f7bf7da8412653
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da

HTTP Headers

GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://conocotradings.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12848
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 16:43:33 GMT
expires: Fri, 20 Oct 2023 16:43:33 GMT
cache-control: public, max-age=31536000
age: 559480
last-modified: Mon, 11 Jul 2022 18:56:00 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d14190b7d44355f74384008fc2bc965b
8899240507992ceba98f567c079650149cc583a4
2db73ab3dfce1101ff8aaa09fe7227ad8017486b3ec3f536b7f8a1102ec0c267

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:08:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2458
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Thu, 27 Oct 2022 04:08:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2458
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Thu, 27 Oct 2022 04:08:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2458
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Thu, 27 Oct 2022 04:08:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2458
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Thu, 27 Oct 2022 04:08:13 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa85c6304-6f72-4904-bb25-968b35616ef5.jpeg

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa85c6304-6f72-4904-bb25-968b35616ef5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7428 bytes)
Hash
4f9f8683351154be3300311e3a7e29e3
4fc868d652910c7dcf4ef0e87531de4ee6007c45
d4f012729e0eddc20948ad98d653794204f80344a5840142877dcaa8d2520a71

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa85c6304-6f72-4904-bb25-968b35616ef5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7428
x-amzn-requestid: f474225b-1b7e-4e4e-b967-827dff138e2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aioFrH2ioAMF4Pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635753bd-140dc30a1ca63aae54cd4621;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 03:10:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uXh_puh8KbSQsJ9E6WnyTjLF_nBhhSOrg4TOx5BugoMM88DOz66jgA==
via: 1.1 78c1c4eb451e4790ed630b0d5a576590.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 03:34:39 GMT
age: 2014
etag: "4fc868d652910c7dcf4ef0e87531de4ee6007c45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe98a4c03-5fa3-4445-a037-d229b86c94a6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8936 bytes)
Hash
eb430e5efbc6c8c306fce87e26faf734
b05b7299a7e473e873510671a6abdd5227a53f46
c49d64e87ec8243a1ee7f214f21988b6f6a33ba93814ec31262d80e4a22b8504

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe98a4c03-5fa3-4445-a037-d229b86c94a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8936
x-amzn-requestid: d0698fc0-e4c9-4633-9b64-df09be35b450
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocuiGBlIAMF-LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7f6-7c78a1fc43552b934e6b8708;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:46 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gus8UKo03dRkfqPRhxnW6zzqx7o-2tZbbv-DsBSW7UREHPOA1uqdUw==
via: 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:47:37 GMT
etag: "b05b7299a7e473e873510671a6abdd5227a53f46"
content-type: image/jpeg
age: 22836
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd660616a-1641-4ad3-bf62-59dfe54ba2e9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5247 bytes)
Hash
cd902e06ceaeb060cec24c464c11738d
ffdfde08eb38e20b01c550fd4b1bb871304bb0ea
593f5c12c617c7217205d8aa95fe5f0c46014e5be8f2c8d3010cdd876faeb7dd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd660616a-1641-4ad3-bf62-59dfe54ba2e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5247
x-amzn-requestid: 7e07eeaa-b95a-4283-8ca7-fb28e9e30258
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRpdhGDJIAMFd7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63508923-4e947c3539ad0d6d777a47cd;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 23:32:51 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -YRLmJMcCGHOfiEy_FwyogtW6h5rmYiu9EMZfXG4Jg8tJRtIxlKKnw==
via: 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:51:10 GMT
age: 22623
etag: "ffdfde08eb38e20b01c550fd4b1bb871304bb0ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9098f868-2119-42f3-92b9-615f0a2c32f6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8760 bytes)
Hash
36dbf36c45aa3c5d6e10f8c4afd8bf34
bee7e540981a4ffb14728d2ac4a53ce28e299d0d
0dad70dc63e95aa8fd9befdb7dc4f971bad962e300f380dab2a04cc60138374d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9098f868-2119-42f3-92b9-615f0a2c32f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8760
x-amzn-requestid: 013df52a-1abe-4a1b-ac52-9a5ec5da55b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocv2HRMoAMF5mA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7fe-70e98155664262621b8538b5;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9uDSJn3yAYI7RNgIs96f2AT8nfTgd6YbFkMAc9aJAW4wTMiN_JqhEw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:47:46 GMT
etag: "bee7e540981a4ffb14728d2ac4a53ce28e299d0d"
content-type: image/jpeg
age: 22827
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faedeaf71-ffea-4e66-9a25-1410acdb03ec.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5136 bytes)
Hash
ace7660d2948795997e3c7cb9cf12495
fed9b6693077d233f60cc7394c7b667291ffade7
fd4718a6649572cbaf13f46b8e2961cd1c680afa1494b0bacd5fda9010a95098

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faedeaf71-ffea-4e66-9a25-1410acdb03ec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5136
x-amzn-requestid: 0059b05c-746b-41cd-8cc1-c744d0b149fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aoc2-H9sIAMFquA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a82c-772120580c4cf9e45b685971;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:35:40 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fqqRNgPgAZRwp_xRyHC3YzEKQTwydDs45MNLQC7hoRpytCb91-9b5Q==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:51:05 GMT
age: 22628
etag: "fed9b6693077d233f60cc7394c7b667291ffade7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44add2bd-5fb0-4610-825b-d696ec78ca49.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6619 bytes)
Hash
05e2d92ca05c08e9598d4128d55b1cba
109364ef1db445ba6c5e8c1178ab56fcce80d346
078e257c6bb8d7d46022c4786b54584c8868eb138e293b37ef164221b519f7bb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44add2bd-5fb0-4610-825b-d696ec78ca49.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6619
x-amzn-requestid: 5b0d857f-cba8-4cc2-9ff5-bf3560f7620e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aVb3RHk1oAMF3KQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63520cfb-30108b2d2bf56f3d0edbaa67;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 03:07:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rnJCFnqy9-kDnIS-oExds78LCxiyL3noVoC_I2PVpybhmZoQHi2GoA==
via: 1.1 6e11af43b7d44f54f9a54c759c251f16.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 12:31:05 GMT
age: 56228
etag: "109364ef1db445ba6c5e8c1178ab56fcce80d346"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

conocotradings.co/wp-content/uploads/bb-plugin/cache/s-pdpxl-1-square.jpg

68.65.122.147

200 OK

15 kB

URL HTTP/2
conocotradings.co/wp-content/uploads/bb-plugin/cache/s-pdpxl-1-square.jpg
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 459x459, components 3\012- data
Size
15 kB (14940 bytes)
Hash
539d3dddd0dfe6274ad1d208e5345057
aa85cb274507f43cdc6ebd3fad59c1de7cbfa620
0fbcaeacdbc14450a8dca0f7589e4740255eb2a0979b66c8462c25b8687fce26

HTTP Headers

GET /wp-content/uploads/bb-plugin/cache/s-pdpxl-1-square.jpg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 14940
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.2

68.65.122.147

200 OK

3.8 kB

URL HTTP/2
conocotradings.co/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.2
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (16935), with no line terminators
Size
3.8 kB (3808 bytes)
Hash
3a5528d3c5255102448258fcf5496360
332bb0c5baaf8110b353094632417e9f313a8b94
024bb2f7ca7725ca60738783b8b6bbc237c937b6725aec3c2a1044961857186a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.2 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 04:16:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3808
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/themes/astra/assets/js/minified/mobile-cart.min.js?ver=3.9.2

68.65.122.147

200 OK

747 B

URL HTTP/2
conocotradings.co/wp-content/themes/astra/assets/js/minified/mobile-cart.min.js?ver=3.9.2
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2928), with no line terminators
Size
747 B (747 bytes)
Hash
7eef215fd0f4722fd9fc7860af14a9e5
abbfe7e3dcf6e76536351453f5f2c8aa06fcb1df
8e23d11d96981b3d2cf0a8f816debd0b551f005169dc361e227dd60377b58bf1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/astra/assets/js/minified/mobile-cart.min.js?ver=3.9.2 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 04:16:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 747
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/plugins/beaver-builder-lite-version/js/jquery.waypoints.min.js?ver=2.5.5.5

68.65.122.147

200 OK

2.5 kB

URL HTTP/2
conocotradings.co/wp-content/plugins/beaver-builder-lite-version/js/jquery.waypoints.min.js?ver=2.5.5.5
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (8668)
Size
2.5 kB (2540 bytes)
Hash
8b4fa51676b888b9690b0a569df29b46
964d5ab97da06207502b98ee7843fd89892eb45c
eb319f1642b22c8345126fe8fc6c680b4f1388cce434df5079051751f44fa320

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/beaver-builder-lite-version/js/jquery.waypoints.min.js?ver=2.5.5.5 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 04:31:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2540
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/uploads/bb-plugin/cache/10-layout.js?ver=161f5d375033354b822bb13a04954bfc

68.65.122.147

200 OK

8.5 kB

URL HTTP/2
conocotradings.co/wp-content/uploads/bb-plugin/cache/10-layout.js?ver=161f5d375033354b822bb13a04954bfc
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (5432)
Size
8.5 kB (8513 bytes)
Hash
b83c0bbd4a5cf86092b1e37988330ed8
8c9c515e0fbec1ea024558c7743e4950dc97f417
0b0b047df6a05b70b55211d52f1694264faa66ef213713f6301052c2538e39d6

HTTP Headers

GET /wp-content/uploads/bb-plugin/cache/10-layout.js?ver=161f5d375033354b822bb13a04954bfc HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 18:33:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8513
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4

68.65.122.147

200 OK

2.8 kB

URL HTTP/2
conocotradings.co/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (9937), with no line terminators
Size
2.8 kB (2817 bytes)
Hash
4317b1c024df372435f6482deadddeb3
5c8824a17e40a44ea8fc51568b98bdb1e2e7fab5
3798fb16289ba55459fb6d3b2efa915e3c019c5942759abb7bd19a0ef622b85d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 09:15:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2817
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4

68.65.122.147

200 OK

3.7 kB

URL HTTP/2
conocotradings.co/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document, ASCII text, with very long lines (12310), with no line terminators
Size
3.7 kB (3706 bytes)
Hash
dc6411bfa6891b75944f0074c945752d
03c1a8b686c287068c61ab90f58d905496d65085
96abeabc9cc7b4c2b7d46579f2827c67ccd02fbaef0343ae052f71accd381b0d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 09:15:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3706
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.0.0

68.65.122.147

200 OK

974 B

URL HTTP/2
conocotradings.co/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.0.0
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document, ASCII text, with very long lines (3037), with no line terminators
Size
974 B (974 bytes)
Hash
fd8b126d3265cc6afc5b672273f78531
5058e579885cccf36c44bdeb5b7318bd75952af9
72da6709db061566cb5f67322f674a77f68acb69ac6181d37f9ca4a1bb7287b7

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.0.0 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 04:31:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 974
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.0.0

68.65.122.147

200 OK

899 B

URL HTTP/2
conocotradings.co/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.0.0
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1668)
Size
899 B (899 bytes)
Hash
22d65ba38528349e705d912ce26bf8ac
c89ba006009043d93b88ff155b4fec8797330550
6253bcb85e4267ad3ba843145534e729ee2c1d7e85e5b4ab5b2e074ae636bca3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.0.0 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 04:31:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 899
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.0.0

68.65.122.147

200 OK

934 B

URL HTTP/2
conocotradings.co/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.0.0
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2938), with no line terminators
Size
934 B (934 bytes)
Hash
cf25dd071a208312bdc07f34d2cee027
76119563119eaae392ecc8903c989d98d0b93002
8635ba2cad8f887e72779bd526f8738ff6343c74cba715caf2eddea383ba7ce6

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.0.0 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 04:31:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 934
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.0.0

68.65.122.147

200 OK

677 B

URL HTTP/2
conocotradings.co/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.0.0
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2139), with no line terminators
Size
677 B (677 bytes)
Hash
a43fc0dde8fdd69656ad0957e62849c7
4b07cf702ac8a770c8cbffc22b9a788b6e5389ba
1ce3d0493424870c81deec0ec41de0592d2af9f91cd8081cd40a1d7ea89b614f

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.0.0 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 04:31:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 677
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.11

68.65.122.147

200 OK

2.5 kB

URL HTTP/2
conocotradings.co/wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.11
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (8082), with no line terminators
Size
2.5 kB (2543 bytes)
Hash
130a237beca0d43b5e806afc8bb690fa
051b82c318203daf5008f87007c015971072b951
e9f5d85f28c930369e90bd08386ee17eee2b85a61a99211733b93aa26c96ec72

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.11 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 05:23:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2543
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3

68.65.122.147

200 OK

4.6 kB

URL HTTP/2
conocotradings.co/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (15660)
Size
4.6 kB (4619 bytes)
Hash
0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 15:26:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.0.0

68.65.122.147

200 OK

3.2 kB

URL HTTP/2
conocotradings.co/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.0.0
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (9115)
Size
3.2 kB (3245 bytes)
Hash
66c388e07cfb57895688b3347ab7290b
f23bd7a31995b3b19924575f2afa297a29257856
3971f3ab5179d1f4f91d2c102f27c2bf1dac2c04e2f62ff3eae3ebfa8c28494e

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.0.0 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 04:31:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3245
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/uploads/bb-plugin/cache/wholesale-80gsm-thin-a4-copy-paper-high-quality-1556313275-4876174-square.jpeg

68.65.122.147

200 OK

36 kB

URL HTTP/2
conocotradings.co/wp-content/uploads/bb-plugin/cache/wholesale-80gsm-thin-a4-copy-paper-high-quality-1556313275-4876174-square.jpeg
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 600x600, components 3\012- data
Size
36 kB (36248 bytes)
Hash
6a196f6769d7fdc4461d53504b6bd025
1c230d2bd43e54e307a3190f31a348c771b1c6a0
c58ab77067dd77312b26268f30084a35a1f759332812f7b8e09fe3a8fab09169

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/bb-plugin/cache/wholesale-80gsm-thin-a4-copy-paper-high-quality-1556313275-4876174-square.jpeg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 36248
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/uploads/bb-plugin/cache/5121_25082013031431_pic-square.jpg

68.65.122.147

200 OK

34 kB

URL HTTP/2
conocotradings.co/wp-content/uploads/bb-plugin/cache/5121_25082013031431_pic-square.jpg
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 500x500, components 3\012- data
Size
34 kB (33731 bytes)
Hash
feca9b561fa7717080f452f082fe5993
78f23aa5a9a9393e91434f2617f12e4437f93622
364870279489e00c6136217207aef47209bb9b1b251e0efc2da58a319679bc5e

HTTP Headers

GET /wp-content/uploads/bb-plugin/cache/5121_25082013031431_pic-square.jpg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 33731
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/uploads/bb-plugin/cache/JK-Copier-A4-square.jpg

68.65.122.147

200 OK

39 kB

URL HTTP/2
conocotradings.co/wp-content/uploads/bb-plugin/cache/JK-Copier-A4-square.jpg
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 374x374, components 3\012- data
Size
39 kB (39390 bytes)
Hash
5db53d6f1571170dcb628f3aa15798fa
65711e14546a3d5953aa66fc7bcdf203da968d81
6d8aa7b870cc2c51c523d5ee30bf9657ac0006fe4ae9c105ec4ce90c48aafb56

HTTP Headers

GET /wp-content/uploads/bb-plugin/cache/JK-Copier-A4-square.jpg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 39390
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/uploads/bb-plugin/cache/silo-product-image-v2-12Nov2021-073244-6003977000206-front-2825842-72358_400Wx400H-square.jpg

68.65.122.147

200 OK

26 kB

URL HTTP/2
conocotradings.co/wp-content/uploads/bb-plugin/cache/silo-product-image-v2-12Nov2021-073244-6003977000206-front-2825842-72358_400Wx400H-square.jpg
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 400x400, components 3\012- data
Size
26 kB (26516 bytes)
Hash
cbd9ada4235cd2a1d7ace5d062db9dd0
0b7e5b1ac2535aaa42aab74e4092c17f5952c960
e3fab3cd5f0bbfab5ed6bf98609fd5ea25cf1adfa30d13592b77c5e4f2990a0b

HTTP Headers

GET /wp-content/uploads/bb-plugin/cache/silo-product-image-v2-12Nov2021-073244-6003977000206-front-2825842-72358_400Wx400H-square.jpg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 26516
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/uploads/bb-plugin/cache/Xerox-A3-Copier-Printing-A4-Copy-Paper-70-GSM-square.jpg

68.65.122.147

200 OK

18 kB

URL HTTP/2
conocotradings.co/wp-content/uploads/bb-plugin/cache/Xerox-A3-Copier-Printing-A4-Copy-Paper-70-GSM-square.jpg
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 360x360, components 3\012- data
Size
18 kB (17587 bytes)
Hash
b5d96d4f54b2cdc34419f714ac8a47cd
880dca7ca2c32fc4357e8d9681e110d659135145
e2bfc93f44be2fde743976c3be462f2378e55095c1d9db1eaa79f7550b0e0e63

HTTP Headers

GET /wp-content/uploads/bb-plugin/cache/Xerox-A3-Copier-Printing-A4-Copy-Paper-70-GSM-square.jpg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 17587
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/uploads/bb-plugin/cache/UTB86aa1oRahduJk43Jaq6zM8FXax-square.jpg

68.65.122.147

200 OK

26 kB

URL HTTP/2
conocotradings.co/wp-content/uploads/bb-plugin/cache/UTB86aa1oRahduJk43Jaq6zM8FXax-square.jpg
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 350x350, components 3\012- data
Size
26 kB (25995 bytes)
Hash
8d7b9d788b2d5603463d1ecbec839acd
e0be084793def26023a42288ad9c756be753a9b5
04b61b9d8e289b3e0d29f1462d18522650d2d5421452ed40128a644cc7b04703

HTTP Headers

GET /wp-content/uploads/bb-plugin/cache/UTB86aa1oRahduJk43Jaq6zM8FXax-square.jpg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 25995
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/uploads/bb-plugin/cache/paperline-gold2-square.jpg

68.65.122.147

200 OK

18 kB

URL HTTP/2
conocotradings.co/wp-content/uploads/bb-plugin/cache/paperline-gold2-square.jpg
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 370x370, components 3\012- data
Size
18 kB (18090 bytes)
Hash
5c0defca637b3ce5c3896b1c26b2c259
a7fbff84afd53899f44b855266a18a0aae550702
f0cc96cc38032201174e59a31673c8e05fb484ca34032ae140739bd467502cfd

HTTP Headers

GET /wp-content/uploads/bb-plugin/cache/paperline-gold2-square.jpg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 18090
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/uploads/bb-plugin/cache/paperline-square.jpg

68.65.122.147

200 OK

19 kB

URL HTTP/2
conocotradings.co/wp-content/uploads/bb-plugin/cache/paperline-square.jpg
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 370x370, components 3\012- data
Size
19 kB (19219 bytes)
Hash
85b041cbcdad1e1839634dbe858287ca
c890e0a1b354dcf25c0aafc6b35ed17fa7d0b69f
fb174fcd45667b213a6b6f1c49cee545f6b4924bad1de2419cb74340b73c1494

HTTP Headers

GET /wp-content/uploads/bb-plugin/cache/paperline-square.jpg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 19219
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/uploads/bb-plugin/cache/paper-one-copier-paper-a4-80gsm-500x500-1-square.jpg

68.65.122.147

200 OK

44 kB

URL HTTP/2
conocotradings.co/wp-content/uploads/bb-plugin/cache/paper-one-copier-paper-a4-80gsm-500x500-1-square.jpg
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 500x500, components 3\012- data
Size
44 kB (44140 bytes)
Hash
81c2e8ffae36639a3edebbc50882d4aa
01924ef729eccfd84deec69de72bcbf72ff48c1a
1c80c82da162578cbd44ec45cfd8699acfadcfc24aa4dd03fc32e44deed861ed

HTTP Headers

GET /wp-content/uploads/bb-plugin/cache/paper-one-copier-paper-a4-80gsm-500x500-1-square.jpg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 44140
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/uploads/bb-plugin/cache/81FcsyVO81L._SX679_-square.jpg

68.65.122.147

200 OK

42 kB

URL HTTP/2
conocotradings.co/wp-content/uploads/bb-plugin/cache/81FcsyVO81L._SX679_-square.jpg
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 498x498, components 3\012- data
Size
42 kB (41686 bytes)
Hash
6d64b7c15d9744a9ea0c8ee919d31625
ae2fc1560db1de448f8e3ec73721f12c5b405150
211ee5005d6db2f0998759da8ea7dd328ac67faf397b8ef2ba11ea5d48f27d34

HTTP Headers

GET /wp-content/uploads/bb-plugin/cache/81FcsyVO81L._SX679_-square.jpg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 41686
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/uploads/bb-plugin/cache/numberone-square.jpg

68.65.122.147

200 OK

38 kB

URL HTTP/2
conocotradings.co/wp-content/uploads/bb-plugin/cache/numberone-square.jpg
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 512x512, components 3\012- data
Size
38 kB (37809 bytes)
Hash
f185dc140ff029bdf01832357fba8e82
6d0d96faa0fd6b9e45945c616dd9f64fa039c2e2
d0dac35f082c3ab5974e721f41c87ba11774c87bc6038857dae93da87f35f602

HTTP Headers

GET /wp-content/uploads/bb-plugin/cache/numberone-square.jpg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 37809
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/uploads/bb-plugin/cache/7891173022868-1-zoom-square.jpg

68.65.122.147

200 OK

66 kB

URL HTTP/2
conocotradings.co/wp-content/uploads/bb-plugin/cache/7891173022868-1-zoom-square.jpg
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 800x800, components 3\012- data
Size
66 kB (65833 bytes)
Hash
2b56c22dcaf37a8f67447b664d12ee1f
b0bc5a5d218b316c3c31992d18aa32f0b82757a9
843b348ea4c3d99dd1af4250e990c58fddc36c8d5aa0917d41c26c460425b391

HTTP Headers

GET /wp-content/uploads/bb-plugin/cache/7891173022868-1-zoom-square.jpg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 65833
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/uploads/bb-plugin/cache/712hbvemmbl.-sx679-679x679-1-square.jpg

68.65.122.147

200 OK

59 kB

URL HTTP/2
conocotradings.co/wp-content/uploads/bb-plugin/cache/712hbvemmbl.-sx679-679x679-1-square.jpg
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 679x679, components 3\012- data
Size
59 kB (59231 bytes)
Hash
29c80bf40eafd9b56cfbc63fa8701e2a
fcb693bf8e5c8dbcae775f38c07ea5caf991231a
ae6d36638636255f77e7b767a8cbf770316481c97a33fabe1cf8a2ce4802c1df

HTTP Headers

GET /wp-content/uploads/bb-plugin/cache/712hbvemmbl.-sx679-679x679-1-square.jpg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 59231
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/uploads/bb-plugin/cache/4629622-square.jpg

68.65.122.147

200 OK

114 kB

URL HTTP/2
conocotradings.co/wp-content/uploads/bb-plugin/cache/4629622-square.jpg
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 800x800, components 3\012- data
Size
114 kB (113560 bytes)
Hash
ea246c9383f12212b6eafede4ff0ae06
fafa0856f3cc4a1e6ecfd8ce7f7ac74bb1902ccc
3e0ad32e65f429f5f95ce510e075c1e54c73261c0a2bab3c845c4c4699bfd772

HTTP Headers

GET /wp-content/uploads/bb-plugin/cache/4629622-square.jpg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 113560
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen.min.css?ver=3.9.2

68.65.122.147

200 OK

828 B

URL HTTP/2
conocotradings.co/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen.min.css?ver=3.9.2
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (5992), with no line terminators
Size
828 B (828 bytes)
Hash
910b4eaefb8ed2372c8896c70f4a49dd
3fd84ac7081a80c9cd192cfe866536decd1948bf
c8bcef2beea8b022227eb9dc192040564efd7a9081a826b6ae1277f817fb688d

HTTP Headers

GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen.min.css?ver=3.9.2 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:13 GMT
content-type: text/css
last-modified: Mon, 24 Oct 2022 04:16:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 828
date: Thu, 27 Oct 2022 04:08:13 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/uploads/2022/10/numberone.jpg

68.65.122.147

200 OK

65 kB

URL HTTP/2
conocotradings.co/wp-content/uploads/2022/10/numberone.jpg
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 569x512, components 3\012- data
Size
65 kB (64949 bytes)
Hash
05ab012dad152e11303b9faee3ae24e0
ca07814aba97ca4bd235a21d055d811b22bc1f45
d96fa8016fcda598d57ff4354ee530701c8cac0b610c342e208199a37691b9ce

HTTP Headers

GET /wp-content/uploads/2022/10/numberone.jpg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/wp-content/uploads/bb-plugin/cache/10-layout.css?ver=95ab821563d45677defed724e424ba63
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:13 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 06:30:03 GMT
accept-ranges: bytes
content-length: 64949
date: Thu, 27 Oct 2022 04:08:13 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/themes/astra/assets/fonts/astra.woff

68.65.122.147

200 OK

3.3 kB

URL HTTP/2
conocotradings.co/wp-content/themes/astra/assets/fonts/astra.woff
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format, TrueType, length 3304, version 1.0\012- data
Size
3.3 kB (3304 bytes)
Hash
bfe0ed8503c926d68f58ed0408dfe0d0
0346d02d96ff7d2a0278bc10f4dfdf365c80eac3
ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/astra/assets/fonts/astra.woff HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:13 GMT
content-type: font/woff
last-modified: Mon, 24 Oct 2022 04:16:30 GMT
accept-ranges: bytes
content-length: 3304
date: Thu, 27 Oct 2022 04:08:13 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/uploads/bb-plugin/icons/ultimate-icons/fonts/Ultimate-Icons.ttf?1ddi1j

68.65.122.147

200 OK

93 kB

URL HTTP/2
conocotradings.co/wp-content/uploads/bb-plugin/icons/ultimate-icons/fonts/Ultimate-Icons.ttf?1ddi1j
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, Ultimate-Icons\012- data
Size
93 kB (93024 bytes)
Hash
4f52acd8464d9611fe731e6182f1986e
a6367a5d19bd2b65265eee57e03068dca24be313
49f204eb11dd2940cb55d01fbe8f8f2fef9167ff1cb6e22bcecde06c0078f630

HTTP Headers

GET /wp-content/uploads/bb-plugin/icons/ultimate-icons/fonts/Ultimate-Icons.ttf?1ddi1j HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.5.5.5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:13 GMT
content-type: font/ttf
last-modified: Mon, 24 Oct 2022 04:16:49 GMT
accept-ranges: bytes
content-length: 93024
date: Thu, 27 Oct 2022 04:08:13 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/uploads/2022/10/cropped-logo_transparent-32x32.png

68.65.122.147

200 OK

1.2 kB

URL HTTP/2
conocotradings.co/wp-content/uploads/2022/10/cropped-logo_transparent-32x32.png
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1194 bytes)
Hash
f1f1eb9b898c789fb802cac79fc503f6
cdd332b5c616e571babfe8cb5d3587c35ab57bd6
9bb46d3af3cacf8a30e6b9cc737a8fc82305f6c6260460160b01c7932cbe828f

HTTP Headers

GET /wp-content/uploads/2022/10/cropped-logo_transparent-32x32.png HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:15 GMT
content-type: image/png
last-modified: Mon, 24 Oct 2022 10:17:48 GMT
accept-ranges: bytes
content-length: 1194
date: Thu, 27 Oct 2022 04:08:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/wp-content/uploads/2022/10/cropped-logo_transparent-192x192.png

68.65.122.147

200 OK

17 kB

URL HTTP/2
conocotradings.co/wp-content/uploads/2022/10/cropped-logo_transparent-192x192.png
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
17 kB (16637 bytes)
Hash
266f564644bea7f6752d43c04be8d17d
f42e93ba9b4fadfc10a882648c8830a8d5b5d596
9afd0a36fec3035101f31f34240fb072d3a109f15c51d111bd67daac915303d5

HTTP Headers

GET /wp-content/uploads/2022/10/cropped-logo_transparent-192x192.png HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:15 GMT
content-type: image/png
last-modified: Mon, 24 Oct 2022 10:17:48 GMT
accept-ranges: bytes
content-length: 16637
date: Thu, 27 Oct 2022 04:08:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

conocotradings.co/?wc-ajax=get_refreshed_fragments

68.65.122.147

200 OK

1.4 kB

URL HTTP/2
conocotradings.co/?wc-ajax=get_refreshed_fragments
IP
68.65.122.147:0
ASN
#22612 NAMECHEAP-NET

File type
JSON data\012- HTML document, ASCII text, with very long lines (1431), with no line terminators
Size
1.4 kB (1431 bytes)
Hash
78642ff7946a082ed5fc8005310cdbed
d606fb184d82b97b2e60d27ebc13d0d0cd501b4b
055621dadb6e98cac99d672ceadec59b45082ed38a566e46bdb341303de3fc65

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://conocotradings.co
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://conocotradings.co
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
x-litespeed-tag: e76_HTTP.200,e76_HTTP.200
content-type: application/json; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-litespeed-cache-control: no-cache
content-length: 1431
date: Thu, 27 Oct 2022 04:08:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Nunito%3A400%7CPlayfair+Display%3A400%7CMontserrat%3A700&display=fallback&ver=3.9.2

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Nunito%3A400%7CPlayfair+Display%3A400%7CMontserrat%3A700&display=fallback&ver=3.9.2
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Nunito%3A400%7CPlayfair+Display%3A400%7CMontserrat%3A700&display=fallback&ver=3.9.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 27 Oct 2022 04:08:12 GMT
date: Thu, 27 Oct 2022 04:08:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations