r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17694
Expires: Wed, 23 Nov 2022 08:53:30 GMT
Date: Wed, 23 Nov 2022 03:58:36 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b59d95402dfb464c176610284ba13f65
1a6c62fb0d48654dd204b66161bb03fefe60f71a
40cfd59b890ec5a3570603d28d90bd7e5c506babd52c2ece93e09f1c7b2a6880
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6111
Cache-Control: max-age=116070
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 03:58:36 GMT
Etag: "637ca4f3-1d7"
Expires: Thu, 24 Nov 2022 12:13:06 GMT
Last-Modified: Tue, 22 Nov 2022 10:31:15 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 23 Nov 2022 03:09:27 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2949
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2503
Expires: Wed, 23 Nov 2022 04:40:20 GMT
Date: Wed, 23 Nov 2022 03:58:37 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4teeSHwzNuAOaTOUSrlf56Z6xUhu8wXpxiu0TbCwpWEAMUQv+Rg2q41PZXfaN3tDjR76TGwOBGc=
x-amz-request-id: YPTRQWANDK5WHHMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 23 Nov 2022 03:42:50 GMT
age: 947
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 03:58:37 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 23 Nov 2022 03:08:53 GMT
cache-control: public,max-age=3600
age: 2984
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8a181d95550cfdf3b1fc4deb71631e40
37866f7293c41fbfb817e321754cae5c5bf59f93
6aa3d2763181cc48d2ad0ce7d227f3cb3324045c3f7858ccdbae675768dcec55
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2927
Cache-Control: max-age=107825
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 03:58:37 GMT
Etag: "637c912f-1d7"
Expires: Thu, 24 Nov 2022 09:55:42 GMT
Last-Modified: Tue, 22 Nov 2022 09:06:55 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
144.91.88.248301 Moved Permanently 0 B URL HTTP/1.1 elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
IP 144.91.88.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
GET /public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW HTTP/1.1
Host: elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
X-Powered-By: PHP/8.0.15
Set-Cookie: _learn_press_session_ad4c38e4735d68a86d5927532d21fb76=6bcdc8bd8d706131455e4905e9c697b6%7C%7C1669348717%7C%7Ca36b3bd321d75be4e6669b54d03a69a1; expires=Fri, 25-Nov-2022 03:58:37 GMT; Max-Age=172800; path=/; secure; HttpOnly
PHPSESSID=qoem67vue4jp28mmk3cvk6afrf; path=/
_wordpress_lp_guest=7897931c11e5a8f4bca2296092e35d29; expires=Wed, 23-Nov-2022 04:58:37 GMT; Max-Age=3600; path=/; secure
pmpro_visit=1; path=/; HttpOnly
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Type: text/html; charset=UTF-8
X-Redirect-By: WordPress
Location: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Content-Length: 0
Date: Wed, 23 Nov 2022 03:58:37 GMT
Server: LiteSpeed
push.services.mozilla.com/
44.238.3.246101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.238.3.246:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kixeRp4DAXdnPJeQBhTH4w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lvs2I70fT63Omwv+i6yzqsi9/nU=
fonts.googleapis.com/css2?display=swap&family=Roboto:wght@300;400
142.250.74.10200 OK 607 B URL HTTP/1.1 fonts.googleapis.com/css2?display=swap&family=Roboto:wght@300;400
IP 142.250.74.10:0
Hash b7992000217706d4c417b6ddbf08ac6d
33b416bde7a6e7d0936d930b302a5e0815da9c2d
6dbb699b34f66bc3325cb47256d7e5a7b5c316c8922926652e831838b39521dd
GET /css2?display=swap&family=Roboto:wght@300;400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 23 Nov 2022 03:58:38 GMT
Date: Wed, 23 Nov 2022 03:58:38 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
www.elmersity.com/wp-content/plugins/learnpress-course-review/assets/css/course-review.css?ver=6.1.1
144.91.88.248200 OK 1.6 kB URL HTTP/1.1 www.elmersity.com/wp-content/plugins/learnpress-course-review/assets/css/course-review.css?ver=6.1.1
IP 144.91.88.248:0
Hash 9443797c9bf15bdbeef31ce2d7b743f0
0684d4fa8a988829b9a8c745b975173eaf24c399
eb2a59f6337bba4e949301fa624a87f25133d158e296ddb560480e58282d8a8c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/learnpress-course-review/assets/css/course-review.css?ver=6.1.1 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:38 GMT
Content-Type: text/css
Last-Modified: Sun, 20 Nov 2022 08:19:27 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1589
Date: Wed, 23 Nov 2022 03:58:38 GMT
Server: LiteSpeed
www.elmersity.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
144.91.88.248200 OK 12 kB URL HTTP/1.1 www.elmersity.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 144.91.88.248:0
File type ASCII text, with very long lines (47826)
Hash 45b3843596f3eda24398e2c1f68ee268
4ad9a0e6ed85ca57c5d134aa5ca546e19910640d
f2784720bca9efcc4c4c3ab35d5fa3b523eb1915acc04a53273559907d352e36
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:38 GMT
Content-Type: text/css
Last-Modified: Sun, 20 Nov 2022 07:24:12 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 12489
Date: Wed, 23 Nov 2022 03:58:38 GMT
Server: LiteSpeed
www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
144.91.88.248404 Not Found 15 kB URL HTTP/1.1 www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
IP 144.91.88.248:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9601), with CRLF, LF line terminators
Hash 6a4972d436a867f68c614fab5fce801b
f93f36f1403ab2211bd942452faff5704cf32dca
38945f5e6d611152ca43b3f5ec17ce91fa70544ba2b2687fad9984eebf01f0d1
Analyzer Verdict Alert fortinet Phishing
GET /public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Connection: Keep-Alive
X-Powered-By: PHP/8.0.15
Set-Cookie: _learn_press_session_ad4c38e4735d68a86d5927532d21fb76=17013098e13eef553aec36d3c0017dcd%7C%7C1669348718%7C%7C7d63688510810391d93c9c766af3c4d3; expires=Fri, 25-Nov-2022 03:58:38 GMT; Max-Age=172800; path=/; secure; HttpOnly
PHPSESSID=k6mvgam048vi5kef8h61enogg5; path=/
_wordpress_lp_guest=5afcd00efe84866f1db6d38d52b5cf22; expires=Wed, 23-Nov-2022 04:58:38 GMT; Max-Age=3600; path=/; secure
pmpro_visit=1; path=/; HttpOnly
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Type: text/html; charset=UTF-8
Link: <https://www.elmersity.com/wp-json/>; rel="https://api.w.org/"
Transfer-Encoding: chunked
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Wed, 23 Nov 2022 03:58:38 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5
144.91.88.248200 OK 2.0 kB URL HTTP/1.1 www.elmersity.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5
IP 144.91.88.248:0
File type ASCII text, with very long lines (10435), with no line terminators
Hash 80f5f4b65f3181fd2c46fbc899ed8544
392a043649c60e4c3d1f68c877ff05b219a0b2d5
a04ab06ce2b56d8bf267d803a7d396b288d64b8fcc40e9297e7c64e8353a7396
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:38 GMT
Content-Type: text/css
Last-Modified: Sun, 20 Nov 2022 08:08:36 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1951
Date: Wed, 23 Nov 2022 03:58:38 GMT
Server: LiteSpeed
www.elmersity.com/wp-includes/css/classic-themes.min.css?ver=1
144.91.88.248200 OK 188 B URL HTTP/1.1 www.elmersity.com/wp-includes/css/classic-themes.min.css?ver=1
IP 144.91.88.248:0
Hash 8ac085745a5bcc97c54f8088973df029
4e065566e82d4623d0f5b4d9275d3ee29e15acd1
a0b69c3418ce7d86bcd33d370dec1ba31f2d9c143d932f52de7c4f98427a813f
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:38 GMT
Content-Type: text/css
Last-Modified: Sun, 20 Nov 2022 07:24:14 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 188
Date: Wed, 23 Nov 2022 03:58:38 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/plugins/paid-memberships-pro/css/frontend.css?ver=2.9.6
144.91.88.248200 OK 3.9 kB URL HTTP/1.1 www.elmersity.com/wp-content/plugins/paid-memberships-pro/css/frontend.css?ver=2.9.6
IP 144.91.88.248:0
File type ASCII text, with CRLF line terminators
Hash 77fecaf1f5d5f9f40f1bc7d05feca097
a855a1420cebcb38be4166540881da1655e48b85
753e6de991b21992e11b98ecfd6f6241befce9c207457edb51f1d09e18b37903
GET /wp-content/plugins/paid-memberships-pro/css/frontend.css?ver=2.9.6 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:38 GMT
Content-Type: text/css
Last-Modified: Sun, 20 Nov 2022 08:10:19 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 3868
Date: Wed, 23 Nov 2022 03:58:38 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
144.91.88.248200 OK 972 B URL HTTP/1.1 www.elmersity.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP 144.91.88.248:0
Hash e355e7e30d2cbeebefa6977790886c3a
eccf1c43237a1de702ae36722813fa10d580dd4e
49d452b612934ceb8ce12bfadb85dac2f573d458337a9ae0da76705a8ae8b018
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: text/css
Last-Modified: Sun, 20 Nov 2022 08:09:09 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 972
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5
144.91.88.248200 OK 24 kB URL HTTP/1.1 www.elmersity.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5
IP 144.91.88.248:0
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash 8f8ddf20de35cca4bec7a4f59b90f46b
abe4075fed293df0e881554a03717edb3118057f
eaf2fe104716c0f5417642b21ae2755b4d3b49ea63e6c562a3d0922fc2953d6e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:38 GMT
Content-Type: text/css
Last-Modified: Sun, 20 Nov 2022 08:08:34 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 24461
Date: Wed, 23 Nov 2022 03:58:38 GMT
Server: LiteSpeed
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17512
Expires: Wed, 23 Nov 2022 08:50:31 GMT
Date: Wed, 23 Nov 2022 03:58:39 GMT
Connection: keep-alive
www.elmersity.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=7.1.0
144.91.88.248200 OK 2.5 kB URL HTTP/1.1 www.elmersity.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=7.1.0
IP 144.91.88.248:0
File type ASCII text, with very long lines (17809), with no line terminators
Hash 4c541d58ba4dcd7ae4da1b0642e92fa5
34fcb5185b3949a2bad5de8d20d54cb28dc1629f
ce4496c8faeaedc527e9444065d661705944bd7e306cb2afe4d6de6e672b7f44
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=7.1.0 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: text/css
Last-Modified: Sun, 20 Nov 2022 08:08:52 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 2544
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=7.1.0
144.91.88.248200 OK 8.9 kB URL HTTP/1.1 www.elmersity.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=7.1.0
IP 144.91.88.248:0
File type Unicode text, UTF-8 text, with very long lines (62781), with no line terminators
Hash e02fd6b315e9abade6ebcd048bc40ada
ce2e58b9a1cb76911ea20d4b7b8f5bc9ec8d7a38
60c870f77293173fdddc56b55877a0ff8265d474c4976711f47863b102fae392
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=7.1.0 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: text/css
Last-Modified: Sun, 20 Nov 2022 08:08:52 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8881
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f13f0a4-9e67-4f61-9165-83b87312d9cb.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f13f0a4-9e67-4f61-9165-83b87312d9cb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 309227dc1b5f9193c6be8f5a010fa348
dff12e88a784a954012f257d3689862c52251d01
2d52b83ff0a58c41bf2e38abf8fce13eb87b5ecfce144ff0edc1bfadd254b452
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f13f0a4-9e67-4f61-9165-83b87312d9cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8081
x-amzn-requestid: cafd3337-7bb8-4e2d-91d4-a33439a32b80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcAMEwgoAMFl-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4067-6074dcae15d9194513916d48;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lfLcMzlaKoOXDhvCk6dJCuqkINEqJX20JltVNZMLUFhQeNPpN8cVFg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:56:14 GMT
age: 21745
etag: "dff12e88a784a954012f257d3689862c52251d01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.elmersity.com/wp-content/plugins/wp-events-manager/assets//css/frontend/events.min.css?ver=6.1.1
144.91.88.248200 OK 1.3 kB URL HTTP/1.1 www.elmersity.com/wp-content/plugins/wp-events-manager/assets//css/frontend/events.min.css?ver=6.1.1
IP 144.91.88.248:0
File type ASCII text, with very long lines (3687), with no line terminators
Hash 31be3e9a5acb919e9982c9cbc00434da
2a5713c8f96baa0dd0ddaa9e588e74b5a3848069
bb091309c571fa7bc2e3892b41451c63314751cc437f63ff970b88621e079d28
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-events-manager/assets//css/frontend/events.min.css?ver=6.1.1 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: text/css
Last-Modified: Sun, 20 Nov 2022 08:09:16 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1324
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02321462-ee42-483c-b25f-8e011f1a5f17.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02321462-ee42-483c-b25f-8e011f1a5f17.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3aa134e9259a4f258a832e223bcd5825
3648297257e246e7ec4541fef1ee549523c04f02
3abcd9f270d477b813f145b6c6ccc6c881c705a05976627762db58c4a1f4b76a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02321462-ee42-483c-b25f-8e011f1a5f17.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8128
x-amzn-requestid: 0ba11562-ea07-4058-8d6e-ac079ce63ab0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCNLcEtgoAMFVVg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8f15-3079e77022f090b112ae1804;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:10:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ymhH-B1HNHKAFHs6-zOa97ehcX4h1lV0ZLgVMoKNIdWfMpYQzy3g4w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 03:26:08 GMT
age: 1951
etag: "3648297257e246e7ec4541fef1ee549523c04f02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.elmersity.com/wp-content/plugins/wp-events-manager/inc/libraries//countdown/css/jquery.countdown.css?ver=6.1.1
144.91.88.248200 OK 337 B URL HTTP/1.1 www.elmersity.com/wp-content/plugins/wp-events-manager/inc/libraries//countdown/css/jquery.countdown.css?ver=6.1.1
IP 144.91.88.248:0
File type ASCII text, with CRLF line terminators
Hash c23a95b927d482b7fb38baae00f0ce67
3f9a5fd77446358f065483c87ebcbdf47a47bab9
fb1ff83b9dbcda253eb6153aba8555b9138d82caf64579da377bd1c551b68643
GET /wp-content/plugins/wp-events-manager/inc/libraries//countdown/css/jquery.countdown.css?ver=6.1.1 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: text/css
Last-Modified: Sun, 20 Nov 2022 08:09:16 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 337
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc29cc891-05a6-43aa-910c-6255241c5cdb.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc29cc891-05a6-43aa-910c-6255241c5cdb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1387520c00b2ce57c6e49fd89afbfe83
5404be7e1fff033a5cccc15164d77b7e96a48a81
2f0fe787a2b2da38cf134a08dc4addf281e6f96761df33780b1a74d037573d58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc29cc891-05a6-43aa-910c-6255241c5cdb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12244
x-amzn-requestid: 1766972b-e5c3-4922-a2e8-04387da9c9b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b_AL_EiaIAMFndw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c4719-27c0032c611a9aef0363e903;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 03:50:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -UJDz7KZ7uZ0DnKsTz7NMCGPOt5EIzBu16wyqAkemIO4N-97hV7sIg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:54:39 GMT
age: 18240
etag: "5404be7e1fff033a5cccc15164d77b7e96a48a81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb450e2a1-222f-4dfe-850a-f862cd102c3e.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb450e2a1-222f-4dfe-850a-f862cd102c3e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 21fc9852ed2db17695d7038195b9283f
cda806d600c9e63e50d8ec42549fb107e4915068
55a7098369eb94f4333a1079ed6ad570121b7c76eeafb35022224b86d9b7edbb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb450e2a1-222f-4dfe-850a-f862cd102c3e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6910
x-amzn-requestid: 0d4fa715-c66a-4bcb-985c-f2c2ea71b3a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-pvrF-xoAMFSMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c2330-67041f796d1906cc51e31b73;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 01:17:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: npd-DJrCfYjrwW7kfMwT38YWatTTdpr7bMRc0ikcXDwefQq-OR3ByQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 20:05:57 GMT
age: 28362
etag: "cda806d600c9e63e50d8ec42549fb107e4915068"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6d2c986e076309d51d199332caebb07a
343a5bfba0f8fec28f9345f276b44f44c6eaf6a6
64e6fba6a45c70c1db6040a2273472774c00257bef373cc45b6ca00cb819681a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9138
x-amzn-requestid: 524e565e-a9fb-45f9-b786-d64cf26a3cdf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcAAHG8IAMFhwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4066-3689e70e6212e9e77dc134f4;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cwu__NPGaU0zyAG0H1yZhmjGsFzvNmzsGv6Zt9hrF5gwSysEio2MjA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:45:52 GMT
age: 22367
etag: "343a5bfba0f8fec28f9345f276b44f44c6eaf6a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 65a3db77-b2e6-40b9-a776-021c2e9b56d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubSsHbZoAMFZNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5aa-1286b97968cc2e4c7fe8ab29;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iGM_HV13dzz5eOswbOJfjj14jlFW4jy2YsW7eJumS_TM5TxxG8VMwQ==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 03:49:13 GMT
age: 566
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.elmersity.com/wp-content/themes/course-builder/assets/css/libs/awesome/font-awesome.css?ver=6.1.1
144.91.88.248200 OK 7.1 kB URL HTTP/1.1 www.elmersity.com/wp-content/themes/course-builder/assets/css/libs/awesome/font-awesome.css?ver=6.1.1
IP 144.91.88.248:0
File type Unicode text, UTF-8 text, with very long lines (28104)
Hash 1b2153c3f3e96a535b9c3534a5e15dee
4ecd338ba9f0685fa2b424592db94a4b6e6cfe72
ecb1eaa1e22ef61e76dc46bbae3c2e593138f386a7e7b8c64199c0db9166d0b4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/course-builder/assets/css/libs/awesome/font-awesome.css?ver=6.1.1 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: text/css
Last-Modified: Sun, 20 Nov 2022 08:01:01 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 7125
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-includes/css/dashicons.min.css?ver=6.1.1
144.91.88.248200 OK 36 kB URL HTTP/1.1 www.elmersity.com/wp-includes/css/dashicons.min.css?ver=6.1.1
IP 144.91.88.248:0
File type ASCII text, with very long lines (58981)
Hash 57daffc76b4eaf9a7deb7c0e03a61f85
7b028ad43294b75d4b241239bb0190c7ab9c5273
00ab13c2e8718e6804d864984db327ff9d83c04292849c09861c73bc9020241d
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dashicons.min.css?ver=6.1.1 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: text/css
Last-Modified: Wed, 03 Mar 2021 20:46:22 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 35599
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/themes/course-builder/assets/css/libs/ionicons/ionicons.css?ver=6.1.1
144.91.88.248200 OK 8.5 kB URL HTTP/1.1 www.elmersity.com/wp-content/themes/course-builder/assets/css/libs/ionicons/ionicons.css?ver=6.1.1
IP 144.91.88.248:0
File type Unicode text, UTF-8 text, with very long lines (47874)
Hash a3b428db49314468e37b44d8996c0824
16359335a82ed2dc42bba211d2521c350a636785
18dd0f3d56b06f5ac4e95876a0c79624297e7828877f48d175cafb4236b085f9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/course-builder/assets/css/libs/ionicons/ionicons.css?ver=6.1.1 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: text/css
Last-Modified: Sun, 20 Nov 2022 08:01:01 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8468
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/themes/course-builder/assets/css/libs/magnific-popup/main.css?ver=6.1.1
144.91.88.248200 OK 1.6 kB URL HTTP/1.1 www.elmersity.com/wp-content/themes/course-builder/assets/css/libs/magnific-popup/main.css?ver=6.1.1
IP 144.91.88.248:0
File type ASCII text, with very long lines (5204), with no line terminators
Hash e3e0b498465a708c4bbe8c2742929b36
694ee10bcbba58874b3c29a3bf23e36285b03ee0
5606bb8fad96f0d007fd76b495ed7d8da27d41928a1a83622a8d3d500977b365
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/course-builder/assets/css/libs/magnific-popup/main.css?ver=6.1.1 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: text/css
Last-Modified: Sun, 20 Nov 2022 08:01:01 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1577
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/themes/course-builder/assets/css/libs/owl-carousel/owl.carousel.css?ver=6.1.1
144.91.88.248200 OK 1.0 kB URL HTTP/1.1 www.elmersity.com/wp-content/themes/course-builder/assets/css/libs/owl-carousel/owl.carousel.css?ver=6.1.1
IP 144.91.88.248:0
File type ASCII text, with very long lines (3473), with no line terminators
Hash 9d5da6056d42dd325dfd9ae10ef80473
1f56385c778ade71065b0aa83c95b5a8babcc363
21a6c801a8dc7865aec588a8509a94a11c870b6ec4681eae0dd1b73e3afca9ff
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/course-builder/assets/css/libs/owl-carousel/owl.carousel.css?ver=6.1.1 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: text/css
Last-Modified: Sun, 20 Nov 2022 08:01:01 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1038
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/themes/course-builder/assets/css/libs/bootstrap/bootstrap.css?ver=6.1.1
144.91.88.248200 OK 18 kB URL HTTP/1.1 www.elmersity.com/wp-content/themes/course-builder/assets/css/libs/bootstrap/bootstrap.css?ver=6.1.1
IP 144.91.88.248:0
File type ASCII text, with very long lines (65317)
Hash 1aeef3544d464afa1ef3af5049f3bb05
616eb406505f7ebb497d825e85b9446bccdedf0f
984805ac9c63812efafc7d3d5b918be3347d786ca05856a51b18c2dc82ebe438
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/course-builder/assets/css/libs/bootstrap/bootstrap.css?ver=6.1.1 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: text/css
Last-Modified: Sun, 20 Nov 2022 08:01:01 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 18337
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
144.91.88.248200 OK 4.2 kB URL HTTP/1.1 www.elmersity.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 144.91.88.248:0
File type ASCII text, with very long lines (11126)
Hash c41f3a82e911de81a1817131069bc7d2
1e883290a0b794916cead41e5f0705716fd77b89
e9791f24770f098ea30bb4d25e2e10bdedb97132d0bbf7d2bd79eedac22efa27
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: application/javascript
Last-Modified: Wed, 18 Nov 2020 08:36:06 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 4168
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/plugins/learnpress/assets/css/widgets.min.css?ver=4.1.7.3.2
144.91.88.248200 OK 1.6 kB URL HTTP/1.1 www.elmersity.com/wp-content/plugins/learnpress/assets/css/widgets.min.css?ver=4.1.7.3.2
IP 144.91.88.248:0
File type Unicode text, UTF-8 text, with very long lines (12693), with no line terminators
Hash 44c6c79c7e1dd2afa6a3ad664c8e6c6b
2265cd69d485dfd581b5a543bc0752ce35df22bb
eb377172edded248eb1ab6b5ea3d71a9f24b565202f78bf924d3d1a8ede00a32
GET /wp-content/plugins/learnpress/assets/css/widgets.min.css?ver=4.1.7.3.2 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: text/css
Last-Modified: Sun, 20 Nov 2022 08:06:20 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1630
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.1.0
144.91.88.248200 OK 1.1 kB URL HTTP/1.1 www.elmersity.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.1.0
IP 144.91.88.248:0
File type HTML document, ASCII text, with very long lines (3029), with no line terminators
Hash 2f24ea3eadd3ee8d3730fb8e2dec34f7
6d7b1e8a0ab6945d30d399e1cb395800427ed547
c29c8a6002c6ab85b39a33ef6e8526c4b4c255e2b18073ae281e39fb78c547f2
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.1.0 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Nov 2022 08:08:54 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1090
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0
144.91.88.248200 OK 3.5 kB URL HTTP/1.1 www.elmersity.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0
IP 144.91.88.248:0
File type ASCII text, with very long lines (9111)
Hash 2cd4fdab8008543c444423f9ebedc4c0
103341cdb31439ff7a2e93038bb104378fe6ad7a
225a37006f64034c3004ae097e2bab8f6eeba540d687d13bb209a930f854298c
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Nov 2022 08:08:54 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 3493
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.10.0
144.91.88.248200 OK 380 B URL HTTP/1.1 www.elmersity.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.10.0
IP 144.91.88.248:0
Hash a7ce29fa5b04165b972f7ba547cb7b47
0fb66e827a5d86c4bb4bc003a88e07302c9a256f
441228ca556acd634ad15e39e1218fc95befc5b10a29657801a3f5acad8a5be6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.10.0 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Nov 2022 08:07:26 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 380
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
144.91.88.248200 OK 31 kB URL HTTP/1.1 www.elmersity.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 144.91.88.248:0
File type ASCII text, with very long lines (65447)
Hash cc5a8bfbf7d31fbc3022dc05e964a95c
81edda48c2c2c97bf79dea1ec91b89105e4ba00b
651c822702a9ac476c260fd37dccab6c3da8306ff6dd922e9d68cfa7863bfe42
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Nov 2022 07:24:35 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 31046
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.7
144.91.88.248200 OK 12 kB URL HTTP/1.1 www.elmersity.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.7
IP 144.91.88.248:0
File type Unicode text, UTF-8 text, with very long lines (12602)
Hash d46d2bcd38abe3b22d0e4988f8d326e1
47a9f7b86e54b035c98d93a942b8fbe10e6f0db4
0fa0e1cda52344af3fe98c4084ca13bf216f85f729bf1d0570a86b0c05b7844d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.7 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: text/css
Last-Modified: Sun, 20 Nov 2022 08:11:19 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 12482
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.10.0
144.91.88.248200 OK 44 kB URL HTTP/1.1 www.elmersity.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.10.0
IP 144.91.88.248:0
File type ASCII text, with very long lines (65358)
Hash 43a7bce1193e0b77da24c1ec72fb432a
bfec08d8f584a48d4a9f11ba2ed73e8aa8a4beb0
9042823206b115a428b4677e16b56511cc0dda8508ce211475ad18016414a9f7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.10.0 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: text/css
Last-Modified: Sun, 20 Nov 2022 08:07:14 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 44010
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
144.91.88.248200 OK 2.9 kB URL HTTP/1.1 www.elmersity.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 144.91.88.248:0
File type ASCII text, with very long lines (9937), with no line terminators
Hash 38069f295d4d139cbd6bc607cb308ef4
7a93a2c3d0add3f34d5a6096e1988ac51e66093c
3f2d9d73b3b0bc9b309266e9b719a09442d1416cd14ca6578a0c1f7f2ed2d2a3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Nov 2022 08:09:09 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 2948
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
144.91.88.248200 OK 3.9 kB URL HTTP/1.1 www.elmersity.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 144.91.88.248:0
File type HTML document, ASCII text, with very long lines (12310), with no line terminators
Hash 2f61aa3c296bae2dad61fda1fffdb170
096565b6067dd9ed25ef6ef156616bc28cb34507
5a81924774ba24f8dc25af594eb820ede88cfc7608c1d6d7de1b4a6183806485
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Nov 2022 08:09:09 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 3944
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0
144.91.88.248200 OK 981 B URL HTTP/1.1 www.elmersity.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0
IP 144.91.88.248:0
File type ASCII text, with very long lines (1668)
Hash 3fe4f2e7eb4e4919118d2aedede9e6b4
fb79dbf29227ba29d44123a4dc8c8bde001f46ac
195392f3677f146b65100c2b51e19fb1f66c9ac9be051728a52b4db81d69edc4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Nov 2022 08:08:54 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 981
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0
144.91.88.248200 OK 791 B URL HTTP/1.1 www.elmersity.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0
IP 144.91.88.248:0
File type ASCII text, with very long lines (2139), with no line terminators
Hash a719a0a28dd40a301188600c0640b8c1
60fbaaa306218fe94979824780ccc1a20240ad57
20520ce91c1663b93accec2c8b08d233bcd54829f55f886ca11c1c131403ba5a
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Nov 2022 08:08:56 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 791
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0
144.91.88.248200 OK 1.0 kB URL HTTP/1.1 www.elmersity.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0
IP 144.91.88.248:0
File type ASCII text, with very long lines (2938), with no line terminators
Hash ee696e5312f6d922a12cb2f0a26e0195
2aec4a0c25abc9a6c0bf07932f7cefb3789490d9
d5daef2f1677f423b3de771861902a6a14b77d66425cadc633896b98d9794d33
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Nov 2022 08:08:54 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1037
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.7
144.91.88.248200 OK 62 kB URL HTTP/1.1 www.elmersity.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.7
IP 144.91.88.248:0
File type ASCII text, with very long lines (45047)
Hash 01e487ca089969fb0ee78bedb64310b1
27dc458066d91e241e6d9a41315c07299ecaec7c
87d53aef2410e4ab3678c4ec83601654c6b51acf118372cc284d390f922fab52
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.7 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Nov 2022 08:11:30 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 62097
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/themes/course-builder/style.css?ver=3.3.9
144.91.88.248200 OK 222 kB URL HTTP/1.1 www.elmersity.com/wp-content/themes/course-builder/style.css?ver=3.3.9
IP 144.91.88.248:0
File type ASCII text, with very long lines (64804)
Size 222 kB (222097 bytes)
Hash 1011ad0d5a7f0d7afcc88a7f740c8880
ae5ec81288b46159dc1e28b1a09c2c6935705f30
12b1c07db0cb0c0eda8ca01cf97d58da1384cde9b5ae64f9b8a086f61ef8e6e7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/course-builder/style.css?ver=3.3.9 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: text/css
Last-Modified: Sun, 20 Nov 2022 08:00:56 GMT
Accept-Ranges: bytes
Transfer-Encoding: chunked
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17512
Expires: Wed, 23 Nov 2022 08:50:31 GMT
Date: Wed, 23 Nov 2022 03:58:39 GMT
Connection: keep-alive
www.elmersity.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.7
144.91.88.248200 OK 107 kB URL HTTP/1.1 www.elmersity.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.7
IP 144.91.88.248:0
File type ASCII text, with very long lines (64288)
Size 107 kB (106655 bytes)
Hash 911e7ad15c44016db2f223f805b0de7e
072efa0717289efe13402a19949b9a44cbbf7dda
d30193f0d2a9d1877895496e9c01479d35792d31c8349737beb4c378ed16c593
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.7 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Nov 2022 08:11:30 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 106655
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
144.91.88.248200 OK 7.1 kB URL HTTP/1.1 www.elmersity.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 144.91.88.248:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash a1ea044fd4d54d119f627d3939a67624
1c9b59ec1b17620f25f16b72ebc7de0ae73ac985
3421c30a5456397431cce98af963c60084eac78f5689ff38376cb3b81b24100e
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Nov 2022 07:24:35 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 7093
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-includes/js/wp-util.min.js?ver=6.1.1
144.91.88.248200 OK 759 B URL HTTP/1.1 www.elmersity.com/wp-includes/js/wp-util.min.js?ver=6.1.1
IP 144.91.88.248:0
File type ASCII text, with very long lines (1391)
Hash fc27d3cd73d101a56acf56eb5ccfb67f
eb0c558b6dda771e182203f43c36f2fbbefe4e7b
0276157df4132ef48d5797221b440adb2ad6d38778ab6cddd12383be657099e7
GET /wp-includes/js/wp-util.min.js?ver=6.1.1 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Nov 2022 07:24:36 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 759
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-includes/js/underscore.min.js?ver=1.13.4
144.91.88.248200 OK 7.3 kB URL HTTP/1.1 www.elmersity.com/wp-includes/js/underscore.min.js?ver=1.13.4
IP 144.91.88.248:0
File type ASCII text, with very long lines (18798)
Hash 0c9eb324833063b3a6a228188ad9d13b
bbb190b8d2486021226d46c78760f08939091642
d51a7349f49dc8eb8ace6c9100379db1c36fac3d981eaf008f8755d20b421632
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Nov 2022 07:24:33 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 7331
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17512
Expires: Wed, 23 Nov 2022 08:50:31 GMT
Date: Wed, 23 Nov 2022 03:58:39 GMT
Connection: keep-alive
www.elmersity.com/wp-includes/js/backbone.min.js?ver=1.4.1
144.91.88.248200 OK 7.9 kB URL HTTP/1.1 www.elmersity.com/wp-includes/js/backbone.min.js?ver=1.4.1
IP 144.91.88.248:0
File type ASCII text, with very long lines (23813)
Hash c0fe1022923c7ef1dc6fb335c02220b2
3cde3a15e4429e1cf2280b01ad0ea16be864f828
b6d11e4cbfade3866a3cb0c9704f51e03a7c4eb43764a21262e92cc033246e9e
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/backbone.min.js?ver=1.4.1 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Nov 2022 07:24:36 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 7883
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/plugins/wp-events-manager/inc/libraries//countdown/js/jquery.plugin.min.js?ver=6.1.1
144.91.88.248200 OK 1.4 kB URL HTTP/1.1 www.elmersity.com/wp-content/plugins/wp-events-manager/inc/libraries//countdown/js/jquery.plugin.min.js?ver=6.1.1
IP 144.91.88.248:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (2986), with CRLF line terminators
Hash 3e042292e3c3f6f5b9594bd2714979f7
5f2baf7a984725118cbec93dbf4d6b3b1de09a23
2ebfd4f72a2dda5d07ef10c12e267123badbeeb60ee2776e19dc8970e2675534
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-events-manager/inc/libraries//countdown/js/jquery.plugin.min.js?ver=6.1.1 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Nov 2022 08:09:16 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1355
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
wordpresslms.thimpress.com/demo-elearning-2/wp-content/themes/wordpress-lms//assets/images/404.png
172.67.74.95301 Moved Permanently 0 B URL HTTP/1.1 wordpresslms.thimpress.com/demo-elearning-2/wp-content/themes/wordpress-lms//assets/images/404.png
IP 172.67.74.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /demo-elearning-2/wp-content/themes/wordpress-lms//assets/images/404.png HTTP/1.1
Host: wordpresslms.thimpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Nov 2022 03:58:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 23 Nov 2022 04:58:39 GMT
Location: https://corptrain.thimpress.com/demo-elearning-2/wp-content/themes/wordpress-lms/assets/images/404.png
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UADKnz5BMbMTkImxVa%2BMDC%2F8mfWqLAsr31PIdqEs%2FqUneWM%2FWHNkZOuGsiAXHVxJyUuhHGsId7WrmQ5xgDih6IDj%2By0MaAJTdsQJg8tydojN%2Bv1EcmcK2fEIB3sAZIhbntfb9VANCC%2FyYlnR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e6fcd89ca0b4f3-OSL
alt-svc: h2=":443"; ma=60
www.elmersity.com/wp-content/plugins/wp-events-manager/inc/libraries//countdown/js/jquery.countdown.min.js?ver=6.1.1
144.91.88.248200 OK 4.6 kB URL HTTP/1.1 www.elmersity.com/wp-content/plugins/wp-events-manager/inc/libraries//countdown/js/jquery.countdown.min.js?ver=6.1.1
IP 144.91.88.248:0
File type ASCII text, with very long lines (13714), with CRLF line terminators
Hash b348026710ad6e8eb67119c513738217
90e5566572c3af175b5d23c3a439a1e513a56505
e6076f1d1f95bdcae1b3c5c7390ef9ccc1479049f5ff6c5ca043598c71c9e39a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-events-manager/inc/libraries//countdown/js/jquery.countdown.min.js?ver=6.1.1 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Nov 2022 08:09:16 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 4637
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/plugins/wp-events-manager/assets//js/frontend/events.min.js?ver=6.1.1
144.91.88.248200 OK 1.5 kB URL HTTP/1.1 www.elmersity.com/wp-content/plugins/wp-events-manager/assets//js/frontend/events.min.js?ver=6.1.1
IP 144.91.88.248:0
File type Unicode text, UTF-8 text, with very long lines (3899), with no line terminators
Hash 5978518a7c326ae42bf2ba7e872298a6
b6d90e340af128c02dca6226e55b638cccbef07f
89a770f22200299c0b1651c5fed6e722068f47476860e5e32058de164f37ef55
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-events-manager/assets//js/frontend/events.min.js?ver=6.1.1 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Nov 2022 08:09:18 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1532
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/themes/course-builder/assets/js/libs/bootstrap.min.js?ver=3.3.9
144.91.88.248200 OK 13 kB URL HTTP/1.1 www.elmersity.com/wp-content/themes/course-builder/assets/js/libs/bootstrap.min.js?ver=3.3.9
IP 144.91.88.248:0
File type ASCII text, with very long lines (48664)
Hash 0064eecf36c67741f3cc564d9e755883
0249ca7b3e35ecce48249623c401afa02ef709cf
554a7614660d8a572ff61f67799e1fb6251fab9f4401c6c8a7ce0017e46bad3f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/course-builder/assets/js/libs/bootstrap.min.js?ver=3.3.9 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Nov 2022 08:01:06 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 13076
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/themes/course-builder/assets/js/libs/jquery.cookie.js?ver=3.3.9
144.91.88.248200 OK 1.4 kB URL HTTP/1.1 www.elmersity.com/wp-content/themes/course-builder/assets/js/libs/jquery.cookie.js?ver=3.3.9
IP 144.91.88.248:0
Hash 7a106d687f11a59db53491be6b672be5
0242450ab96ce161fc26cbad7855907a0ac1cc2b
318cda0d2d567859f1d374d98702ac15d410d73cfd398f66eb85655309b0f450
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/course-builder/assets/js/libs/jquery.cookie.js?ver=3.3.9 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Nov 2022 08:01:06 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1386
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/themes/course-builder/assets/js/libs/owl.carousel.min.js?ver=3.3.9
144.91.88.248200 OK 11 kB URL HTTP/1.1 www.elmersity.com/wp-content/themes/course-builder/assets/js/libs/owl.carousel.min.js?ver=3.3.9
IP 144.91.88.248:0
File type ASCII text, with very long lines (32012)
Hash 75607c8f74faca3e71ddbaae7e2c9ce9
8188b1aed3f99a51bc5755dd82842333722d8b1e
2f064b6b8a519a58963c2a6154a35712a9d11ad78700375795883f71e3467611
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/course-builder/assets/js/libs/owl.carousel.min.js?ver=3.3.9 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Nov 2022 08:01:06 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 10996
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/themes/course-builder/assets/js/libs/theia-sticky-sidebar.js?ver=3.3.9
144.91.88.248200 OK 3.3 kB URL HTTP/1.1 www.elmersity.com/wp-content/themes/course-builder/assets/js/libs/theia-sticky-sidebar.js?ver=3.3.9
IP 144.91.88.248:0
File type HTML document text\012- HTML document, ASCII text
Hash 76be401987cf007331419f8b7bc971e9
f5a67b9fd94a26d471ea511f4c649d0776432f61
81d4ce95b90ef834ef179fd0565443d4ce7f1c0a2b1dd89e9ffa8ce4dedafc5c
GET /wp-content/themes/course-builder/assets/js/libs/theia-sticky-sidebar.js?ver=3.3.9 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Nov 2022 08:01:06 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 3329
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash ebe204f10973a82054f875476ed46855
03356283e448ea0db8e15d50b2c2bccaecddee39
98b9bcfe7c50ee00042e5f5c9c89babf25cf8d03a48cc70163f79cbae19baa87
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3947
Cache-Control: max-age=171114
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 03:58:39 GMT
Etag: "637d846e-116"
Expires: Fri, 25 Nov 2022 03:30:33 GMT
Last-Modified: Wed, 23 Nov 2022 02:24:46 GMT
Server: ECS (amb/6BC3)
X-Cache: HIT
Content-Length: 278
www.elmersity.com/wp-content/themes/course-builder/assets/js/main.min.js?ver=3.3.9
144.91.88.248200 OK 15 kB URL HTTP/1.1 www.elmersity.com/wp-content/themes/course-builder/assets/js/main.min.js?ver=3.3.9
IP 144.91.88.248:0
File type ASCII text, with very long lines (55080)
Hash c8347f7f8428ae07e54db6c9796d7aa8
75fd5aeff3c85b6bb9efb320d57a86fcd84c25e9
571abd11c3c1d43fc3781f87a0a86e1019be5d7f2bd30f370526e5f5cb6d7978
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/course-builder/assets/js/main.min.js?ver=3.3.9 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Nov 2022 08:01:06 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 15256
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/themes/course-builder/assets/js/libs/smoothscroll.min.js?ver=3.3.9
144.91.88.248200 OK 3.2 kB URL HTTP/1.1 www.elmersity.com/wp-content/themes/course-builder/assets/js/libs/smoothscroll.min.js?ver=3.3.9
IP 144.91.88.248:0
File type ASCII text, with very long lines (7422), with no line terminators
Hash 9af93249074357058bab15239e35146a
051f3e816754d5c99d536e56a5bc462e319808ae
44e1f9e7db85fcc3777253249fc749915ee93d569be22a90f6b68aeed15885c4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/course-builder/assets/js/libs/smoothscroll.min.js?ver=3.3.9 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Nov 2022 08:01:06 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 3203
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.10.0
144.91.88.248200 OK 5.7 kB URL HTTP/1.1 www.elmersity.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.10.0
IP 144.91.88.248:0
File type ASCII text, with very long lines (19831)
Hash 7d66709e463d5d1d76172106ed337717
fc4f945e2f88239ef0b491d3ce0b73a9114c839b
3d87725df960130154996b4a29923a5dabb8eed2d548cb7d31ddd8efae8fcfab
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.10.0 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Nov 2022 08:07:26 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 5659
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/plugins/thim-course-builder/elements/course-search/assets/js/course-search.js?ver=3.2.8
144.91.88.248200 OK 1.4 kB URL HTTP/1.1 www.elmersity.com/wp-content/plugins/thim-course-builder/elements/course-search/assets/js/course-search.js?ver=3.2.8
IP 144.91.88.248:0
Hash 719c8732c1337c9ef6ff5fd30c81cfc2
c6f89e131f2ecd5df2e9ad29d1194aa9d991d449
06af4f0d65538e91d1682177a5851cb098c9314f080a26e3bfdcc985b1b1af32
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/thim-course-builder/elements/course-search/assets/js/course-search.js?ver=3.2.8 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Nov 2022 08:06:31 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1396
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=7.1.0
144.91.88.248200 OK 1.2 kB URL HTTP/1.1 www.elmersity.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=7.1.0
IP 144.91.88.248:0
File type ASCII text, with very long lines (7043), with no line terminators
Hash 31c7f5f59a849e293c67edd891a0713a
9eb26a3ff5324c74de01aa1a8ca65dea4c46e14d
e11e4cb31e8ba301e7c90a7a6e440bb14473271828c5a683ae76e6bf4798d9c0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=7.1.0 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: text/css
Last-Modified: Sun, 20 Nov 2022 08:08:52 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1169
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/plugins/paid-memberships-pro/css/print.css?ver=2.9.6
144.91.88.248200 OK 86 B URL HTTP/1.1 www.elmersity.com/wp-content/plugins/paid-memberships-pro/css/print.css?ver=2.9.6
IP 144.91.88.248:0
Hash e77387958ae617db5ccdb69b2cb54496
a9b4ba56928f44121201c000967e5407425cd844
914cb6fe13efdf97379c1a2910d677144821201ff3f41b67a5a6ddb367e1a27b
GET /wp-content/plugins/paid-memberships-pro/css/print.css?ver=2.9.6 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: text/css
Last-Modified: Sun, 20 Nov 2022 08:10:19 GMT
Accept-Ranges: bytes
Content-Length: 86
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/uploads/2017/06/Half-Marathon-2014-70-1-300x300.jpg
144.91.88.248200 OK 25 kB URL HTTP/2 www.elmersity.com/wp-content/uploads/2017/06/Half-Marathon-2014-70-1-300x300.jpg
IP 144.91.88.248:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash d5b1f6bc324faff6e19dc39d99319b2b
04f91880ceea0f8f348b3edf750f9adb55e2dffe
6fdb0c4851e49a0a133b433b398ec6e48eac70cdb46d43bf75953d85b1f6cb31
GET /wp-content/uploads/2017/06/Half-Marathon-2014-70-1-300x300.jpg HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.elmersity.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:58:39 GMT
content-type: image/jpeg
last-modified: Mon, 21 Nov 2022 12:02:48 GMT
accept-ranges: bytes
content-length: 25158
date: Wed, 23 Nov 2022 03:58:39 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
X-Firefox-Spdy: h2
www.elmersity.com/wp-content/uploads/2017/09/logo-2-1.png
144.91.88.248200 OK 2.1 kB URL HTTP/2 www.elmersity.com/wp-content/uploads/2017/09/logo-2-1.png
IP 144.91.88.248:0
File type PNG image data, 131 x 45, 8-bit colormap, non-interlaced\012- data
Hash 09a82c649423bf0acf63c5f56345aeef
cd6094a00834ee709a4ccbc49e6d56535cddf23a
88a760047d1d529e598578215d402bed2695267196557398cfbd9089e84a6d12
GET /wp-content/uploads/2017/09/logo-2-1.png HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.elmersity.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:58:39 GMT
content-type: image/png
last-modified: Sun, 20 Nov 2022 08:35:31 GMT
accept-ranges: bytes
content-length: 2059
date: Wed, 23 Nov 2022 03:58:39 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
wordpresslms.thimpress.com/demo-elearning-2/wp-content/themes/wordpress-lms//assets/images/page-title/bg.jpg
172.67.74.95301 Moved Permanently 0 B URL HTTP/1.1 wordpresslms.thimpress.com/demo-elearning-2/wp-content/themes/wordpress-lms//assets/images/page-title/bg.jpg
IP 172.67.74.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /demo-elearning-2/wp-content/themes/wordpress-lms//assets/images/page-title/bg.jpg HTTP/1.1
Host: wordpresslms.thimpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Nov 2022 03:58:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 23 Nov 2022 04:58:39 GMT
Location: https://corptrain.thimpress.com/demo-elearning-2/wp-content/themes/wordpress-lms/assets/images/page-title/bg.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBdG155Tj4RFO4WZEkV5tayOcdikzZRxF7Vw229O8%2FLVJOF0ISup7nk8L%2BuQ6vPC8LqqrEkbFaBdFswrcnq6XfOZ45%2BvmBBbE3PqPGJdr8zBeGMFeaWjttIO17qEbSzWvHP9i1hh%2BwDIVgIo"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e6fcd9ed09b4f3-OSL
alt-svc: h2=":443"; ma=60
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.elmersity.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15740
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 18 Nov 2022 23:14:52 GMT
Expires: Sat, 18 Nov 2023 23:14:52 GMT
Cache-Control: public, max-age=31536000
Age: 362627
Last-Modified: Wed, 11 May 2022 19:24:56 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.elmersity.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 16 Nov 2022 20:16:47 GMT
Expires: Thu, 16 Nov 2023 20:16:47 GMT
Cache-Control: public, max-age=31536000
Age: 546112
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
www.elmersity.com/wp-content/themes/course-builder/assets/images/header2-bg.png
144.91.88.248200 OK 148 B URL HTTP/1.1 www.elmersity.com/wp-content/themes/course-builder/assets/images/header2-bg.png
IP 144.91.88.248:0
File type PNG image data, 1 x 181, 8-bit gray+alpha, non-interlaced\012- data
Hash a7429ff358d4362c60fdab43d406aec0
058da2ac8568dc0b3f2bb9183967d292d6c6284b
a8038cbe0a5edda8bdaa11a2e24cb725928fefff0576c93bfac9f512ab6a29b7
GET /wp-content/themes/course-builder/assets/images/header2-bg.png HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/wp-content/themes/course-builder/style.css?ver=3.3.9
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: image/png
Last-Modified: Sun, 20 Nov 2022 08:01:01 GMT
Accept-Ranges: bytes
Content-Length: 148
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/themes/course-builder/assets/fonts/awesome/fontawesome-webfont.woff2?v=4.7.0
144.91.88.248200 OK 77 kB URL HTTP/1.1 www.elmersity.com/wp-content/themes/course-builder/assets/fonts/awesome/fontawesome-webfont.woff2?v=4.7.0
IP 144.91.88.248:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/course-builder/assets/fonts/awesome/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.elmersity.com/wp-content/themes/course-builder/assets/css/libs/awesome/font-awesome.css?ver=6.1.1
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: font/woff2
Last-Modified: Sun, 20 Nov 2022 08:01:06 GMT
Accept-Ranges: bytes
Content-Length: 77160
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
www.elmersity.com/wp-content/uploads/2017/12/login-popup-background.jpg
144.91.88.248200 OK 69 kB URL HTTP/2 www.elmersity.com/wp-content/uploads/2017/12/login-popup-background.jpg
IP 144.91.88.248:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 853x1280, components 3\012- data
Hash 136838e7a4f24090c95ba450d109dc0b
d3d3816a096ecf2084f84c00702c009b6d6f3d4c
93c7c53b55ac6d9e6055b4b85267064a3619e909e5a34faec0430b0fcf4c4c9c
GET /wp-content/uploads/2017/12/login-popup-background.jpg HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.elmersity.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:58:39 GMT
content-type: image/jpeg
last-modified: Sun, 20 Nov 2022 08:35:35 GMT
accept-ranges: bytes
content-length: 68854
date: Wed, 23 Nov 2022 03:58:39 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
wordpresslms.thimpress.com/wp-content/uploads/2017/06/layer-138.png
172.67.74.95301 Moved Permanently 0 B URL HTTP/1.1 wordpresslms.thimpress.com/wp-content/uploads/2017/06/layer-138.png
IP 172.67.74.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/uploads/2017/06/layer-138.png HTTP/1.1
Host: wordpresslms.thimpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Nov 2022 03:58:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 23 Nov 2022 04:58:39 GMT
Location: https://corptrain.thimpress.com/wp-content/uploads/2017/06/layer-138.png
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUNIhATZbtF15e8OhuKl0rjjFBL4UpCcY6LZQUEG6CcbH0huVDyzi5eeZh%2Fg7P69flBO1wqYqjb1rTY%2Bk40Z0VT5kLgjP5Gaxb8X0Lx0UUBCaABqo0uGbEfHPyiGwgshz%2BSBngWnfKkOwPe0"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e6fcda6d2fb4f3-OSL
alt-svc: h2=":443"; ma=60
wordpresslms.thimpress.com/wp-content/uploads/2017/06/layer-131.png
172.67.74.95301 Moved Permanently 0 B URL HTTP/1.1 wordpresslms.thimpress.com/wp-content/uploads/2017/06/layer-131.png
IP 172.67.74.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/uploads/2017/06/layer-131.png HTTP/1.1
Host: wordpresslms.thimpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Nov 2022 03:58:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 23 Nov 2022 04:58:39 GMT
Location: https://corptrain.thimpress.com/wp-content/uploads/2017/06/layer-131.png
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QCdHY%2FL%2BXqsFG7HbcyvRfWLl6ylFDq%2FNcuavARKJhxmIOGHAr2sCqtBS4H4RfJ1gWdXwBKGm1NGuW355YB86b6RhDomLk99H7yZ5bCUf%2FG7l%2BRyQ0D618ELCd3TejzM%2BYVZBB5ueQZHVaFj5"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e6fcda6a300b41-OSL
alt-svc: h2=":443"; ma=60
www.elmersity.com/wp-content/themes/course-builder/assets/fonts/ionicons/ionicons.ttf
144.91.88.248200 OK 109 kB URL HTTP/1.1 www.elmersity.com/wp-content/themes/course-builder/assets/fonts/ionicons/ionicons.ttf
IP 144.91.88.248:0
File type TrueType Font data, 15 tables, 1st "FFTM", 14 names, Macintosh\012- data
Size 109 kB (109188 bytes)
Hash dd0f9f2b8276e5dba2c6263792a03c56
3def20cac583e3bc367b3626608bd0f1f91aabe7
5e7ac037f8b9deedaa097a6ce952c75521cc92a5682022ff0b332227e50c9efd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/course-builder/assets/fonts/ionicons/ionicons.ttf HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/wp-content/themes/course-builder/assets/css/libs/ionicons/ionicons.css?ver=6.1.1
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 30 Nov 2022 03:58:39 GMT
Content-Type: font/ttf
Last-Modified: Sun, 20 Nov 2022 08:01:04 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 109188
Date: Wed, 23 Nov 2022 03:58:39 GMT
Server: LiteSpeed
corptrain.thimpress.com/demo-elearning-2/wp-content/themes/wordpress-lms/assets/images/404.png
104.26.4.142200 OK 7.8 kB URL HTTP/2 corptrain.thimpress.com/demo-elearning-2/wp-content/themes/wordpress-lms/assets/images/404.png
IP 104.26.4.142:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d29ce84971c1615748dfb4bff409fd19
fc6dc38d03809d72c1861606de0065625daebf38
ab1ede904eccd3781ae0c5f9c4d650fd3967ff6ad589962eac49aeaf83d45e28
GET /demo-elearning-2/wp-content/themes/wordpress-lms/assets/images/404.png HTTP/1.1
Host: corptrain.thimpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.elmersity.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 03:58:40 GMT
content-type: image/webp
content-length: 7750
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=32790
content-disposition: inline; filename="404.webp"
vary: Accept
access-control-allow-origin: *
etag: "6278d778-8016"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 09 May 2022 08:57:28 GMT
x-powered-by: EasyEngine v4.1.5
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cIl6tKC5OUZ7Qf%2BYAVFJbO4Na8qGAG00IFLhuW6pgJPQdPZ%2B3n0ordCOR0p7kSnYJH%2FAY7T%2BshXm1W468kO8d5QHSadW6eQJTrUvXdMJ64Er5ZxThRZGcixpyOctwQ9GfFth7%2B1gkcAQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e6fcd91935b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash ebe204f10973a82054f875476ed46855
03356283e448ea0db8e15d50b2c2bccaecddee39
98b9bcfe7c50ee00042e5f5c9c89babf25cf8d03a48cc70163f79cbae19baa87
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3948
Cache-Control: max-age=171114
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 03:58:40 GMT
Etag: "637d846e-116"
Expires: Fri, 25 Nov 2022 03:30:34 GMT
Last-Modified: Wed, 23 Nov 2022 02:24:46 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
corptrain.thimpress.com/demo-elearning-2/wp-content/themes/wordpress-lms/assets/images/page-title/bg.jpg
104.26.4.142200 OK 223 kB URL HTTP/2 corptrain.thimpress.com/demo-elearning-2/wp-content/themes/wordpress-lms/assets/images/page-title/bg.jpg
IP 104.26.4.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2560x720, components 3\012- data
Size 223 kB (223172 bytes)
Hash 5a7dc4ed0834d030a3170ce5070c624c
2c5a5e293319cc48770fac6a70380fd5199a052e
e1e04d41fe05842ffb54325ca99c3a38f14309605a5565cd615d015119211b70
GET /demo-elearning-2/wp-content/themes/wordpress-lms/assets/images/page-title/bg.jpg HTTP/1.1
Host: corptrain.thimpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.elmersity.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 03:58:40 GMT
content-type: image/jpeg
content-length: 223172
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
access-control-allow-origin: *
etag: "6278d778-367c4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 09 May 2022 08:57:28 GMT
x-powered-by: EasyEngine v4.1.5
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i7h0BHRayO4KOVdEIK7V%2FCgqVn5N8P9Vhusp0%2FqB%2Fg%2FF1F%2FidkloLIoRqAbEvBLP%2FC0j6tJXWdngIJ2wOJ8Vz3Hlgm8knnfkVZffHq9KPFvNQXn%2FLsQTi0Rm0%2BxjQ%2Bxo66y3zJwGTg57"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e6fcdaaa7fb506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
corptrain.thimpress.com/wp-content/uploads/2017/06/layer-138.png
104.26.4.142200 OK 1.2 kB URL HTTP/2 corptrain.thimpress.com/wp-content/uploads/2017/06/layer-138.png
IP 104.26.4.142:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9f6013134b5d248403a6baaf5d300879
0cdad578203f588ba6143c57d4088970efdc1fcc
ea26ae84f70160438026d1c1ca120c2989475e4854e20052a302142d6e92ec96
GET /wp-content/uploads/2017/06/layer-138.png HTTP/1.1
Host: corptrain.thimpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.elmersity.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 03:58:40 GMT
content-type: image/webp
content-length: 1198
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1557
content-disposition: inline; filename="layer-138.webp"
vary: Accept
access-control-allow-origin: *
etag: "5b63c37e-615"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 03 Aug 2018 02:52:46 GMT
x-powered-by: EasyEngine v4.1.5
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FpPCceyrfnsxARt%2BPD0WiHjPBCYoiqr0qOK5yDeUzDm90NZpOxW4DroRekRvNES6e3yxfp3hY0063hIGFWKb4PVmnBSypx6q9cBmwozDOs1N0kaD1WrTNdzePrEe2b4z5WTBEv4pq9uu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e6fcdb3aa7b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
corptrain.thimpress.com/wp-content/uploads/2017/06/layer-131.png
104.26.4.142200 OK 1.6 kB URL HTTP/2 corptrain.thimpress.com/wp-content/uploads/2017/06/layer-131.png
IP 104.26.4.142:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3f3a6ea7ffc1aed665334b6f00e7ff63
ae3cfc670ead8b453038df8828806b74fbe78ed0
09780cc9d15492121bb1ba0d270e7c1a0b3a8d50f1f23274368a0a4225a5a5e8
GET /wp-content/uploads/2017/06/layer-131.png HTTP/1.1
Host: corptrain.thimpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.elmersity.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 03:58:40 GMT
content-type: image/webp
content-length: 1600
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=2349
content-disposition: inline; filename="layer-131.webp"
vary: Accept
access-control-allow-origin: *
etag: "5b63c37e-92d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 03 Aug 2018 02:52:46 GMT
x-powered-by: EasyEngine v4.1.5
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fGcfmSavFIi7mW%2B8rgJERgTpfg4Vt9mz6Toi7%2BkGvLeFiXOLidyTDXP%2BvWxb6LS3HLPvdR0rcnMfmE4Shr40qARrVNDiAuygQQFquq5bbbO3f7iiXQUH8TjmKH99nd%2FEAUDZfpY6a%2FS3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e6fcdb3aa9b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.elmersity.com/favicon.ico
144.91.88.248404 Not Found 1.2 kB URL HTTP/1.1 www.elmersity.com/favicon.ico
IP 144.91.88.248:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash de7225068c8ecb2c24a41d00bf84c1b9
02144152cd8a4423ea135d82c7259e05e9656d3d
79ce4e2bbf25c4a4d91458d191d6ef268b4592169ae6586ba52242f412670b5d
GET /favicon.ico HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1; undefined=overview
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 1237
Date: Wed, 23 Nov 2022 03:58:40 GMT
Server: LiteSpeed
www.elmersity.com/?wc-ajax=get_refreshed_fragments
144.91.88.248200 OK 204 B URL HTTP/1.1 www.elmersity.com/?wc-ajax=get_refreshed_fragments
IP 144.91.88.248:0
File type JSON data\012- , ASCII text, with very long lines (304), with no line terminators
Hash a3a7f9953493401d23f2359f639a5d54
075cfe743e49b2fc81b6054f2162b2fe8b420d1d
09500e9eac2e5dd61e18d0494f2df8a4d5437467e6560cb3f42294e2b6283536
Analyzer Verdict Alert fortinet Phishing
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: www.elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: http://www.elmersity.com
Connection: keep-alive
Referer: http://www.elmersity.com/public/aNf1Tq7fcPPeyKM586jBHZueSoX3aSXW
Cookie: PHPSESSID=k6mvgam048vi5kef8h61enogg5; pmpro_visit=1
HTTP/1.1 200 OK
Connection: Keep-Alive
X-Powered-By: PHP/8.0.15
Pragma: no-cache
Set-Cookie: _learn_press_session_ad4c38e4735d68a86d5927532d21fb76=8a9fa92c0b5f7afc56c1d14089c7403b%7C%7C1669348720%7C%7Ce487ca15e0b7cb5cdb1abf11a931c455; expires=Fri, 25-Nov-2022 03:58:40 GMT; Max-Age=172800; path=/; secure; HttpOnly
_wordpress_lp_guest=267b7feda5677fb48589c3a2cea1a748; expires=Wed, 23-Nov-2022 04:58:40 GMT; Max-Age=3600; path=/; secure
Access-Control-Allow-Origin: http://www.elmersity.com
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
Content-Type: application/json; charset=UTF-8
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Length: 204
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Wed, 23 Nov 2022 03:58:40 GMT
Server: LiteSpeed