r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e36c852b5e145f2f09fe73111fb162e1
e439c6a462f86a3003d6464a8b9999b1c4d1e210
52a721168d0c41cb0854ff8c730fce3b79db2e804b383238e95ff1401922bd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52A721168D0C41CB0854FF8C730FCE3B79DB2E804B383238E95FF1401922BD74"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4973
Expires: Thu, 27 Oct 2022 05:31:04 GMT
Date: Thu, 27 Oct 2022 04:08:11 GMT
Connection: keep-alive
conocotradings.co/
68.65.122.147301 Moved Permanently 707 B IP 68.65.122.147:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 27 Oct 2022 04:08:11 GMT
server: LiteSpeed
location: https://conocotradings.co/
x-turbo-charged-by: LiteSpeed
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6472
Cache-Control: max-age=112243
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:08:11 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 11:18:54 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6472
Cache-Control: max-age=112243
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:08:11 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 11:18:54 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a39eea1096852891690eaee02a64383e
c273000f799fc3676e8e3ef3617611a31252cffc
d9d95319013d64bc2ef6d9870f4adba902ee970b6f9e96279c9ed86f556e0001
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9D95319013D64BC2EF6D9870F4ADBA902EE970B6F9E96279C9ED86F556E0001"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2558
Expires: Thu, 27 Oct 2022 04:50:49 GMT
Date: Thu, 27 Oct 2022 04:08:11 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PFB2yaeuuGYLWHv0WPLt0yXv8dZA4fOfRIHzj9Nl/whG6htarssIBnPYub9lBnC49+GEgRpM/OB6zX16x11zeg==
x-amz-request-id: P6B71QQNTH4JFCXD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 27 Oct 2022 03:39:27 GMT
age: 1724
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 04:08:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 03f398b44693f9963829a9451d375cf0
cb80f648620ee3cb5e82ae5f7e72edd2193aef62
952e5a4c3f88acd45755476de798917550e946d5572c37d9b2cd79f44e562717
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 04:08:12 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 26 Oct 2022 02:52:09 GMT
Expires: Wed, 02 Nov 2022 02:52:08 GMT
Etag: "cb80f648620ee3cb5e82ae5f7e72edd2193aef62"
Cache-Control: max-age=513235,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 760891b2c98bb51e-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dd283dfc036535bdeb8a8be1310ef930
d3b1c300dd75d7af630e0f3112e49d7492d66c17
578f9256faa188facb3f2d68b02b0c7fb2e30e02e2e74234d015429563cba7aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4235
Cache-Control: max-age=104950
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:08:12 GMT
Etag: "6358ea97-1d7"
Expires: Fri, 28 Oct 2022 09:17:22 GMT
Last-Modified: Wed, 26 Oct 2022 08:06:47 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
conocotradings.co/
68.65.122.147200 OK 26 kB IP 68.65.122.147:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56892), with CRLF, LF line terminators
Hash 352eb33ef6d6309865d7290d6d2f02cc
900beabc9d573356f461e38d4f2e469046c8acd9
60eed473a9a2aa77e44cd93dfddd3a859f7c0fd46f1180f7256d47ee8c4b7d86
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
link: <https://conocotradings.co/wp-json/>; rel="https://api.w.org/", <https://conocotradings.co/wp-json/wp/v2/pages/10>; rel="alternate"; type="application/json", <https://conocotradings.co/>; rel=shortlink
etag: "730-1666735468;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 25590
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f046e6113dd1e5e499c765516be08b17
c2253055e09b46209469853cad8720e64f84a1bf
18663a8f0b5d4d7581b771da6c2dc897bc2b82d51d7dac1a56d22f9bebab6fb3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:08:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f046e6113dd1e5e499c765516be08b17
c2253055e09b46209469853cad8720e64f84a1bf
18663a8f0b5d4d7581b771da6c2dc897bc2b82d51d7dac1a56d22f9bebab6fb3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:08:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
34.210.158.59101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.210.158.59:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: X/9BrF1n/dOaESzvKKq2WQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QhadVqaokYiZBx0CGqv/NpD8Dgw=
conocotradings.co/wp-content/themes/astra/assets/css/minified/compatibility/page-builder/bb-plugin.min.css?ver=3.9.2
68.65.122.147200 OK 127 B URL HTTP/2 conocotradings.co/wp-content/themes/astra/assets/css/minified/compatibility/page-builder/bb-plugin.min.css?ver=3.9.2
IP 68.65.122.147:0
File type ASCII text, with very long lines (302), with no line terminators
Hash 09707d8249bff41ab9b149ef2fc6b72c
5238d701eaed208e52bac629e8ff59f2b94f815c
30c92fe46deaaac369efa9cb07d71427069fe60b46a095917d65d10fce6046ca
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/astra/assets/css/minified/compatibility/page-builder/bb-plugin.min.css?ver=3.9.2 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: text/css
last-modified: Mon, 24 Oct 2022 04:16:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 127
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.9.2
68.65.122.147200 OK 8.4 kB URL HTTP/2 conocotradings.co/wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.9.2
IP 68.65.122.147:0
File type ASCII text, with very long lines (44114)
Hash 161f99d3338e0e49293d3095994acf22
42619cd9255821306c5fa37b6c58c3f9cb0fe700
74c4d05146c54581e48f71e69aabf5b5a7a3e9970aaa1a2fe8381b2f73ac0d24
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.9.2 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: text/css
last-modified: Mon, 24 Oct 2022 04:16:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8419
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
68.65.122.147200 OK 11 kB URL HTTP/2 conocotradings.co/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 68.65.122.147:0
File type ASCII text, with very long lines (43771)
Hash d45207ee05c1f0c57dfa075e61405ccd
a8d35143a2d828a739ea0fdde75f97d33621e7ec
a9a4adbbcee31ec277f1bdd573eef97dc4341f29f2db3b5685a02dfe4d2fe9bb
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: text/css
last-modified: Mon, 04 Jul 2022 21:40:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10946
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.5.1
68.65.122.147200 OK 1.8 kB URL HTTP/2 conocotradings.co/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.5.1
IP 68.65.122.147:0
File type ASCII text, with very long lines (10435), with no line terminators
Hash f7237084ac82ea6a4f5bf1448c3a2148
60457635a5e809ee1199c61090d8e33b91e8e1f2
18a1cb7f08c1ace52a79f46d73461ed03bf8cf5c9e8a3687eacc3e04f08e7a09
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.5.1 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: text/css
last-modified: Mon, 24 Oct 2022 04:31:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1754
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.5.1
68.65.122.147200 OK 22 kB URL HTTP/2 conocotradings.co/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.5.1
IP 68.65.122.147:0
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash 66c0d8e7043ce32a0a22feffb13557ff
5c31173df12f7ac740c078a1b56f8e64dbb789aa
44705113051545459aedc2d4463156019b3119ed6c278dc31d7d5f4a6a66d9cd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.5.1 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: text/css
last-modified: Mon, 24 Oct 2022 04:31:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 22437
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
68.65.122.147200 OK 848 B URL HTTP/2 conocotradings.co/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP 68.65.122.147:0
Hash c962ba8e7d42ff9da18392b41dad5151
7b89bc5e6ad161df2e6d7f7fb3ad894aa04b827f
322a4949c5bdd82eb80c13bbbd407ce30a7ad226685c54270d246cb6960e524e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: text/css
last-modified: Mon, 24 Oct 2022 09:15:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 848
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/uploads/bb-plugin/cache/10-layout.css?ver=95ab821563d45677defed724e424ba63
68.65.122.147200 OK 8.6 kB URL HTTP/2 conocotradings.co/wp-content/uploads/bb-plugin/cache/10-layout.css?ver=95ab821563d45677defed724e424ba63
IP 68.65.122.147:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 436fe3b5536b0bf31680f2ebdc1c388e
ffc0249e3ddbf5ab83197db59a87ad6a055990c2
82eaaafeca927fea358af11f03b29137067f9b7238d7dfbfc6936a747fe0ac90
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/bb-plugin/cache/10-layout.css?ver=95ab821563d45677defed724e424ba63 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: text/css
last-modified: Mon, 24 Oct 2022 18:33:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8570
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.9.2
68.65.122.147200 OK 344 B URL HTTP/2 conocotradings.co/wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.9.2
IP 68.65.122.147:0
File type ASCII text, with very long lines (882), with no line terminators
Hash 3451c3b3d0677e5875de4c69462938cc
8ffbe1fe3f2e3fa5f47e3988b4cd645670280dc2
4f6bdfd0a626ab45f0ef60de99c73adafde68d55d3a4bbf4723ba3ddcf045420
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.9.2 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: text/css
last-modified: Mon, 24 Oct 2022 04:16:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 344
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout.min.css?ver=3.9.2
68.65.122.147200 OK 2.0 kB URL HTTP/2 conocotradings.co/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout.min.css?ver=3.9.2
IP 68.65.122.147:0
File type ASCII text, with very long lines (18333), with no line terminators
Hash 2dc4f2958888c14f5ab19ffbd13166bd
9b76b636181455e889739393b7dc518ff162b7eb
ac7e28d4aad4c1332951c076253f9c566bcbf4008b65d73457be397b5adf4395
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout.min.css?ver=3.9.2 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: text/css
last-modified: Mon, 24 Oct 2022 04:16:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1954
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.5.5.5
68.65.122.147200 OK 3.0 kB URL HTTP/2 conocotradings.co/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.5.5.5
IP 68.65.122.147:0
Hash 034e5b3214e219e60571be47c6e0f448
d42309513ec24f80cee57333ad153c2d529a4f94
1e1d229846da1d49c1cffb1168f0a4e3089c358a0fc70216ee3e2e261d1f1be0
GET /wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.5.5.5 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: text/css
last-modified: Mon, 24 Oct 2022 04:16:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3031
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce.min.css?ver=3.9.2
68.65.122.147200 OK 15 kB URL HTTP/2 conocotradings.co/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce.min.css?ver=3.9.2
IP 68.65.122.147:0
File type Unicode text, UTF-8 text, with very long lines (65526), with no line terminators
Hash d090dda06acf6104acbbf1244344027d
706d61a8128061aaceb7c5244037bce6977a734d
db2dfe8554887e5e54a5f4aa38912d8bf398f27911b2cdd136a293cf293a7048
GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce.min.css?ver=3.9.2 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: text/css
last-modified: Mon, 24 Oct 2022 04:16:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15163
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/plugins/creame-whatsapp-me/public/css/joinchat-btn.min.css?ver=4.5.11
68.65.122.147200 OK 2.0 kB URL HTTP/2 conocotradings.co/wp-content/plugins/creame-whatsapp-me/public/css/joinchat-btn.min.css?ver=4.5.11
IP 68.65.122.147:0
File type ASCII text, with very long lines (6021), with no line terminators
Hash 96919ed3a12fa25443b0296b5d59c1d3
0e29f4090fb2622e4b123bb730c556a59e3600c6
ae94826ae36282085de96bba35b22015da1c378f86f79e4bb8f5d0d08ccf8090
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/creame-whatsapp-me/public/css/joinchat-btn.min.css?ver=4.5.11 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: text/css
last-modified: Mon, 24 Oct 2022 05:23:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1951
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
68.65.122.147200 OK 4.0 kB URL HTTP/2 conocotradings.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 68.65.122.147:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/uploads/2022/10/cropped-logo-1-80x76.png
68.65.122.147200 OK 3.5 kB URL HTTP/2 conocotradings.co/wp-content/uploads/2022/10/cropped-logo-1-80x76.png
IP 68.65.122.147:0
File type PNG image data, 80 x 76, 8-bit/color RGBA, non-interlaced\012- data
Hash 378d571a40294f3dcabe64780c6c5148
b46848da663df79980f5718098e789ffae891bfa
7b2ea4f320de302abf5afdbd8ff24c424abdf9ce960732eb789b43576cdcd7f6
GET /wp-content/uploads/2022/10/cropped-logo-1-80x76.png HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/png
last-modified: Mon, 24 Oct 2022 10:54:07 GMT
accept-ranges: bytes
content-length: 3521
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
68.65.122.147200 OK 30 kB URL HTTP/2 conocotradings.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 68.65.122.147:0
File type ASCII text, with very long lines (65447)
Hash 34f918ada1fe4f01c5a4b90065bbc37a
a731f6ce2d413805e39ae45994012b1bd5ea1e2b
eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: application/javascript
last-modified: Thu, 11 Mar 2021 01:37:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30273
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d14190b7d44355f74384008fc2bc965b
8899240507992ceba98f567c079650149cc583a4
2db73ab3dfce1101ff8aaa09fe7227ad8017486b3ec3f536b7f8a1102ec0c267
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:08:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d14190b7d44355f74384008fc2bc965b
8899240507992ceba98f567c079650149cc583a4
2db73ab3dfce1101ff8aaa09fe7227ad8017486b3ec3f536b7f8a1102ec0c267
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:08:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
216.58.207.195200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 19860, version 1.0\012- data
Hash a95e391373ad634c3b7dbaf77de3f40e
ddc4638bc28c21a400fcd2df94448743f198a257
fa3d5a0422c9b413abb4c78f8ff80de8a8ed58766f7110c82febf5296e899b47
GET /s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://conocotradings.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 24 Oct 2022 22:46:46 GMT
expires: Tue, 24 Oct 2023 22:46:46 GMT
cache-control: public, max-age=31536000
age: 192087
last-modified: Mon, 18 Jul 2022 19:06:33 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d14190b7d44355f74384008fc2bc965b
8899240507992ceba98f567c079650149cc583a4
2db73ab3dfce1101ff8aaa09fe7227ad8017486b3ec3f536b7f8a1102ec0c267
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:08:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
216.58.207.195200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 14060, version 1.0\012- data
Hash aacf0f4f8b5d693087b4d8ac6c86d2ae
ad06f3ffd0db6034eb0a12f98aa8aa4dead430fb
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7
GET /s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://conocotradings.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14060
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 24 Oct 2022 21:11:50 GMT
expires: Tue, 24 Oct 2023 21:11:50 GMT
cache-control: public, max-age=31536000
age: 197783
last-modified: Mon, 18 Jul 2022 19:44:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 12848, version 1.0\012- data
Hash f0b3206d02a2f684530117ce1d7e8ce0
f3708b707b65e241b0f1c819d5f7bf7da8412653
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://conocotradings.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12848
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 16:43:33 GMT
expires: Fri, 20 Oct 2023 16:43:33 GMT
cache-control: public, max-age=31536000
age: 559480
last-modified: Mon, 11 Jul 2022 18:56:00 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d14190b7d44355f74384008fc2bc965b
8899240507992ceba98f567c079650149cc583a4
2db73ab3dfce1101ff8aaa09fe7227ad8017486b3ec3f536b7f8a1102ec0c267
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:08:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2458
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Thu, 27 Oct 2022 04:08:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2458
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Thu, 27 Oct 2022 04:08:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2458
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Thu, 27 Oct 2022 04:08:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2458
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Thu, 27 Oct 2022 04:08:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa85c6304-6f72-4904-bb25-968b35616ef5.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa85c6304-6f72-4904-bb25-968b35616ef5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4f9f8683351154be3300311e3a7e29e3
4fc868d652910c7dcf4ef0e87531de4ee6007c45
d4f012729e0eddc20948ad98d653794204f80344a5840142877dcaa8d2520a71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa85c6304-6f72-4904-bb25-968b35616ef5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7428
x-amzn-requestid: f474225b-1b7e-4e4e-b967-827dff138e2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aioFrH2ioAMF4Pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635753bd-140dc30a1ca63aae54cd4621;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 03:10:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uXh_puh8KbSQsJ9E6WnyTjLF_nBhhSOrg4TOx5BugoMM88DOz66jgA==
via: 1.1 78c1c4eb451e4790ed630b0d5a576590.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 03:34:39 GMT
age: 2014
etag: "4fc868d652910c7dcf4ef0e87531de4ee6007c45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe98a4c03-5fa3-4445-a037-d229b86c94a6.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe98a4c03-5fa3-4445-a037-d229b86c94a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb430e5efbc6c8c306fce87e26faf734
b05b7299a7e473e873510671a6abdd5227a53f46
c49d64e87ec8243a1ee7f214f21988b6f6a33ba93814ec31262d80e4a22b8504
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe98a4c03-5fa3-4445-a037-d229b86c94a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8936
x-amzn-requestid: d0698fc0-e4c9-4633-9b64-df09be35b450
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocuiGBlIAMF-LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7f6-7c78a1fc43552b934e6b8708;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:46 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gus8UKo03dRkfqPRhxnW6zzqx7o-2tZbbv-DsBSW7UREHPOA1uqdUw==
via: 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:47:37 GMT
etag: "b05b7299a7e473e873510671a6abdd5227a53f46"
content-type: image/jpeg
age: 22836
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd660616a-1641-4ad3-bf62-59dfe54ba2e9.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd660616a-1641-4ad3-bf62-59dfe54ba2e9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd902e06ceaeb060cec24c464c11738d
ffdfde08eb38e20b01c550fd4b1bb871304bb0ea
593f5c12c617c7217205d8aa95fe5f0c46014e5be8f2c8d3010cdd876faeb7dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd660616a-1641-4ad3-bf62-59dfe54ba2e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5247
x-amzn-requestid: 7e07eeaa-b95a-4283-8ca7-fb28e9e30258
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRpdhGDJIAMFd7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63508923-4e947c3539ad0d6d777a47cd;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 23:32:51 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -YRLmJMcCGHOfiEy_FwyogtW6h5rmYiu9EMZfXG4Jg8tJRtIxlKKnw==
via: 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:51:10 GMT
age: 22623
etag: "ffdfde08eb38e20b01c550fd4b1bb871304bb0ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9098f868-2119-42f3-92b9-615f0a2c32f6.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9098f868-2119-42f3-92b9-615f0a2c32f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 36dbf36c45aa3c5d6e10f8c4afd8bf34
bee7e540981a4ffb14728d2ac4a53ce28e299d0d
0dad70dc63e95aa8fd9befdb7dc4f971bad962e300f380dab2a04cc60138374d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9098f868-2119-42f3-92b9-615f0a2c32f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8760
x-amzn-requestid: 013df52a-1abe-4a1b-ac52-9a5ec5da55b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocv2HRMoAMF5mA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7fe-70e98155664262621b8538b5;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9uDSJn3yAYI7RNgIs96f2AT8nfTgd6YbFkMAc9aJAW4wTMiN_JqhEw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:47:46 GMT
etag: "bee7e540981a4ffb14728d2ac4a53ce28e299d0d"
content-type: image/jpeg
age: 22827
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faedeaf71-ffea-4e66-9a25-1410acdb03ec.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faedeaf71-ffea-4e66-9a25-1410acdb03ec.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ace7660d2948795997e3c7cb9cf12495
fed9b6693077d233f60cc7394c7b667291ffade7
fd4718a6649572cbaf13f46b8e2961cd1c680afa1494b0bacd5fda9010a95098
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faedeaf71-ffea-4e66-9a25-1410acdb03ec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5136
x-amzn-requestid: 0059b05c-746b-41cd-8cc1-c744d0b149fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aoc2-H9sIAMFquA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a82c-772120580c4cf9e45b685971;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:35:40 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fqqRNgPgAZRwp_xRyHC3YzEKQTwydDs45MNLQC7hoRpytCb91-9b5Q==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:51:05 GMT
age: 22628
etag: "fed9b6693077d233f60cc7394c7b667291ffade7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44add2bd-5fb0-4610-825b-d696ec78ca49.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44add2bd-5fb0-4610-825b-d696ec78ca49.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05e2d92ca05c08e9598d4128d55b1cba
109364ef1db445ba6c5e8c1178ab56fcce80d346
078e257c6bb8d7d46022c4786b54584c8868eb138e293b37ef164221b519f7bb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44add2bd-5fb0-4610-825b-d696ec78ca49.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6619
x-amzn-requestid: 5b0d857f-cba8-4cc2-9ff5-bf3560f7620e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aVb3RHk1oAMF3KQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63520cfb-30108b2d2bf56f3d0edbaa67;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 03:07:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rnJCFnqy9-kDnIS-oExds78LCxiyL3noVoC_I2PVpybhmZoQHi2GoA==
via: 1.1 6e11af43b7d44f54f9a54c759c251f16.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 12:31:05 GMT
age: 56228
etag: "109364ef1db445ba6c5e8c1178ab56fcce80d346"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
conocotradings.co/wp-content/uploads/bb-plugin/cache/s-pdpxl-1-square.jpg
68.65.122.147200 OK 15 kB URL HTTP/2 conocotradings.co/wp-content/uploads/bb-plugin/cache/s-pdpxl-1-square.jpg
IP 68.65.122.147:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 459x459, components 3\012- data
Hash 539d3dddd0dfe6274ad1d208e5345057
aa85cb274507f43cdc6ebd3fad59c1de7cbfa620
0fbcaeacdbc14450a8dca0f7589e4740255eb2a0979b66c8462c25b8687fce26
GET /wp-content/uploads/bb-plugin/cache/s-pdpxl-1-square.jpg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 14940
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.2
68.65.122.147200 OK 3.8 kB URL HTTP/2 conocotradings.co/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.2
IP 68.65.122.147:0
File type ASCII text, with very long lines (16935), with no line terminators
Hash 3a5528d3c5255102448258fcf5496360
332bb0c5baaf8110b353094632417e9f313a8b94
024bb2f7ca7725ca60738783b8b6bbc237c937b6725aec3c2a1044961857186a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.2 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 04:16:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3808
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/themes/astra/assets/js/minified/mobile-cart.min.js?ver=3.9.2
68.65.122.147200 OK 747 B URL HTTP/2 conocotradings.co/wp-content/themes/astra/assets/js/minified/mobile-cart.min.js?ver=3.9.2
IP 68.65.122.147:0
File type ASCII text, with very long lines (2928), with no line terminators
Hash 7eef215fd0f4722fd9fc7860af14a9e5
abbfe7e3dcf6e76536351453f5f2c8aa06fcb1df
8e23d11d96981b3d2cf0a8f816debd0b551f005169dc361e227dd60377b58bf1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/astra/assets/js/minified/mobile-cart.min.js?ver=3.9.2 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 04:16:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 747
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/plugins/beaver-builder-lite-version/js/jquery.waypoints.min.js?ver=2.5.5.5
68.65.122.147200 OK 2.5 kB URL HTTP/2 conocotradings.co/wp-content/plugins/beaver-builder-lite-version/js/jquery.waypoints.min.js?ver=2.5.5.5
IP 68.65.122.147:0
File type Unicode text, UTF-8 text, with very long lines (8668)
Hash 8b4fa51676b888b9690b0a569df29b46
964d5ab97da06207502b98ee7843fd89892eb45c
eb319f1642b22c8345126fe8fc6c680b4f1388cce434df5079051751f44fa320
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/beaver-builder-lite-version/js/jquery.waypoints.min.js?ver=2.5.5.5 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 04:31:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2540
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/uploads/bb-plugin/cache/10-layout.js?ver=161f5d375033354b822bb13a04954bfc
68.65.122.147200 OK 8.5 kB URL HTTP/2 conocotradings.co/wp-content/uploads/bb-plugin/cache/10-layout.js?ver=161f5d375033354b822bb13a04954bfc
IP 68.65.122.147:0
File type Unicode text, UTF-8 text, with very long lines (5432)
Hash b83c0bbd4a5cf86092b1e37988330ed8
8c9c515e0fbec1ea024558c7743e4950dc97f417
0b0b047df6a05b70b55211d52f1694264faa66ef213713f6301052c2538e39d6
GET /wp-content/uploads/bb-plugin/cache/10-layout.js?ver=161f5d375033354b822bb13a04954bfc HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 18:33:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8513
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
68.65.122.147200 OK 2.8 kB URL HTTP/2 conocotradings.co/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 68.65.122.147:0
File type ASCII text, with very long lines (9937), with no line terminators
Hash 4317b1c024df372435f6482deadddeb3
5c8824a17e40a44ea8fc51568b98bdb1e2e7fab5
3798fb16289ba55459fb6d3b2efa915e3c019c5942759abb7bd19a0ef622b85d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 09:15:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2817
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
68.65.122.147200 OK 3.7 kB URL HTTP/2 conocotradings.co/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 68.65.122.147:0
File type HTML document, ASCII text, with very long lines (12310), with no line terminators
Hash dc6411bfa6891b75944f0074c945752d
03c1a8b686c287068c61ab90f58d905496d65085
96abeabc9cc7b4c2b7d46579f2827c67ccd02fbaef0343ae052f71accd381b0d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 09:15:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3706
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.0.0
68.65.122.147200 OK 974 B URL HTTP/2 conocotradings.co/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.0.0
IP 68.65.122.147:0
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash fd8b126d3265cc6afc5b672273f78531
5058e579885cccf36c44bdeb5b7318bd75952af9
72da6709db061566cb5f67322f674a77f68acb69ac6181d37f9ca4a1bb7287b7
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.0.0 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 04:31:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 974
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.0.0
68.65.122.147200 OK 899 B URL HTTP/2 conocotradings.co/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.0.0
IP 68.65.122.147:0
File type ASCII text, with very long lines (1668)
Hash 22d65ba38528349e705d912ce26bf8ac
c89ba006009043d93b88ff155b4fec8797330550
6253bcb85e4267ad3ba843145534e729ee2c1d7e85e5b4ab5b2e074ae636bca3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.0.0 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 04:31:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 899
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.0.0
68.65.122.147200 OK 934 B URL HTTP/2 conocotradings.co/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.0.0
IP 68.65.122.147:0
File type ASCII text, with very long lines (2938), with no line terminators
Hash cf25dd071a208312bdc07f34d2cee027
76119563119eaae392ecc8903c989d98d0b93002
8635ba2cad8f887e72779bd526f8738ff6343c74cba715caf2eddea383ba7ce6
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.0.0 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 04:31:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 934
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.0.0
68.65.122.147200 OK 677 B URL HTTP/2 conocotradings.co/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.0.0
IP 68.65.122.147:0
File type ASCII text, with very long lines (2139), with no line terminators
Hash a43fc0dde8fdd69656ad0957e62849c7
4b07cf702ac8a770c8cbffc22b9a788b6e5389ba
1ce3d0493424870c81deec0ec41de0592d2af9f91cd8081cd40a1d7ea89b614f
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.0.0 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 04:31:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 677
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.11
68.65.122.147200 OK 2.5 kB URL HTTP/2 conocotradings.co/wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.11
IP 68.65.122.147:0
File type ASCII text, with very long lines (8082), with no line terminators
Hash 130a237beca0d43b5e806afc8bb690fa
051b82c318203daf5008f87007c015971072b951
e9f5d85f28c930369e90bd08386ee17eee2b85a61a99211733b93aa26c96ec72
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.11 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 05:23:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2543
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
68.65.122.147200 OK 4.6 kB URL HTTP/2 conocotradings.co/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 68.65.122.147:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 15:26:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.0.0
68.65.122.147200 OK 3.2 kB URL HTTP/2 conocotradings.co/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.0.0
IP 68.65.122.147:0
File type ASCII text, with very long lines (9115)
Hash 66c388e07cfb57895688b3347ab7290b
f23bd7a31995b3b19924575f2afa297a29257856
3971f3ab5179d1f4f91d2c102f27c2bf1dac2c04e2f62ff3eae3ebfa8c28494e
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.0.0 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 04:31:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3245
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/uploads/bb-plugin/cache/wholesale-80gsm-thin-a4-copy-paper-high-quality-1556313275-4876174-square.jpeg
68.65.122.147200 OK 36 kB URL HTTP/2 conocotradings.co/wp-content/uploads/bb-plugin/cache/wholesale-80gsm-thin-a4-copy-paper-high-quality-1556313275-4876174-square.jpeg
IP 68.65.122.147:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 600x600, components 3\012- data
Hash 6a196f6769d7fdc4461d53504b6bd025
1c230d2bd43e54e307a3190f31a348c771b1c6a0
c58ab77067dd77312b26268f30084a35a1f759332812f7b8e09fe3a8fab09169
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/bb-plugin/cache/wholesale-80gsm-thin-a4-copy-paper-high-quality-1556313275-4876174-square.jpeg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 36248
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/uploads/bb-plugin/cache/5121_25082013031431_pic-square.jpg
68.65.122.147200 OK 34 kB URL HTTP/2 conocotradings.co/wp-content/uploads/bb-plugin/cache/5121_25082013031431_pic-square.jpg
IP 68.65.122.147:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 500x500, components 3\012- data
Hash feca9b561fa7717080f452f082fe5993
78f23aa5a9a9393e91434f2617f12e4437f93622
364870279489e00c6136217207aef47209bb9b1b251e0efc2da58a319679bc5e
GET /wp-content/uploads/bb-plugin/cache/5121_25082013031431_pic-square.jpg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 33731
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/uploads/bb-plugin/cache/JK-Copier-A4-square.jpg
68.65.122.147200 OK 39 kB URL HTTP/2 conocotradings.co/wp-content/uploads/bb-plugin/cache/JK-Copier-A4-square.jpg
IP 68.65.122.147:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 374x374, components 3\012- data
Hash 5db53d6f1571170dcb628f3aa15798fa
65711e14546a3d5953aa66fc7bcdf203da968d81
6d8aa7b870cc2c51c523d5ee30bf9657ac0006fe4ae9c105ec4ce90c48aafb56
GET /wp-content/uploads/bb-plugin/cache/JK-Copier-A4-square.jpg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 39390
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/uploads/bb-plugin/cache/silo-product-image-v2-12Nov2021-073244-6003977000206-front-2825842-72358_400Wx400H-square.jpg
68.65.122.147200 OK 26 kB URL HTTP/2 conocotradings.co/wp-content/uploads/bb-plugin/cache/silo-product-image-v2-12Nov2021-073244-6003977000206-front-2825842-72358_400Wx400H-square.jpg
IP 68.65.122.147:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 400x400, components 3\012- data
Hash cbd9ada4235cd2a1d7ace5d062db9dd0
0b7e5b1ac2535aaa42aab74e4092c17f5952c960
e3fab3cd5f0bbfab5ed6bf98609fd5ea25cf1adfa30d13592b77c5e4f2990a0b
GET /wp-content/uploads/bb-plugin/cache/silo-product-image-v2-12Nov2021-073244-6003977000206-front-2825842-72358_400Wx400H-square.jpg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 26516
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/uploads/bb-plugin/cache/Xerox-A3-Copier-Printing-A4-Copy-Paper-70-GSM-square.jpg
68.65.122.147200 OK 18 kB URL HTTP/2 conocotradings.co/wp-content/uploads/bb-plugin/cache/Xerox-A3-Copier-Printing-A4-Copy-Paper-70-GSM-square.jpg
IP 68.65.122.147:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 360x360, components 3\012- data
Hash b5d96d4f54b2cdc34419f714ac8a47cd
880dca7ca2c32fc4357e8d9681e110d659135145
e2bfc93f44be2fde743976c3be462f2378e55095c1d9db1eaa79f7550b0e0e63
GET /wp-content/uploads/bb-plugin/cache/Xerox-A3-Copier-Printing-A4-Copy-Paper-70-GSM-square.jpg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 17587
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/uploads/bb-plugin/cache/UTB86aa1oRahduJk43Jaq6zM8FXax-square.jpg
68.65.122.147200 OK 26 kB URL HTTP/2 conocotradings.co/wp-content/uploads/bb-plugin/cache/UTB86aa1oRahduJk43Jaq6zM8FXax-square.jpg
IP 68.65.122.147:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 350x350, components 3\012- data
Hash 8d7b9d788b2d5603463d1ecbec839acd
e0be084793def26023a42288ad9c756be753a9b5
04b61b9d8e289b3e0d29f1462d18522650d2d5421452ed40128a644cc7b04703
GET /wp-content/uploads/bb-plugin/cache/UTB86aa1oRahduJk43Jaq6zM8FXax-square.jpg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 25995
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/uploads/bb-plugin/cache/paperline-gold2-square.jpg
68.65.122.147200 OK 18 kB URL HTTP/2 conocotradings.co/wp-content/uploads/bb-plugin/cache/paperline-gold2-square.jpg
IP 68.65.122.147:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 370x370, components 3\012- data
Hash 5c0defca637b3ce5c3896b1c26b2c259
a7fbff84afd53899f44b855266a18a0aae550702
f0cc96cc38032201174e59a31673c8e05fb484ca34032ae140739bd467502cfd
GET /wp-content/uploads/bb-plugin/cache/paperline-gold2-square.jpg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 18090
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/uploads/bb-plugin/cache/paperline-square.jpg
68.65.122.147200 OK 19 kB URL HTTP/2 conocotradings.co/wp-content/uploads/bb-plugin/cache/paperline-square.jpg
IP 68.65.122.147:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 370x370, components 3\012- data
Hash 85b041cbcdad1e1839634dbe858287ca
c890e0a1b354dcf25c0aafc6b35ed17fa7d0b69f
fb174fcd45667b213a6b6f1c49cee545f6b4924bad1de2419cb74340b73c1494
GET /wp-content/uploads/bb-plugin/cache/paperline-square.jpg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 19219
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/uploads/bb-plugin/cache/paper-one-copier-paper-a4-80gsm-500x500-1-square.jpg
68.65.122.147200 OK 44 kB URL HTTP/2 conocotradings.co/wp-content/uploads/bb-plugin/cache/paper-one-copier-paper-a4-80gsm-500x500-1-square.jpg
IP 68.65.122.147:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 500x500, components 3\012- data
Hash 81c2e8ffae36639a3edebbc50882d4aa
01924ef729eccfd84deec69de72bcbf72ff48c1a
1c80c82da162578cbd44ec45cfd8699acfadcfc24aa4dd03fc32e44deed861ed
GET /wp-content/uploads/bb-plugin/cache/paper-one-copier-paper-a4-80gsm-500x500-1-square.jpg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 44140
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/uploads/bb-plugin/cache/81FcsyVO81L._SX679_-square.jpg
68.65.122.147200 OK 42 kB URL HTTP/2 conocotradings.co/wp-content/uploads/bb-plugin/cache/81FcsyVO81L._SX679_-square.jpg
IP 68.65.122.147:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 498x498, components 3\012- data
Hash 6d64b7c15d9744a9ea0c8ee919d31625
ae2fc1560db1de448f8e3ec73721f12c5b405150
211ee5005d6db2f0998759da8ea7dd328ac67faf397b8ef2ba11ea5d48f27d34
GET /wp-content/uploads/bb-plugin/cache/81FcsyVO81L._SX679_-square.jpg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 41686
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/uploads/bb-plugin/cache/numberone-square.jpg
68.65.122.147200 OK 38 kB URL HTTP/2 conocotradings.co/wp-content/uploads/bb-plugin/cache/numberone-square.jpg
IP 68.65.122.147:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 512x512, components 3\012- data
Hash f185dc140ff029bdf01832357fba8e82
6d0d96faa0fd6b9e45945c616dd9f64fa039c2e2
d0dac35f082c3ab5974e721f41c87ba11774c87bc6038857dae93da87f35f602
GET /wp-content/uploads/bb-plugin/cache/numberone-square.jpg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 37809
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/uploads/bb-plugin/cache/7891173022868-1-zoom-square.jpg
68.65.122.147200 OK 66 kB URL HTTP/2 conocotradings.co/wp-content/uploads/bb-plugin/cache/7891173022868-1-zoom-square.jpg
IP 68.65.122.147:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 800x800, components 3\012- data
Hash 2b56c22dcaf37a8f67447b664d12ee1f
b0bc5a5d218b316c3c31992d18aa32f0b82757a9
843b348ea4c3d99dd1af4250e990c58fddc36c8d5aa0917d41c26c460425b391
GET /wp-content/uploads/bb-plugin/cache/7891173022868-1-zoom-square.jpg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 65833
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/uploads/bb-plugin/cache/712hbvemmbl.-sx679-679x679-1-square.jpg
68.65.122.147200 OK 59 kB URL HTTP/2 conocotradings.co/wp-content/uploads/bb-plugin/cache/712hbvemmbl.-sx679-679x679-1-square.jpg
IP 68.65.122.147:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 679x679, components 3\012- data
Hash 29c80bf40eafd9b56cfbc63fa8701e2a
fcb693bf8e5c8dbcae775f38c07ea5caf991231a
ae6d36638636255f77e7b767a8cbf770316481c97a33fabe1cf8a2ce4802c1df
GET /wp-content/uploads/bb-plugin/cache/712hbvemmbl.-sx679-679x679-1-square.jpg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 59231
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/uploads/bb-plugin/cache/4629622-square.jpg
68.65.122.147200 OK 114 kB URL HTTP/2 conocotradings.co/wp-content/uploads/bb-plugin/cache/4629622-square.jpg
IP 68.65.122.147:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 800x800, components 3\012- data
Size 114 kB (113560 bytes)
Hash ea246c9383f12212b6eafede4ff0ae06
fafa0856f3cc4a1e6ecfd8ce7f7ac74bb1902ccc
3e0ad32e65f429f5f95ce510e075c1e54c73261c0a2bab3c845c4c4699bfd772
GET /wp-content/uploads/bb-plugin/cache/4629622-square.jpg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:12 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 18:23:07 GMT
accept-ranges: bytes
content-length: 113560
date: Thu, 27 Oct 2022 04:08:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen.min.css?ver=3.9.2
68.65.122.147200 OK 828 B URL HTTP/2 conocotradings.co/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen.min.css?ver=3.9.2
IP 68.65.122.147:0
File type ASCII text, with very long lines (5992), with no line terminators
Hash 910b4eaefb8ed2372c8896c70f4a49dd
3fd84ac7081a80c9cd192cfe866536decd1948bf
c8bcef2beea8b022227eb9dc192040564efd7a9081a826b6ae1277f817fb688d
GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen.min.css?ver=3.9.2 HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:13 GMT
content-type: text/css
last-modified: Mon, 24 Oct 2022 04:16:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 828
date: Thu, 27 Oct 2022 04:08:13 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/uploads/2022/10/numberone.jpg
68.65.122.147200 OK 65 kB URL HTTP/2 conocotradings.co/wp-content/uploads/2022/10/numberone.jpg
IP 68.65.122.147:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 569x512, components 3\012- data
Hash 05ab012dad152e11303b9faee3ae24e0
ca07814aba97ca4bd235a21d055d811b22bc1f45
d96fa8016fcda598d57ff4354ee530701c8cac0b610c342e208199a37691b9ce
GET /wp-content/uploads/2022/10/numberone.jpg HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/wp-content/uploads/bb-plugin/cache/10-layout.css?ver=95ab821563d45677defed724e424ba63
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:13 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 06:30:03 GMT
accept-ranges: bytes
content-length: 64949
date: Thu, 27 Oct 2022 04:08:13 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/themes/astra/assets/fonts/astra.woff
68.65.122.147200 OK 3.3 kB URL HTTP/2 conocotradings.co/wp-content/themes/astra/assets/fonts/astra.woff
IP 68.65.122.147:0
File type Web Open Font Format, TrueType, length 3304, version 1.0\012- data
Hash bfe0ed8503c926d68f58ed0408dfe0d0
0346d02d96ff7d2a0278bc10f4dfdf365c80eac3
ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/astra/assets/fonts/astra.woff HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:13 GMT
content-type: font/woff
last-modified: Mon, 24 Oct 2022 04:16:30 GMT
accept-ranges: bytes
content-length: 3304
date: Thu, 27 Oct 2022 04:08:13 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/uploads/bb-plugin/icons/ultimate-icons/fonts/Ultimate-Icons.ttf?1ddi1j
68.65.122.147200 OK 93 kB URL HTTP/2 conocotradings.co/wp-content/uploads/bb-plugin/icons/ultimate-icons/fonts/Ultimate-Icons.ttf?1ddi1j
IP 68.65.122.147:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, Ultimate-Icons\012- data
Hash 4f52acd8464d9611fe731e6182f1986e
a6367a5d19bd2b65265eee57e03068dca24be313
49f204eb11dd2940cb55d01fbe8f8f2fef9167ff1cb6e22bcecde06c0078f630
GET /wp-content/uploads/bb-plugin/icons/ultimate-icons/fonts/Ultimate-Icons.ttf?1ddi1j HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.5.5.5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:13 GMT
content-type: font/ttf
last-modified: Mon, 24 Oct 2022 04:16:49 GMT
accept-ranges: bytes
content-length: 93024
date: Thu, 27 Oct 2022 04:08:13 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/uploads/2022/10/cropped-logo_transparent-32x32.png
68.65.122.147200 OK 1.2 kB URL HTTP/2 conocotradings.co/wp-content/uploads/2022/10/cropped-logo_transparent-32x32.png
IP 68.65.122.147:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash f1f1eb9b898c789fb802cac79fc503f6
cdd332b5c616e571babfe8cb5d3587c35ab57bd6
9bb46d3af3cacf8a30e6b9cc737a8fc82305f6c6260460160b01c7932cbe828f
GET /wp-content/uploads/2022/10/cropped-logo_transparent-32x32.png HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:15 GMT
content-type: image/png
last-modified: Mon, 24 Oct 2022 10:17:48 GMT
accept-ranges: bytes
content-length: 1194
date: Thu, 27 Oct 2022 04:08:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/wp-content/uploads/2022/10/cropped-logo_transparent-192x192.png
68.65.122.147200 OK 17 kB URL HTTP/2 conocotradings.co/wp-content/uploads/2022/10/cropped-logo_transparent-192x192.png
IP 68.65.122.147:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 266f564644bea7f6752d43c04be8d17d
f42e93ba9b4fadfc10a882648c8830a8d5b5d596
9afd0a36fec3035101f31f34240fb072d3a109f15c51d111bd67daac915303d5
GET /wp-content/uploads/2022/10/cropped-logo_transparent-192x192.png HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 04:08:15 GMT
content-type: image/png
last-modified: Mon, 24 Oct 2022 10:17:48 GMT
accept-ranges: bytes
content-length: 16637
date: Thu, 27 Oct 2022 04:08:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
conocotradings.co/?wc-ajax=get_refreshed_fragments
68.65.122.147200 OK 1.4 kB URL HTTP/2 conocotradings.co/?wc-ajax=get_refreshed_fragments
IP 68.65.122.147:0
File type JSON data\012- HTML document, ASCII text, with very long lines (1431), with no line terminators
Hash 78642ff7946a082ed5fc8005310cdbed
d606fb184d82b97b2e60d27ebc13d0d0cd501b4b
055621dadb6e98cac99d672ceadec59b45082ed38a566e46bdb341303de3fc65
Analyzer Verdict Alert fortinet Phishing
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: conocotradings.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://conocotradings.co
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://conocotradings.co
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
x-litespeed-tag: e76_HTTP.200,e76_HTTP.200
content-type: application/json; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-litespeed-cache-control: no-cache
content-length: 1431
date: Thu, 27 Oct 2022 04:08:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Nunito%3A400%7CPlayfair+Display%3A400%7CMontserrat%3A700&display=fallback&ver=3.9.2
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Nunito%3A400%7CPlayfair+Display%3A400%7CMontserrat%3A700&display=fallback&ver=3.9.2
IP 142.250.74.10:0
GET /css?family=Nunito%3A400%7CPlayfair+Display%3A400%7CMontserrat%3A700&display=fallback&ver=3.9.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conocotradings.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 27 Oct 2022 04:08:12 GMT
date: Thu, 27 Oct 2022 04:08:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2