Overview

URLconocotradings.co/
IP 68.65.122.147 (United States)
ASN#22612 NAMECHEAP-NET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-10-27 04:08:22 UTC
StatusLoading report..
IDS alerts0
Blocklist alert22
urlquery alerts No alerts detected
Tags None

Domain Summary (11)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
conocotradings.co (52) 0 2022-10-24 03:42:13 UTC 2022-10-26 13:20:21 UTC 68.65.122.147 Unknown ranking
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-26 04:55:04 UTC 34.117.237.239
fonts.gstatic.com (3) 0 2022-10-01 01:25:33 UTC 2022-10-27 02:02:30 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
r3.o.lencr.org (6) 344 No data No data 23.36.77.32
ocsp.sectigo.com (1) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 104.18.32.68
ocsp.pki.goog (6) 175 2019-02-02 06:15:41 UTC 2020-05-02 20:58:16 UTC 142.250.74.35
push.services.mozilla.com (1) 2140 2019-05-26 10:52:39 UTC 2020-05-03 10:09:39 UTC 34.210.158.59
img-getpocket.cdn.mozilla.net (6) 1631 2019-03-04 20:37:34 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
fonts.googleapis.com (1) 8877 2019-10-15 16:21:13 UTC 2022-10-26 14:43:52 UTC 142.250.74.10
ocsp.digicert.com (3) 86 2012-06-27 22:09:06 UTC 2020-05-02 20:58:10 UTC 93.184.220.29

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-27 2 conocotradings.co/ Phishing
2022-10-27 2 conocotradings.co/ Phishing
2022-10-27 2 conocotradings.co/wp-content/themes/astra/assets/css/minified/compatibility (...) Phishing
2022-10-27 2 conocotradings.co/wp-content/themes/astra/assets/css/minified/frontend.min. (...) Phishing
2022-10-27 2 conocotradings.co/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 Phishing
2022-10-27 2 conocotradings.co/wp-content/plugins/woocommerce/packages/woocommerce-block (...) Phishing
2022-10-27 2 conocotradings.co/wp-content/plugins/contact-form-7/includes/css/styles.css (...) Phishing
2022-10-27 2 conocotradings.co/wp-content/uploads/bb-plugin/cache/10-layout.css?ver=95ab (...) Phishing
2022-10-27 2 conocotradings.co/wp-content/themes/astra/assets/css/minified/compatibility (...) Phishing
2022-10-27 2 conocotradings.co/wp-content/themes/astra/assets/css/minified/compatibility (...) Phishing
2022-10-27 2 conocotradings.co/wp-content/plugins/creame-whatsapp-me/public/css/joinchat (...) Phishing
2022-10-27 2 conocotradings.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Phishing
2022-10-27 2 conocotradings.co/wp-content/themes/astra/assets/js/minified/frontend.min.j (...) Phishing
2022-10-27 2 conocotradings.co/wp-content/themes/astra/assets/js/minified/mobile-cart.mi (...) Phishing
2022-10-27 2 conocotradings.co/wp-content/plugins/beaver-builder-lite-version/js/jquery. (...) Phishing
2022-10-27 2 conocotradings.co/wp-content/plugins/contact-form-7/includes/swv/js/index.j (...) Phishing
2022-10-27 2 conocotradings.co/wp-content/plugins/contact-form-7/includes/js/index.js?ve (...) Phishing
2022-10-27 2 conocotradings.co/wp-content/plugins/woocommerce/assets/js/js-cookie/js.coo (...) Phishing
2022-10-27 2 conocotradings.co/wp-content/plugins/creame-whatsapp-me/public/js/joinchat. (...) Phishing
2022-10-27 2 conocotradings.co/wp-content/uploads/bb-plugin/cache/wholesale-80gsm-thin-a (...) Phishing
2022-10-27 2 conocotradings.co/wp-content/themes/astra/assets/fonts/astra.woff Phishing
2022-10-27 2 conocotradings.co/?wc-ajax=get_refreshed_fragments Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 68.65.122.147
Date UQ / IDS / BL URL IP
2023-01-28 02:32:02 +0000 0 - 0 - 13 connessioneutentenuovodispositivo.com/ 68.65.122.147
2022-11-19 00:52:21 +0000 0 - 0 - 5 amtraders.pk/aldl/index.php?qbot.zip 68.65.122.147
2022-11-19 00:31:33 +0000 0 - 0 - 2 oracle-ps.com/ta/index.php?qbot.zip 68.65.122.147
2022-11-17 19:36:27 +0000 0 - 0 - 8 oracle-ps.com/fiif/index.php?qbot.zip 68.65.122.147
2022-11-17 00:22:18 +0000 0 - 0 - 4 oracle-ps.com/ta/index.php?qbot.zip 68.65.122.147


Last 5 reports on ASN: NAMECHEAP-NET
Date UQ / IDS / BL URL IP
2023-02-05 14:26:12 +0000 0 - 1 - 0 webxframe.com/ 192.64.119.208
2023-02-05 14:26:02 +0000 0 - 1 - 0 quietlyhired.com/ 162.255.119.140
2023-02-05 14:11:25 +0000 0 - 0 - 2 delivery.bdsellprice.com/public/4b1fPbCWUQ3LC (...) 68.65.120.179
2023-02-05 14:03:17 +0000 0 - 0 - 2 www.teamfocus.ng/wp-includes/post/tracking/j0 (...) 162.0.229.123
2023-02-05 13:46:53 +0000 0 - 0 - 1 globallyconnectedworld.com/Ny33iG.do?bwbuqvzn (...) 162.255.119.45


Last 1 reports on domain: conocotradings.co
Date UQ / IDS / BL URL IP
2022-10-27 04:08:22 +0000 0 - 0 - 22 conocotradings.co/ 68.65.122.147


No other reports with similar screenshot

JavaScript

Executed Scripts (24)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (81)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "52A721168D0C41CB0854FF8C730FCE3B79DB2E804B383238E95FF1401922BD74"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4973
Expires: Thu, 27 Oct 2022 05:31:04 GMT
Date: Thu, 27 Oct 2022 04:08:11 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         68.65.122.147
HTTP/1.1 301 Moved Permanently
content-type: text/html
                                        
keep-alive: timeout=5, max=100
content-length: 707
date: Thu, 27 Oct 2022 04:08:11 GMT
server: LiteSpeed
location: https://conocotradings.co/
x-turbo-charged-by: LiteSpeed


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   707
Md5:    1304294c0823ca486542ba408ed761e3
Sha1:   b2a70fb2d810ca13985882e6981f33998823e83e
Sha256: 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6472
Cache-Control: max-age=112243
Date: Thu, 27 Oct 2022 04:08:11 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 11:18:54 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6472
Cache-Control: max-age=112243
Date: Thu, 27 Oct 2022 04:08:11 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 11:18:54 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D9D95319013D64BC2EF6D9870F4ADBA902EE970B6F9E96279C9ED86F556E0001"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2558
Expires: Thu, 27 Oct 2022 04:50:49 GMT
Date: Thu, 27 Oct 2022 04:08:11 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: PFB2yaeuuGYLWHv0WPLt0yXv8dZA4fOfRIHzj9Nl/whG6htarssIBnPYub9lBnC49+GEgRpM/OB6zX16x11zeg==
x-amz-request-id: P6B71QQNTH4JFCXD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 27 Oct 2022 03:39:27 GMT
age: 1724
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 27 Oct 2022 04:08:11 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 27 Oct 2022 04:08:12 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 26 Oct 2022 02:52:09 GMT
Expires: Wed, 02 Nov 2022 02:52:08 GMT
Etag: "cb80f648620ee3cb5e82ae5f7e72edd2193aef62"
Cache-Control: max-age=513235,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 760891b2c98bb51e-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4235
Cache-Control: max-age=104950
Date: Thu, 27 Oct 2022 04:08:12 GMT
Etag: "6358ea97-1d7"
Expires: Fri, 28 Oct 2022 09:17:22 GMT
Last-Modified: Wed, 26 Oct 2022 08:06:47 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
link: <https://conocotradings.co/wp-json/>; rel="https://api.w.org/", <https://conocotradings.co/wp-json/wp/v2/pages/10>; rel="alternate"; type="application/json", <https://conocotradings.co/>; rel=shortlink
etag: "730-1666735468;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 25590
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56892), with CRLF, LF line terminators
Size:   25590
Md5:    352eb33ef6d6309865d7290d6d2f02cc
Sha1:   900beabc9d573356f461e38d4f2e469046c8acd9
Sha256: 60eed473a9a2aa77e44cd93dfddd3a859f7c0fd46f1180f7256d47ee8c4b7d86

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 27 Oct 2022 04:08:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 27 Oct 2022 04:08:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: X/9BrF1n/dOaESzvKKq2WQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         34.210.158.59
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QhadVqaokYiZBx0CGqv/NpD8Dgw=

                                        
                                            GET /wp-content/themes/astra/assets/css/minified/compatibility/page-builder/bb-plugin.min.css?ver=3.9.2 HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 04:16:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 127
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (302), with no line terminators
Size:   127
Md5:    09707d8249bff41ab9b149ef2fc6b72c
Sha1:   5238d701eaed208e52bac629e8ff59f2b94f815c
Sha256: 30c92fe46deaaac369efa9cb07d71427069fe60b46a095917d65d10fce6046ca

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.9.2 HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 04:16:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8419
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (44114)
Size:   8419
Md5:    161f99d3338e0e49293d3095994acf22
Sha1:   42619cd9255821306c5fa37b6c58c3f9cb0fe700
Sha256: 74c4d05146c54581e48f71e69aabf5b5a7a3e9970aaa1a2fe8381b2f73ac0d24

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 04 Jul 2022 21:40:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10946
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (43771)
Size:   10946
Md5:    d45207ee05c1f0c57dfa075e61405ccd
Sha1:   a8d35143a2d828a739ea0fdde75f97d33621e7ec
Sha256: a9a4adbbcee31ec277f1bdd573eef97dc4341f29f2db3b5685a02dfe4d2fe9bb

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.5.1 HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 04:31:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1754
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10435), with no line terminators
Size:   1754
Md5:    f7237084ac82ea6a4f5bf1448c3a2148
Sha1:   60457635a5e809ee1199c61090d8e33b91e8e1f2
Sha256: 18a1cb7f08c1ace52a79f46d73461ed03bf8cf5c9e8a3687eacc3e04f08e7a09
                                        
                                            GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.5.1 HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 04:31:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 22437
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Size:   22437
Md5:    66c0d8e7043ce32a0a22feffb13557ff
Sha1:   5c31173df12f7ac740c078a1b56f8e64dbb789aa
Sha256: 44705113051545459aedc2d4463156019b3119ed6c278dc31d7d5f4a6a66d9cd

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 09:15:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 848
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   848
Md5:    c962ba8e7d42ff9da18392b41dad5151
Sha1:   7b89bc5e6ad161df2e6d7f7fb3ad894aa04b827f
Sha256: 322a4949c5bdd82eb80c13bbbd407ce30a7ad226685c54270d246cb6960e524e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/bb-plugin/cache/10-layout.css?ver=95ab821563d45677defed724e424ba63 HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 18:33:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8570
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   8570
Md5:    436fe3b5536b0bf31680f2ebdc1c388e
Sha1:   ffc0249e3ddbf5ab83197db59a87ad6a055990c2
Sha256: 82eaaafeca927fea358af11f03b29137067f9b7238d7dfbfc6936a747fe0ac90

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.9.2 HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 04:16:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 344
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (882), with no line terminators
Size:   344
Md5:    3451c3b3d0677e5875de4c69462938cc
Sha1:   8ffbe1fe3f2e3fa5f47e3988b4cd645670280dc2
Sha256: 4f6bdfd0a626ab45f0ef60de99c73adafde68d55d3a4bbf4723ba3ddcf045420

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout.min.css?ver=3.9.2 HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 04:16:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1954
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18333), with no line terminators
Size:   1954
Md5:    2dc4f2958888c14f5ab19ffbd13166bd
Sha1:   9b76b636181455e889739393b7dc518ff162b7eb
Sha256: ac7e28d4aad4c1332951c076253f9c566bcbf4008b65d73457be397b5adf4395

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.5.5.5 HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 04:16:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3031
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   3031
Md5:    034e5b3214e219e60571be47c6e0f448
Sha1:   d42309513ec24f80cee57333ad153c2d529a4f94
Sha256: 1e1d229846da1d49c1cffb1168f0a4e3089c358a0fc70216ee3e2e261d1f1be0
                                        
                                            GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce.min.css?ver=3.9.2 HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 04:16:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15163
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65526), with no line terminators
Size:   15163
Md5:    d090dda06acf6104acbbf1244344027d
Sha1:   706d61a8128061aaceb7c5244037bce6977a734d
Sha256: db2dfe8554887e5e54a5f4aa38912d8bf398f27911b2cdd136a293cf293a7048
                                        
                                            GET /wp-content/plugins/creame-whatsapp-me/public/css/joinchat-btn.min.css?ver=4.5.11 HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 05:23:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1951
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6021), with no line terminators
Size:   1951
Md5:    96919ed3a12fa25443b0296b5d59c1d3
Sha1:   0e29f4090fb2622e4b123bb730c556a59e3600c6
Sha256: ae94826ae36282085de96bba35b22015da1c378f86f79e4bb8f5d0d08ccf8090

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   3995
Md5:    7e058b51f939eacfa31cdface14dded5
Sha1:   9d732e5afdeb42edef9e1b9631b7e95e054787cc
Sha256: 4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/2022/10/cropped-logo-1-80x76.png HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 10:54:07 GMT
accept-ranges: bytes
content-length: 3521
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 80 x 76, 8-bit/color RGBA, non-interlaced\012- data
Size:   3521
Md5:    378d571a40294f3dcabe64780c6c5148
Sha1:   b46848da663df79980f5718098e789ffae891bfa
Sha256: 7b2ea4f320de302abf5afdbd8ff24c424abdf9ce960732eb789b43576cdcd7f6
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Thu, 11 Mar 2021 01:37:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30273
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30273
Md5:    34f918ada1fe4f01c5a4b90065bbc37a
Sha1:   a731f6ce2d413805e39ae45994012b1bd5ea1e2b
Sha256: eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 27 Oct 2022 04:08:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 27 Oct 2022 04:08:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://conocotradings.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 24 Oct 2022 22:46:46 GMT
expires: Tue, 24 Oct 2023 22:46:46 GMT
cache-control: public, max-age=31536000
age: 192087
last-modified: Mon, 18 Jul 2022 19:06:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 19860, version 1.0\012- data
Size:   19860
Md5:    a95e391373ad634c3b7dbaf77de3f40e
Sha1:   ddc4638bc28c21a400fcd2df94448743f198a257
Sha256: fa3d5a0422c9b413abb4c78f8ff80de8a8ed58766f7110c82febf5296e899b47
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 27 Oct 2022 04:08:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://conocotradings.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14060
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 24 Oct 2022 21:11:50 GMT
expires: Tue, 24 Oct 2023 21:11:50 GMT
cache-control: public, max-age=31536000
age: 197783
last-modified: Mon, 18 Jul 2022 19:44:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 14060, version 1.0\012- data
Size:   14060
Md5:    aacf0f4f8b5d693087b4d8ac6c86d2ae
Sha1:   ad06f3ffd0db6034eb0a12f98aa8aa4dead430fb
Sha256: 5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7
                                        
                                            GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://conocotradings.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12848
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 16:43:33 GMT
expires: Fri, 20 Oct 2023 16:43:33 GMT
cache-control: public, max-age=31536000
age: 559480
last-modified: Mon, 11 Jul 2022 18:56:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 12848, version 1.0\012- data
Size:   12848
Md5:    f0b3206d02a2f684530117ce1d7e8ce0
Sha1:   f3708b707b65e241b0f1c819d5f7bf7da8412653
Sha256: f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 27 Oct 2022 04:08:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2458
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Thu, 27 Oct 2022 04:08:13 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2458
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Thu, 27 Oct 2022 04:08:13 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2458
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Thu, 27 Oct 2022 04:08:13 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2458
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Thu, 27 Oct 2022 04:08:13 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa85c6304-6f72-4904-bb25-968b35616ef5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7428
x-amzn-requestid: f474225b-1b7e-4e4e-b967-827dff138e2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aioFrH2ioAMF4Pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635753bd-140dc30a1ca63aae54cd4621;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 03:10:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uXh_puh8KbSQsJ9E6WnyTjLF_nBhhSOrg4TOx5BugoMM88DOz66jgA==
via: 1.1 78c1c4eb451e4790ed630b0d5a576590.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 03:34:39 GMT
age: 2014
etag: "4fc868d652910c7dcf4ef0e87531de4ee6007c45"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7428
Md5:    4f9f8683351154be3300311e3a7e29e3
Sha1:   4fc868d652910c7dcf4ef0e87531de4ee6007c45
Sha256: d4f012729e0eddc20948ad98d653794204f80344a5840142877dcaa8d2520a71
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe98a4c03-5fa3-4445-a037-d229b86c94a6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8936
x-amzn-requestid: d0698fc0-e4c9-4633-9b64-df09be35b450
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocuiGBlIAMF-LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7f6-7c78a1fc43552b934e6b8708;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:46 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gus8UKo03dRkfqPRhxnW6zzqx7o-2tZbbv-DsBSW7UREHPOA1uqdUw==
via: 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:47:37 GMT
etag: "b05b7299a7e473e873510671a6abdd5227a53f46"
age: 22836
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8936
Md5:    eb430e5efbc6c8c306fce87e26faf734
Sha1:   b05b7299a7e473e873510671a6abdd5227a53f46
Sha256: c49d64e87ec8243a1ee7f214f21988b6f6a33ba93814ec31262d80e4a22b8504
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd660616a-1641-4ad3-bf62-59dfe54ba2e9.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5247
x-amzn-requestid: 7e07eeaa-b95a-4283-8ca7-fb28e9e30258
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRpdhGDJIAMFd7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63508923-4e947c3539ad0d6d777a47cd;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 23:32:51 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -YRLmJMcCGHOfiEy_FwyogtW6h5rmYiu9EMZfXG4Jg8tJRtIxlKKnw==
via: 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:51:10 GMT
age: 22623
etag: "ffdfde08eb38e20b01c550fd4b1bb871304bb0ea"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5247
Md5:    cd902e06ceaeb060cec24c464c11738d
Sha1:   ffdfde08eb38e20b01c550fd4b1bb871304bb0ea
Sha256: 593f5c12c617c7217205d8aa95fe5f0c46014e5be8f2c8d3010cdd876faeb7dd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9098f868-2119-42f3-92b9-615f0a2c32f6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8760
x-amzn-requestid: 013df52a-1abe-4a1b-ac52-9a5ec5da55b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocv2HRMoAMF5mA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7fe-70e98155664262621b8538b5;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9uDSJn3yAYI7RNgIs96f2AT8nfTgd6YbFkMAc9aJAW4wTMiN_JqhEw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:47:46 GMT
etag: "bee7e540981a4ffb14728d2ac4a53ce28e299d0d"
age: 22827
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8760
Md5:    36dbf36c45aa3c5d6e10f8c4afd8bf34
Sha1:   bee7e540981a4ffb14728d2ac4a53ce28e299d0d
Sha256: 0dad70dc63e95aa8fd9befdb7dc4f971bad962e300f380dab2a04cc60138374d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faedeaf71-ffea-4e66-9a25-1410acdb03ec.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5136
x-amzn-requestid: 0059b05c-746b-41cd-8cc1-c744d0b149fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aoc2-H9sIAMFquA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a82c-772120580c4cf9e45b685971;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:35:40 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fqqRNgPgAZRwp_xRyHC3YzEKQTwydDs45MNLQC7hoRpytCb91-9b5Q==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:51:05 GMT
age: 22628
etag: "fed9b6693077d233f60cc7394c7b667291ffade7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5136
Md5:    ace7660d2948795997e3c7cb9cf12495
Sha1:   fed9b6693077d233f60cc7394c7b667291ffade7
Sha256: fd4718a6649572cbaf13f46b8e2961cd1c680afa1494b0bacd5fda9010a95098
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44add2bd-5fb0-4610-825b-d696ec78ca49.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6619
x-amzn-requestid: 5b0d857f-cba8-4cc2-9ff5-bf3560f7620e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aVb3RHk1oAMF3KQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63520cfb-30108b2d2bf56f3d0edbaa67;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 03:07:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rnJCFnqy9-kDnIS-oExds78LCxiyL3noVoC_I2PVpybhmZoQHi2GoA==
via: 1.1 6e11af43b7d44f54f9a54c759c251f16.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 12:31:05 GMT
age: 56228
etag: "109364ef1db445ba6c5e8c1178ab56fcce80d346"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6619
Md5:    05e2d92ca05c08e9598d4128d55b1cba
Sha1:   109364ef1db445ba6c5e8c1178ab56fcce80d346
Sha256: 078e257c6bb8d7d46022c4786b54584c8868eb138e293b37ef164221b519f7bb
                                        
                                            GET /wp-content/uploads/bb-plugin/cache/s-pdpxl-1-square.jpg HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 14940
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 459x459, components 3\012- data
Size:   14940
Md5:    539d3dddd0dfe6274ad1d208e5345057
Sha1:   aa85cb274507f43cdc6ebd3fad59c1de7cbfa620
Sha256: 0fbcaeacdbc14450a8dca0f7589e4740255eb2a0979b66c8462c25b8687fce26
                                        
                                            GET /wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.2 HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 04:16:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3808
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (16935), with no line terminators
Size:   3808
Md5:    3a5528d3c5255102448258fcf5496360
Sha1:   332bb0c5baaf8110b353094632417e9f313a8b94
Sha256: 024bb2f7ca7725ca60738783b8b6bbc237c937b6725aec3c2a1044961857186a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/astra/assets/js/minified/mobile-cart.min.js?ver=3.9.2 HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 04:16:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 747
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2928), with no line terminators
Size:   747
Md5:    7eef215fd0f4722fd9fc7860af14a9e5
Sha1:   abbfe7e3dcf6e76536351453f5f2c8aa06fcb1df
Sha256: 8e23d11d96981b3d2cf0a8f816debd0b551f005169dc361e227dd60377b58bf1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/beaver-builder-lite-version/js/jquery.waypoints.min.js?ver=2.5.5.5 HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 04:31:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2540
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (8668)
Size:   2540
Md5:    8b4fa51676b888b9690b0a569df29b46
Sha1:   964d5ab97da06207502b98ee7843fd89892eb45c
Sha256: eb319f1642b22c8345126fe8fc6c680b4f1388cce434df5079051751f44fa320

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/bb-plugin/cache/10-layout.js?ver=161f5d375033354b822bb13a04954bfc HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 18:33:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8513
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (5432)
Size:   8513
Md5:    b83c0bbd4a5cf86092b1e37988330ed8
Sha1:   8c9c515e0fbec1ea024558c7743e4950dc97f417
Sha256: 0b0b047df6a05b70b55211d52f1694264faa66ef213713f6301052c2538e39d6
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 09:15:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2817
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9937), with no line terminators
Size:   2817
Md5:    4317b1c024df372435f6482deadddeb3
Sha1:   5c8824a17e40a44ea8fc51568b98bdb1e2e7fab5
Sha256: 3798fb16289ba55459fb6d3b2efa915e3c019c5942759abb7bd19a0ef622b85d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 09:15:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3706
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (12310), with no line terminators
Size:   3706
Md5:    dc6411bfa6891b75944f0074c945752d
Sha1:   03c1a8b686c287068c61ab90f58d905496d65085
Sha256: 96abeabc9cc7b4c2b7d46579f2827c67ccd02fbaef0343ae052f71accd381b0d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.0.0 HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 04:31:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 974
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (3037), with no line terminators
Size:   974
Md5:    fd8b126d3265cc6afc5b672273f78531
Sha1:   5058e579885cccf36c44bdeb5b7318bd75952af9
Sha256: 72da6709db061566cb5f67322f674a77f68acb69ac6181d37f9ca4a1bb7287b7
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.0.0 HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 04:31:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 899
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1668)
Size:   899
Md5:    22d65ba38528349e705d912ce26bf8ac
Sha1:   c89ba006009043d93b88ff155b4fec8797330550
Sha256: 6253bcb85e4267ad3ba843145534e729ee2c1d7e85e5b4ab5b2e074ae636bca3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.0.0 HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 04:31:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 934
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2938), with no line terminators
Size:   934
Md5:    cf25dd071a208312bdc07f34d2cee027
Sha1:   76119563119eaae392ecc8903c989d98d0b93002
Sha256: 8635ba2cad8f887e72779bd526f8738ff6343c74cba715caf2eddea383ba7ce6
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.0.0 HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 04:31:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 677
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2139), with no line terminators
Size:   677
Md5:    a43fc0dde8fdd69656ad0957e62849c7
Sha1:   4b07cf702ac8a770c8cbffc22b9a788b6e5389ba
Sha256: 1ce3d0493424870c81deec0ec41de0592d2af9f91cd8081cd40a1d7ea89b614f
                                        
                                            GET /wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.11 HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 05:23:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2543
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8082), with no line terminators
Size:   2543
Md5:    130a237beca0d43b5e806afc8bb690fa
Sha1:   051b82c318203daf5008f87007c015971072b951
Sha256: e9f5d85f28c930369e90bd08386ee17eee2b85a61a99211733b93aa26c96ec72

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Tue, 12 Apr 2022 15:26:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15660)
Size:   4619
Md5:    0232689bd203f330529b36a437f41a68
Sha1:   9046583f7469ad38297969f10a9513eb895d5316
Sha256: feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.0.0 HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 04:31:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3245
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9115)
Size:   3245
Md5:    66c388e07cfb57895688b3347ab7290b
Sha1:   f23bd7a31995b3b19924575f2afa297a29257856
Sha256: 3971f3ab5179d1f4f91d2c102f27c2bf1dac2c04e2f62ff3eae3ebfa8c28494e
                                        
                                            GET /wp-content/uploads/bb-plugin/cache/wholesale-80gsm-thin-a4-copy-paper-high-quality-1556313275-4876174-square.jpeg HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 36248
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 600x600, components 3\012- data
Size:   36248
Md5:    6a196f6769d7fdc4461d53504b6bd025
Sha1:   1c230d2bd43e54e307a3190f31a348c771b1c6a0
Sha256: c58ab77067dd77312b26268f30084a35a1f759332812f7b8e09fe3a8fab09169

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/bb-plugin/cache/5121_25082013031431_pic-square.jpg HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 33731
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 500x500, components 3\012- data
Size:   33731
Md5:    feca9b561fa7717080f452f082fe5993
Sha1:   78f23aa5a9a9393e91434f2617f12e4437f93622
Sha256: 364870279489e00c6136217207aef47209bb9b1b251e0efc2da58a319679bc5e
                                        
                                            GET /wp-content/uploads/bb-plugin/cache/JK-Copier-A4-square.jpg HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 39390
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 374x374, components 3\012- data
Size:   39390
Md5:    5db53d6f1571170dcb628f3aa15798fa
Sha1:   65711e14546a3d5953aa66fc7bcdf203da968d81
Sha256: 6d8aa7b870cc2c51c523d5ee30bf9657ac0006fe4ae9c105ec4ce90c48aafb56
                                        
                                            GET /wp-content/uploads/bb-plugin/cache/silo-product-image-v2-12Nov2021-073244-6003977000206-front-2825842-72358_400Wx400H-square.jpg HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 26516
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 400x400, components 3\012- data
Size:   26516
Md5:    cbd9ada4235cd2a1d7ace5d062db9dd0
Sha1:   0b7e5b1ac2535aaa42aab74e4092c17f5952c960
Sha256: e3fab3cd5f0bbfab5ed6bf98609fd5ea25cf1adfa30d13592b77c5e4f2990a0b
                                        
                                            GET /wp-content/uploads/bb-plugin/cache/Xerox-A3-Copier-Printing-A4-Copy-Paper-70-GSM-square.jpg HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 17587
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 360x360, components 3\012- data
Size:   17587
Md5:    b5d96d4f54b2cdc34419f714ac8a47cd
Sha1:   880dca7ca2c32fc4357e8d9681e110d659135145
Sha256: e2bfc93f44be2fde743976c3be462f2378e55095c1d9db1eaa79f7550b0e0e63
                                        
                                            GET /wp-content/uploads/bb-plugin/cache/UTB86aa1oRahduJk43Jaq6zM8FXax-square.jpg HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 25995
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 350x350, components 3\012- data
Size:   25995
Md5:    8d7b9d788b2d5603463d1ecbec839acd
Sha1:   e0be084793def26023a42288ad9c756be753a9b5
Sha256: 04b61b9d8e289b3e0d29f1462d18522650d2d5421452ed40128a644cc7b04703
                                        
                                            GET /wp-content/uploads/bb-plugin/cache/paperline-gold2-square.jpg HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 18090
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 370x370, components 3\012- data
Size:   18090
Md5:    5c0defca637b3ce5c3896b1c26b2c259
Sha1:   a7fbff84afd53899f44b855266a18a0aae550702
Sha256: f0cc96cc38032201174e59a31673c8e05fb484ca34032ae140739bd467502cfd
                                        
                                            GET /wp-content/uploads/bb-plugin/cache/paperline-square.jpg HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 19219
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 370x370, components 3\012- data
Size:   19219
Md5:    85b041cbcdad1e1839634dbe858287ca
Sha1:   c890e0a1b354dcf25c0aafc6b35ed17fa7d0b69f
Sha256: fb174fcd45667b213a6b6f1c49cee545f6b4924bad1de2419cb74340b73c1494
                                        
                                            GET /wp-content/uploads/bb-plugin/cache/paper-one-copier-paper-a4-80gsm-500x500-1-square.jpg HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 44140
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 500x500, components 3\012- data
Size:   44140
Md5:    81c2e8ffae36639a3edebbc50882d4aa
Sha1:   01924ef729eccfd84deec69de72bcbf72ff48c1a
Sha256: 1c80c82da162578cbd44ec45cfd8699acfadcfc24aa4dd03fc32e44deed861ed
                                        
                                            GET /wp-content/uploads/bb-plugin/cache/81FcsyVO81L._SX679_-square.jpg HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 41686
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 498x498, components 3\012- data
Size:   41686
Md5:    6d64b7c15d9744a9ea0c8ee919d31625
Sha1:   ae2fc1560db1de448f8e3ec73721f12c5b405150
Sha256: 211ee5005d6db2f0998759da8ea7dd328ac67faf397b8ef2ba11ea5d48f27d34
                                        
                                            GET /wp-content/uploads/bb-plugin/cache/numberone-square.jpg HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 37809
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 512x512, components 3\012- data
Size:   37809
Md5:    f185dc140ff029bdf01832357fba8e82
Sha1:   6d0d96faa0fd6b9e45945c616dd9f64fa039c2e2
Sha256: d0dac35f082c3ab5974e721f41c87ba11774c87bc6038857dae93da87f35f602
                                        
                                            GET /wp-content/uploads/bb-plugin/cache/7891173022868-1-zoom-square.jpg HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 65833
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 800x800, components 3\012- data
Size:   65833
Md5:    2b56c22dcaf37a8f67447b664d12ee1f
Sha1:   b0bc5a5d218b316c3c31992d18aa32f0b82757a9
Sha256: 843b348ea4c3d99dd1af4250e990c58fddc36c8d5aa0917d41c26c460425b391
                                        
                                            GET /wp-content/uploads/bb-plugin/cache/712hbvemmbl.-sx679-679x679-1-square.jpg HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 59231
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 679x679, components 3\012- data
Size:   59231
Md5:    29c80bf40eafd9b56cfbc63fa8701e2a
Sha1:   fcb693bf8e5c8dbcae775f38c07ea5caf991231a
Sha256: ae6d36638636255f77e7b767a8cbf770316481c97a33fabe1cf8a2ce4802c1df
                                        
                                            GET /wp-content/uploads/bb-plugin/cache/4629622-square.jpg HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 113560
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 800x800, components 3\012- data
Size:   113560
Md5:    ea246c9383f12212b6eafede4ff0ae06
Sha1:   fafa0856f3cc4a1e6ecfd8ce7f7ac74bb1902ccc
Sha256: 3e0ad32e65f429f5f95ce510e075c1e54c73261c0a2bab3c845c4c4699bfd772
                                        
                                            GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen.min.css?ver=3.9.2 HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:13 GMT
last-modified: Mon, 24 Oct 2022 04:16:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 828
date: Thu, 27 Oct 2022 04:08:13 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5992), with no line terminators
Size:   828
Md5:    910b4eaefb8ed2372c8896c70f4a49dd
Sha1:   3fd84ac7081a80c9cd192cfe866536decd1948bf
Sha256: c8bcef2beea8b022227eb9dc192040564efd7a9081a826b6ae1277f817fb688d
                                        
                                            GET /wp-content/uploads/2022/10/numberone.jpg HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/wp-content/uploads/bb-plugin/cache/10-layout.css?ver=95ab821563d45677defed724e424ba63
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:13 GMT
last-modified: Mon, 24 Oct 2022 06:30:03 GMT
accept-ranges: bytes
content-length: 64949
date: Thu, 27 Oct 2022 04:08:13 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 569x512, components 3\012- data
Size:   64949
Md5:    05ab012dad152e11303b9faee3ae24e0
Sha1:   ca07814aba97ca4bd235a21d055d811b22bc1f45
Sha256: d96fa8016fcda598d57ff4354ee530701c8cac0b610c342e208199a37691b9ce
                                        
                                            GET /wp-content/themes/astra/assets/fonts/astra.woff HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: font/woff
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:13 GMT
last-modified: Mon, 24 Oct 2022 04:16:30 GMT
accept-ranges: bytes
content-length: 3304
date: Thu, 27 Oct 2022 04:08:13 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 3304, version 1.0\012- data
Size:   3304
Md5:    bfe0ed8503c926d68f58ed0408dfe0d0
Sha1:   0346d02d96ff7d2a0278bc10f4dfdf365c80eac3
Sha256: ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/bb-plugin/icons/ultimate-icons/fonts/Ultimate-Icons.ttf?1ddi1j HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.5.5.5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: font/ttf
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:13 GMT
last-modified: Mon, 24 Oct 2022 04:16:49 GMT
accept-ranges: bytes
content-length: 93024
date: Thu, 27 Oct 2022 04:08:13 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, Ultimate-Icons\012- data
Size:   93024
Md5:    4f52acd8464d9611fe731e6182f1986e
Sha1:   a6367a5d19bd2b65265eee57e03068dca24be313
Sha256: 49f204eb11dd2940cb55d01fbe8f8f2fef9167ff1cb6e22bcecde06c0078f630
                                        
                                            GET /wp-content/uploads/2022/10/cropped-logo_transparent-32x32.png HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:15 GMT
last-modified: Mon, 24 Oct 2022 10:17:48 GMT
accept-ranges: bytes
content-length: 1194
date: Thu, 27 Oct 2022 04:08:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   1194
Md5:    f1f1eb9b898c789fb802cac79fc503f6
Sha1:   cdd332b5c616e571babfe8cb5d3587c35ab57bd6
Sha256: 9bb46d3af3cacf8a30e6b9cc737a8fc82305f6c6260460160b01c7932cbe828f
                                        
                                            GET /wp-content/uploads/2022/10/cropped-logo_transparent-192x192.png HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:15 GMT
last-modified: Mon, 24 Oct 2022 10:17:48 GMT
accept-ranges: bytes
content-length: 16637
date: Thu, 27 Oct 2022 04:08:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   16637
Md5:    266f564644bea7f6752d43c04be8d17d
Sha1:   f42e93ba9b4fadfc10a882648c8830a8d5b5d596
Sha256: 9afd0a36fec3035101f31f34240fb072d3a109f15c51d111bd67daac915303d5
                                        
                                            POST /?wc-ajax=get_refreshed_fragments HTTP/1.1 
Host: conocotradings.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://conocotradings.co
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.147
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
access-control-allow-origin: https://conocotradings.co
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
x-litespeed-tag: e76_HTTP.200,e76_HTTP.200
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-litespeed-cache-control: no-cache
content-length: 1431
date: Thu, 27 Oct 2022 04:08:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- HTML document, ASCII text, with very long lines (1431), with no line terminators
Size:   1431
Md5:    78642ff7946a082ed5fc8005310cdbed
Sha1:   d606fb184d82b97b2e60d27ebc13d0d0cd501b4b
Sha256: 055621dadb6e98cac99d672ceadec59b45082ed38a566e46bdb341303de3fc65

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /css?family=Nunito%3A400%7CPlayfair+Display%3A400%7CMontserrat%3A700&display=fallback&ver=3.9.2 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 27 Oct 2022 04:08:12 GMT
date: Thu, 27 Oct 2022 04:08:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---