firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 09 Sep 2022 05:58:08 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: e62K-ZRTPkmt2PR2Bnke8BYjAiiKLyHW3cbfw1Dp6rk5AQS6WoCGdw==
Age: 1086
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f55e483f32b3fd50b1a2414aaada9b61
9d6b22edb98866e002e3b1ace44dfb0f8d00935f
4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12254
Expires: Fri, 09 Sep 2022 09:40:28 GMT
Date: Fri, 09 Sep 2022 06:16:14 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7djMtFe5W6XmsQCd7NRxa3CDAdWHj_RhlSavJjtVxXJ_GNpsEOCfIw==
age: 8980
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 06:16:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
68.178.245.75301 Moved Permanently 0 B URL HTTP/1.1 primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /ab/app/seleccione_medio_de_codigo_loading.php HTTP/1.1
Host: primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Sep 2022 06:16:14 GMT
Server: Apache
X-Powered-By: PHP/7.4.30
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
Vary: Accept-Encoding
Content-Length: 0
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 09 Sep 2022 05:56:07 GMT
Cache-Control: max-age=3600
Expires: Fri, 09 Sep 2022 06:26:02 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qEqxgAvtoaDFyYODaMUE4vb-AcXOIKkBTo8A-vRfTFE4f4hT4L01JQ==
Age: 1207
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 042105f89c8d64b470d84e052cd412d1
a26c7e2559b3760ea2765b16a3f8d1be27f5dcf4
fadb8cdd22f4d7773d5c20d576f6400ab25e20e1efe3e3fe50d2ae39ca6f2725
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5946
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 06:16:14 GMT
Last-Modified: Fri, 09 Sep 2022 04:37:08 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.38.146.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.146.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qsMXkMNRcrKpkA1+WT8C0w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: i5mZG+5XsWi8uFPYCZKqOP93bHk=
fonts.googleapis.com/css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular&subset=latin%2Clatin-ext
142.250.74.10200 OK 804 B URL HTTP/1.1 fonts.googleapis.com/css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular&subset=latin%2Clatin-ext
IP 142.250.74.10:0
Hash 7966bec00163c02ba09fa3fed6777252
e94154da6260b8b5ececf0d9c7bb9a9c8e825814
608ca701cee1c64547bb7a59d6545a9cef3c69d838086bb563315fde18c35325
GET /css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 09 Sep 2022 06:16:15 GMT
Date: Fri, 09 Sep 2022 06:16:15 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 54f9e2ed11c19f565afc5d45d2f1e499
5c933cf89e4be594a152d7b1aa7bed6ab42169df
1deae88857366dba09c5e498d9067529377741b3c51b711b4adb88d861f58718
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 06:16:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-116677182-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-116677182-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash fc81c5fadbdc1c99c3698ddb1d683e4b
2f8153055beeb8ff658a115a412dcef3042aea0f
d480e2c53f12ac8867965100ed91b183fc5da4eede31190a807bddbc21805582
GET /gtag/js?id=UA-116677182-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.primeratemerchant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Sep 2022 06:16:15 GMT
expires: Fri, 09 Sep 2022 06:16:15 GMT
cache-control: private, max-age=900
last-modified: Fri, 09 Sep 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41922
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
68.178.245.75404 Not Found 56 kB URL HTTP/1.1 www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2701), with CRLF, LF line terminators
Hash e8a1018ac2eb38c3eb12bb208e89a414
3a36f48ae44c462103a62a6b7dee18e429ed7d69
5bcf001fd45b50e4c441d4c643ec2bb67ccea3e97c1986463f3196d4d4e3ac89
Analyzer Verdict Alert fortinet Phishing
GET /ab/app/seleccione_medio_de_codigo_loading.php HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Date: Fri, 09 Sep 2022 06:16:14 GMT
Server: Apache
X-Powered-By: PHP/7.4.30
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.primeratemerchant.com/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Keep-Alive: timeout=5
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 86354a78c1da4ea13a932216048b2abf
ade657780508cffa8655f7cab6492dc25a79f0d2
458dbf1fcc4ef14e78b991b2f906704b4d27a985d2feb500bb5e5f832232887b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 06:16:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.primeratemerchant.com/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.7.0
68.178.245.75200 OK 3.9 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.7.0
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
Hash c55e3099316351744a6f7b77ac4c05a2
e19ee1edc59188e0c5bf52f6fb15f7af4d198bfb
25d379899748b5f33178f5ed8124359591c40a5d4ba3ea3c0c16544f1db323b5
GET /wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.7.0 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 13 Mar 2018 21:53:02 GMT
ETag: "4020f31-528d-5675248540b80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3876
Keep-Alive: timeout=5
Content-Type: text/css
www.primeratemerchant.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.7.1
68.178.245.75200 OK 9.6 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.7.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (5178), with CRLF line terminators
Hash 3c7f295d5d0c4ae7fc2a952a15e52955
bffc889b83980ff7072302b6a9a259995a71869e
69abe3628e56319b88059ce432fcc943a086d3b203aa396534ec46ca527f43dc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.7.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 13 Mar 2018 21:37:34 GMT
ETag: "3d61086-9b4b-567521103e380-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9552
Keep-Alive: timeout=5
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 54f9e2ed11c19f565afc5d45d2f1e499
5c933cf89e4be594a152d7b1aa7bed6ab42169df
1deae88857366dba09c5e498d9067529377741b3c51b711b4adb88d861f58718
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 06:16:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6LfDnTkbAAAAAFzziF_Nnuciut2ZFl3p1566m3BQ&ver=3.0
142.250.74.164200 OK 585 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LfDnTkbAAAAAFzziF_Nnuciut2ZFl3p1566m3BQ&ver=3.0
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash ec3ab99d8ee0022cd3f0691698ed4478
7585248e7ba4723ca3acdb96bdc740ab091dfadf
3305b0d10d3e848d98619f831f25b158c377857d2131a3f6a4254182888dcfdc
GET /recaptcha/api.js?render=6LfDnTkbAAAAAFzziF_Nnuciut2ZFl3p1566m3BQ&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.primeratemerchant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 09 Sep 2022 06:16:15 GMT
date: Fri, 09 Sep 2022 06:16:15 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.primeratemerchant.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
68.178.245.75200 OK 4.2 kB URL HTTP/1.1 www.primeratemerchant.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:15 GMT
Server: Apache
Last-Modified: Wed, 18 Nov 2020 09:06:06 GMT
ETag: "3ce260b-2bd8-5b45debe27b80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4169
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.7.0
68.178.245.75200 OK 3.4 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.7.0
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (23514)
Hash 40168b46aaee868241d021cd042235dc
f11524f28087e903c5a21facf4a335de1de4ae15
abb80664a5e03871c9b6e813b83a14b97469070bc6706f91f04e6dcb0c316dff
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.7.0 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:15 GMT
Server: Apache
Last-Modified: Tue, 13 Mar 2018 21:53:02 GMT
ETag: "4020f2d-5d17-5675248540b80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3396
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js?ver=1.19.0
68.178.245.75200 OK 40 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js?ver=1.19.0
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (32006)
Hash 6f66844d190c1ce88980c73d23de1905
b21fec004cdfc8dc64e4a462876cc8914742de46
9d135b7d3b48668fb2b6d304dd6b20c5f5bec72f8f4448851222166d7bb1db8a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js?ver=1.19.0 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 13 Mar 2018 21:53:02 GMT
ETag: "4020f2e-1cb35-5675248540b80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 39570
Keep-Alive: timeout=5
Content-Type: application/javascript
www.primeratemerchant.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
68.178.245.75200 OK 31 kB URL HTTP/1.1 www.primeratemerchant.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65451)
Hash b50f63138863c21ee4dd2fd747d0eaee
24e2e53e39b5980f3021ad881f477387610fbfb6
a3810469de465100b039f38a6e39a83c11a1de3b4259b3028b2b85338770100c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.5.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 07 Oct 2020 16:33:25 GMT
ETag: "3ce2613-15d98-5b11746475f40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30916
Keep-Alive: timeout=5
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.7.1
68.178.245.75200 OK 38 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.7.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (27287), with CRLF line terminators
Hash b3f6ae7f52e3ddf070f5feabadc734bf
dac54ab898bdcf072dbdbbde6f9510a297fe0a77
cdefb165539978a80a9f42c532f89ca421cf95ee58a1ac1a60704b7985b8301e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.7.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:15 GMT
Server: Apache
Last-Modified: Tue, 13 Mar 2018 21:37:34 GMT
ETag: "3d6107f-1afe3-567521103e380-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 38335
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.7
68.178.245.75200 OK 4.7 kB URL HTTP/1.1 www.primeratemerchant.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.7
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (11272)
Hash 9c26256ee738b510ab56c09607a7286f
197327c8d1cd72ce8d335fc0b8b007ddca60191d
cfe161d7b5764e21a1e8ea764f4a0c0da41f1aba16bb8329bd11acbc7a156e4b
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.7.7 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:15 GMT
Server: Apache
Last-Modified: Wed, 06 Jan 2021 15:29:24 GMT
ETag: "3ce26a3-3795-5b83cfce57d00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4662
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/plugins/cf7-redirection/js/wpcf7-redirect-script.js
68.178.245.75200 OK 867 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/plugins/cf7-redirection/js/wpcf7-redirect-script.js
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
Hash 89763009613371867caebc3620f72dca
a5a03fe608825f76db8616b4ea598ceabdeaa61c
c557140f351e473f4dbb5a761574edb3218cb09a3bcd0f5f4a683ac7e9c924cd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cf7-redirection/js/wpcf7-redirect-script.js HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:15 GMT
Server: Apache
Last-Modified: Wed, 07 Jul 2021 18:37:01 GMT
ETag: "4020297-8fc-5c68cd2fbed40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 867
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
68.178.245.75200 OK 34 kB URL HTTP/1.1 www.primeratemerchant.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (34729), with NEL line terminators
Hash b997c3b6fc35923443dd6dcc360e920e
aa470c21b5ae916b986a022e4bd7f42670d72381
d8a171bcb9c7360ecbb08248184892a5aca2c27ba83d62778e36f507c76cef29
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:15 GMT
Server: Apache
Last-Modified: Mon, 29 Jun 2020 11:50:29 GMT
ETag: "3ce2663-183ee-5a937aa4cab40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 34241
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/uploads/2022/02/Prime-merchant2-logo-1.png
68.178.245.75200 OK 12 kB URL HTTP/2 www.primeratemerchant.com/wp-content/uploads/2022/02/Prime-merchant2-logo-1.png
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 300 x 56, 8-bit/color RGBA, non-interlaced\012- data
Hash 49d76b8eda4df7867e9865c3abe57b7c
212a5a13ac8b2c7a1f57e82f610c8c8cf1113a64
6246001055eddb85c011c673431e04ada3102d38489d43bb6e971beadaf8ce69
GET /wp-content/uploads/2022/02/Prime-merchant2-logo-1.png HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.primeratemerchant.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 26 Feb 2022 17:41:18 GMT
etag: "402022e-2d5b-5d8ef529f2c8f"
accept-ranges: bytes
content-length: 11611
content-type: image/png
date: Fri, 09 Sep 2022 06:16:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.primeratemerchant.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.7.1
68.178.245.75200 OK 18 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.7.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (64567), with CRLF line terminators
Hash 2f287b04043eea548856b25652c26841
ef341d6545bfe2bb12bbc12666bb548021fe7cb7
8c50b22a780d5ef9d47be2c79bbe9437a18cce742324a099d03b69b927f45c06
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.7.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:15 GMT
Server: Apache
Last-Modified: Tue, 13 Mar 2018 21:37:34 GMT
ETag: "3d61081-fd88-567521103e380-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17984
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.7.0
68.178.245.75200 OK 44 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.7.0
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65335)
Hash 62a25e2d75f76ab37c1b5497fd018d16
10ef661e0db5196bc8b6f79468f5d4c7ef1e71cc
cf739214ddb47ff3f41a81ff2799a711c418ce83e1ec6b64478568c24dcabc20
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.7.0 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:15 GMT
Server: Apache
Last-Modified: Tue, 13 Mar 2018 21:53:02 GMT
ETag: "4020f2c-1c773-5675248540b80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 43947
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4.1
68.178.245.75200 OK 1.5 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (4106), with no line terminators
Hash df2a8ef97eebaad77b553076d1c0e1ce
d11e6a81001f91ddd0f99381c478b3297a4637cd
327cd5099c41b61eaa9ee0d4beb57c0e543cfad3d2be34b0997320bfb1730046
GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Wed, 16 Jun 2021 21:34:08 GMT
ETag: "4020db0-100a-5c4e8d9bc3400-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1502
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-includes/js/wp-embed.min.js?ver=5.7.7
68.178.245.75200 OK 765 B URL HTTP/1.1 www.primeratemerchant.com/wp-includes/js/wp-embed.min.js?ver=5.7.7
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1391)
Hash fe875afb236ee8f0d50040fe58d848d4
e6b1b67093b429c95d5b9db07a7eba39e02cf0e5
328a6a072b91134f2802ae25e070f38ff156ceee2c6ec6a6253ae4b27af73b49
GET /wp-includes/js/wp-embed.min.js?ver=5.7.7 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Wed, 06 Jan 2021 15:29:24 GMT
ETag: "3ce26f6-592-5b83cfce57d00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 765
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.5
68.178.245.75200 OK 2.6 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.5
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (6210), with no line terminators
Hash dfcc74301f163fabd32e3256b91ba54e
3e861de3c9a7d5638eb7da2274f50274cde6cc0c
0611e07de6e96239da5373ee60ec187406e535614413b431c823fa3c21ecf8d7
GET /wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.5 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Wed, 16 Jun 2021 21:45:10 GMT
ETag: "40202c4-1842-5c4e901318580-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2559
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/modernizr.js?ver=3.3.1
68.178.245.75200 OK 5.1 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/modernizr.js?ver=3.3.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (12991), with no line terminators
Hash a0d8e61a86acfd34c823df6c4badc5a3
fb00037bab11581b913967e55d28ae943f507d61
c95bdcc03231c08f282387f7616ba2975ce8294c06bea93aa3d756397b2cc2e5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/modernizr.js?ver=3.3.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41dd3-32bf-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5086
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-column-bg-image.js?ver=1
68.178.245.75200 OK 784 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-column-bg-image.js?ver=1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (2231), with no line terminators
Hash f15756ffb7e921913d47d0d955c2b547
cf23dc2612041234de50085be3acd44dc0e6369a
49efb84d6ece63b3d322ffbf8a6863f19198848b5597295f01f1a7299b1ebdc0
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-column-bg-image.js?ver=1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:34:35 GMT
ETag: "402058e-8b7-5c0a80c2f04c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 784
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ede92f781233f857c299e00d2090aeba
b7296da3b0981e9c1937bf8ebc73d5138c5fa19a
16a97da8a523d4cb06430ff26d026d14377c888e5e80a78937afba38fded3122
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 06:16:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/cssua.js?ver=2.1.28
68.178.245.75200 OK 1.5 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/cssua.js?ver=2.1.28
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (3344), with no line terminators
Hash 37fc75887c0fa5d78ce3b556e51120bf
a44495eb12fd0b174282a810266fc92075fbe1a8
68ed74321bad917a33ef6e0c273d716a023f02b300a7d34bcaa67765df812104
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/cssua.js?ver=2.1.28 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41dde-d10-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1498
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.waypoints.js?ver=2.0.3
68.178.245.75200 OK 2.6 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.waypoints.js?ver=2.0.3
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (8833), with no line terminators
Hash 8eae25fc5fbc596cab180abd12f4c420
0318f249782999532a4f8a06444a0834b3f64499
c4ade84946f1c24693bd3e9e2f2307220e828659860313644a78523ee2d22dc0
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.waypoints.js?ver=2.0.3 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41ddd-2281-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2606
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-waypoints.js?ver=1
68.178.245.75200 OK 250 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-waypoints.js?ver=1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (381), with no line terminators
Hash ce76d7531184bf0b57bebd289fb7d42c
51f7a0f643501e393a8ecb658912f3b55eecfd33
46997de0a62465e85e421cbd4997bf92fd73398248f2523e8cf04ebe028e8794
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-waypoints.js?ver=1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41dab-17d-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 250
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6931
Expires: Fri, 09 Sep 2022 08:11:47 GMT
Date: Fri, 09 Sep 2022 06:16:16 GMT
Connection: keep-alive
www.primeratemerchant.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-animations.js?ver=1
68.178.245.75200 OK 579 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-animations.js?ver=1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1374), with no line terminators
Hash 784d4ff7ce46aa09ad6e2c7d37f5f68b
47fb707b4f9062af5ea78acbe8ecf862f7e071bc
dfccb8946c76d13aac7284612e3482381d9b6006942ccf50f4cf2b653d47dbe6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-animations.js?ver=1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:34:35 GMT
ETag: "4020578-55e-5c0a80c2f04c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 579
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe94f950b-af66-4803-868a-b00031195100.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe94f950b-af66-4803-868a-b00031195100.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7d3752fb9bfaa323218e5a7b93aa5c6
08b4d519a099b04a9f1515377d02e51575f3321f
fa33f2240aea7395b0be62683743523beb1f0f11cb390f4d532e3474610a812c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe94f950b-af66-4803-868a-b00031195100.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7646
x-amzn-requestid: 1f48393e-8665-4591-a2a6-07953a68bb16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YEaGTGwdIAMF47A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63180a28-1116d4bf11e2133503ac1429;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 03:04:08 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: S1y8if_u-ZqeKT0Wx9eyOaKNOmhcaydzfxwQeBQ-hArLtQG6ckJ8EQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 03:38:26 GMT
age: 9470
etag: "08b4d519a099b04a9f1515377d02e51575f3321f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c7c5434-1873-4130-a7ce-78209ce54bf0.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c7c5434-1873-4130-a7ce-78209ce54bf0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 15249f3dafdd1690bc87ebb4fa6d518d
f930fcb22325e28592bc39b0b1974f5197c19afd
a0b9e88c78e85a037363e0b0e4e03478718f8715fe69e72bfd159922eca28301
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c7c5434-1873-4130-a7ce-78209ce54bf0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10950
x-amzn-requestid: 435fc2f4-fbcb-4eec-81d8-a23154dcec61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YFUwZEfvIAMFjCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63186802-2348a4000430702d4e9ea132;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 09:44:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ORlM8dFTc_iThvJghFakY86D3ToJ5TCmP8Ip2PcvXCCkSKKHpWQ0Zw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:04:02 GMT
age: 29534
etag: "f930fcb22325e28592bc39b0b1974f5197c19afd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6931
Expires: Fri, 09 Sep 2022 08:11:47 GMT
Date: Fri, 09 Sep 2022 06:16:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6931
Expires: Fri, 09 Sep 2022 08:11:47 GMT
Date: Fri, 09 Sep 2022 06:16:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F134e6c5d-5cc9-4c6a-9a5c-5703f2809918.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F134e6c5d-5cc9-4c6a-9a5c-5703f2809918.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee9340025af774eed83fa3ae0ebb4b65
b868b62d5f2bc802c565d35ea59e200aaf6ab986
729127258be88fe97e4c777b08ba709900028c41a052b6868cab515e545e8c56
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F134e6c5d-5cc9-4c6a-9a5c-5703f2809918.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4776
x-amzn-requestid: 49312697-395a-4058-8899-0203e69bf26b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDU5jHA_IAMFhkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63179b70-7b17771e456072e87327ff23;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 19:11:44 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: -cYK4EezC3z14SwCy_1oIM5MuqfBtoiQAErl-h4t7sT1vajRvoBX1A==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:06:24 GMT
age: 29392
etag: "b868b62d5f2bc802c565d35ea59e200aaf6ab986"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.primeratemerchant.com/wp-content/uploads/fusion-styles/c7c7ab11701bab44ec84d24c4510eaba.min.css?ver=3.3.1
68.178.245.75200 OK 503 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/uploads/fusion-styles/c7c7ab11701bab44ec84d24c4510eaba.min.css?ver=3.3.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/fusion-styles/c7c7ab11701bab44ec84d24c4510eaba.min.css?ver=3.3.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 01 Mar 2022 14:52:07 GMT
ETag: "4600024-12f64f-5d9294f19020e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5
Transfer-Encoding: chunked
Content-Type: text/css
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc935f3d1-f1ad-4753-8e03-988c366f974f.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc935f3d1-f1ad-4753-8e03-988c366f974f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 356d258ee8fe7dd3a49d6e910ad4e6d1
69582548ae31d56ebd4a140e000ae6ab1a6a399b
32394386d1762e03f6ee1cbc5c6ed40a0a745745da646d8879fc8b59a089b887
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc935f3d1-f1ad-4753-8e03-988c366f974f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7787
x-amzn-requestid: 3dba260f-c87d-40ac-b840-ec3ce2f315d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKRjNF5RIAMFncA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a62e1-5e73894d42ccca495868d250;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:47:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: zrQLwxeZFERUfVE9TRzCEiDp1VX--enE-R7_gjebT-8VyW4lkDVstg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:57:04 GMT
age: 29952
etag: "69582548ae31d56ebd4a140e000ae6ab1a6a399b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6931
Expires: Fri, 09 Sep 2022 08:11:47 GMT
Date: Fri, 09 Sep 2022 06:16:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93fb3e60-781f-438a-8602-d6632160df67.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93fb3e60-781f-438a-8602-d6632160df67.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 90fc2601a0ca4581ebc880dd11408bda
b50cbeafea3f65610cff83f3946c2452fa70e191
6f72acb93226b6772a6afb6893d95379a448cda4a3e86f8a88e7f05526c1eea4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93fb3e60-781f-438a-8602-d6632160df67.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4014
x-amzn-requestid: 28c3042e-24ab-44c5-b838-f8d1c0c5955e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIqqKEyUIAMFbgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6319be40-3a9997121c9585884eecf245;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 10:04:48 GMT
x-amz-cf-pop: SFO5-C3, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 6n0-pAX6Wp1YJQ75dJgPhJ-HEHNIcl38MZ1eiKHuyDxnvWRYvXiLpA==
via: 1.1 2ac6b2644462a8466362b046856a127e.cloudfront.net (CloudFront), 1.1 ca66331b52971370c4e54619e8a952cc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:49:26 GMT
age: 41721
etag: "b50cbeafea3f65610cff83f3946c2452fa70e191"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg
34.120.237.76200 OK 3.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0078c7a407144a1ede33aef6f734eecf
113393e0dbabb3aff949d19ab6517ba1082b622d
42afcaf15e45dfa9aff14f59f69d60a3de127005e35783d2d35a4cfa652b57b3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3125
x-amzn-requestid: 5820e798-6469-40f9-8d70-ee71f1a163b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLM5GGQAoAMF8eQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ac1d3-3a0e9db848ea7ab145f1cffa;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 04:32:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: eZaKpjBYe3Qn7vs3zF52Cxob-xu3LMFs8esQAu6Lp6bzM0aOEHoXVg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 04:32:20 GMT
etag: "113393e0dbabb3aff949d19ab6517ba1082b622d"
content-type: image/jpeg
age: 6236
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion.js?ver=3.3.1
68.178.245.75200 OK 1.4 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion.js?ver=3.3.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (3759), with no line terminators
Hash e4843e63f083e3ac259cee553f01ea44
68fbb5e48923a0adc65d93a197d407c2a1653ffc
1c02e9ba787b2520ede7689e149fb1457696d11eb6cec37760fcad17d692abfc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion.js?ver=3.3.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41dbc-eaf-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1365
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/isotope.js?ver=3.0.4
68.178.245.75200 OK 9.6 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/isotope.js?ver=3.0.4
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (34773), with no line terminators
Hash d786294b466e80ea34a60068379abcd9
815c44cb540efb5ebe66dd345b61fbb4f1c12859
238c1ebae671faf078c795440464377b2c7f81e2386f3507fd0dd5857cd14f03
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/isotope.js?ver=3.0.4 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41ddb-87d5-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9619
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/packery.js?ver=2.0.0
68.178.245.75200 OK 4.1 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/packery.js?ver=2.0.0
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (13723), with no line terminators
Hash 3e390e9e9125b1813278f3664c417caa
f5a36c8af53cc055321e44032e311d4685866672
8ac747a3636de6d1fe854767f0890551a4054f221c23c383aff3d2b916011324
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/packery.js?ver=2.0.0 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41dc5-359b-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4124
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.transition.js?ver=3.3.6
68.178.245.75200 OK 373 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.transition.js?ver=3.3.6
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (741), with no line terminators
Hash 0287f860a8c842bd15caea306aeae882
78fd117d49d7ee7aa8f57809902a190b16fe6040
b59b5dbbb13c25fbd8177298e3960a218c5034c076d4f840958540947896ae22
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.transition.js?ver=3.3.6 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41dce-2e5-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 373
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 61961ee76ab6c28f6e17eb7a1df4a3ea
ab4e8c9c284a0eed6b2fab77c9df432839158b3a
9e3bec23cc8ea49ab4e3a3a244a428c59e6c48c80359c473155584807ba0de41
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 06:16:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 61961ee76ab6c28f6e17eb7a1df4a3ea
ab4e8c9c284a0eed6b2fab77c9df432839158b3a
9e3bec23cc8ea49ab4e3a3a244a428c59e6c48c80359c473155584807ba0de41
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 06:16:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/mulish/v10/1Ptvg83HX_SGhgqk3wot.woff2
142.250.74.163200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/mulish/v10/1Ptvg83HX_SGhgqk3wot.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 27420, version 1.0\012- data
Hash 008898cbb48d8012cdddbadd737f8e2b
aaba9527a04ff4a3fea11f435edb13b172b4338c
0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa
GET /s/mulish/v10/1Ptvg83HX_SGhgqk3wot.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.primeratemerchant.com
Connection: keep-alive
Referer: http://www.primeratemerchant.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27420
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 08:57:23 GMT
expires: Fri, 08 Sep 2023 08:57:23 GMT
cache-control: public, max-age=31536000
age: 76733
last-modified: Thu, 03 Feb 2022 00:16:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.easing.js?ver=1.3
68.178.245.75200 OK 750 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.easing.js?ver=1.3
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (2283), with no line terminators
Hash ec119155ac6f07ffa465e09b7d1470cd
fef5d19b11a9b3693dd3202681b7cc393081fb99
2edee4e6a84e0b13d90ee6882cf7071f8b6d42f5718a10c8f186c2397f2901b1
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.easing.js?ver=1.3 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41dcc-8eb-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 750
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.tooltip.js?ver=3.3.5
68.178.245.75200 OK 3.8 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.tooltip.js?ver=3.3.5
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (10862), with no line terminators
Hash 2b897ffb697e54a3d3adf6967bf2e0dc
9b02310f51341d49ef8bdcb8adfac2b8d6e73dff
865b8edbeee4d1a431c3a502ca53c4bb42aaf59a9b95071539524788e3de5f37
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.tooltip.js?ver=3.3.5 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41dda-2a6e-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3831
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 61961ee76ab6c28f6e17eb7a1df4a3ea
ab4e8c9c284a0eed6b2fab77c9df432839158b3a
9e3bec23cc8ea49ab4e3a3a244a428c59e6c48c80359c473155584807ba0de41
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 06:16:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/nothingyoucoulddo/v13/oY1B8fbBpaP5OX3DtrRYf_Q2BPB1SnfZb3OOnVs.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/nothingyoucoulddo/v13/oY1B8fbBpaP5OX3DtrRYf_Q2BPB1SnfZb3OOnVs.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 16096, version 1.0\012- data
Hash e1f386746e66ffa97075e73fadb60b20
44030a34658d1a3eb50f7c424f9ec592149512dd
84e79a16406aaa9d2bc81583fa7e9f692ed0ad1612967a7deb5ef47f8c1fc6c5
GET /s/nothingyoucoulddo/v13/oY1B8fbBpaP5OX3DtrRYf_Q2BPB1SnfZb3OOnVs.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.primeratemerchant.com
Connection: keep-alive
Referer: http://www.primeratemerchant.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16096
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 15:58:07 GMT
expires: Wed, 06 Sep 2023 15:58:07 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 24 Jan 2022 19:41:07 GMT
content-type: font/woff2
age: 224289
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 61961ee76ab6c28f6e17eb7a1df4a3ea
ab4e8c9c284a0eed6b2fab77c9df432839158b3a
9e3bec23cc8ea49ab4e3a3a244a428c59e6c48c80359c473155584807ba0de41
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 06:16:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 61961ee76ab6c28f6e17eb7a1df4a3ea
ab4e8c9c284a0eed6b2fab77c9df432839158b3a
9e3bec23cc8ea49ab4e3a3a244a428c59e6c48c80359c473155584807ba0de41
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 06:16:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.fitvids.js?ver=1.1
68.178.245.75200 OK 788 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.fitvids.js?ver=1.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document, ASCII text, with very long lines (1767), with no line terminators
Hash 61e085fb4a40dda6cda2cd15601ef142
7f7c36950941466dbc383f212c6b24a93c6018e2
54f1cab04979429b6eaa68c9cdfaad72ab3a876c726093ff69b441e7d4f72504
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.fitvids.js?ver=1.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41dd0-6e7-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 788
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.flexslider.js?ver=2.7.2
68.178.245.75200 OK 6.4 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.flexslider.js?ver=2.7.2
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (22301), with no line terminators
Hash 65080b0f1edecef975171b56bb614430
4f3f5c79c366c95b827c8295f6b6638fd22dc9d6
570117074b2842fa9f88e8c29cb0c0d8996fd4427a34bbd6b9d61d4912cc056c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.flexslider.js?ver=2.7.2 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41dc7-571d-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6398
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.hoverflow.js?ver=1
68.178.245.75200 OK 334 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.hoverflow.js?ver=1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (647), with no line terminators
Hash d149404863e3dff58424f3f020ae6ace
869cc5667a9c403ceca871820efb16bd194251d6
bbf79d290f98746420dc076d71132d409a2f9dc4132f7d06669b615097fcfb8f
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.hoverflow.js?ver=1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41de1-287-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 334
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.hoverintent.js?ver=1
68.178.245.75200 OK 455 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.hoverintent.js?ver=1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1098), with no line terminators
Hash 97be25d41a014510ed835c93ae9bf00c
241fe04678061088d24d67750824982cbc403d04
ca8aae7fae9d35c489bd8311931bdab26df4d83e0990b08b6409be8e7dcfd2a0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.hoverintent.js?ver=1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41de2-44a-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 455
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.ilightbox.js?ver=2.2.3
68.178.245.75200 OK 25 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.ilightbox.js?ver=2.2.3
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65536), with no line terminators
Hash a9b2f90f793f1afd2da728b177b71674
15460c02881b71b218f1274de5ad849584a7a8f6
225fad887dbbac7984a7c420019b81122ce15cbc0eec9e42af8477ef5b21286b
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.ilightbox.js?ver=2.2.3 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41dc6-1418e-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 25160
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.infinitescroll.js?ver=2.1
68.178.245.75200 OK 12 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.infinitescroll.js?ver=2.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (20980), with no line terminators
Hash dde0e3e7aef480bc5dc645e2cbf03261
047dbd32c9a25a18cbe7f4a408344c895d1aff20
7671d4e8af335d8395373711d1a1ce20a78274a9c405d1665c9d9e43378447fb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.infinitescroll.js?ver=2.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41dc0-51f4-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11990
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.mousewheel.js?ver=3.0.6
68.178.245.75200 OK 1.1 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.mousewheel.js?ver=3.0.6
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (2604), with no line terminators
Hash 5ae90f2b135740cf6a0b1815059797b5
3bba4fb3bb2fd84eae701ade789253b1168146dc
7f51931d14697dc28a2457d8c8c356f15784804abb4d06b3f287b5ff271c54b7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.mousewheel.js?ver=3.0.6 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41dd2-a2c-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1128
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.placeholder.js?ver=2.0.7
68.178.245.75200 OK 849 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.placeholder.js?ver=2.0.7
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (2176), with no line terminators
Hash 8c9fdf9f7915c520ce095d9e0f04e8ea
6bf27afef45dc7ce7c8d6218308a0482aa207a49
f829fbfed919c2a2d0571592f038847bce685c447fb9737797393c277d26d611
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.placeholder.js?ver=2.0.7 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41dd4-880-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 849
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.fade.js?ver=1
68.178.245.75200 OK 437 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.fade.js?ver=1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1162), with no line terminators
Hash 51e57fabc7b182d7ec3fef8f4f57404e
8d8018b572928c522b6c9a665ad347f35f693d62
6f8638903f64d7b007e657b7b3319ca1017d864aa5ce24c19d75f37608b617e7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.fade.js?ver=1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41ddc-48a-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 437
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/imagesLoaded.js?ver=3.1.8
68.178.245.75200 OK 2.2 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/imagesLoaded.js?ver=3.1.8
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (6785), with no line terminators
Hash 5e1c080a1516f44b73b474d3f1315040
d517bbe1df2a3ed633ad5d03adda7b4638596b58
4457b905261c66e7cbfbc89e6d25a435ade8b103ebc2e53453155e3df9544b2a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/imagesLoaded.js?ver=3.1.8 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41de0-1a81-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2221
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-equal-heights.js?ver=1
68.178.245.75200 OK 621 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-equal-heights.js?ver=1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1417), with no line terminators
Hash 9aef2dd466ce9c265becfbae916a8ad7
dfdd83790d7c5b4ef1c360c5f54c0aeaacdbcf04
c204e8c09a4e032a99a422a93040537397a4e3f1f690b1eee1dbd5bcb647be55
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-equal-heights.js?ver=1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41db4-589-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 621
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-video-general.js?ver=1
68.178.245.75200 OK 2.0 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-video-general.js?ver=1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (6803), with no line terminators
Hash 447896c8db1d6562ecb0bb525fa9e146
1b196c21513102aac759de7eb419a6dc194fe514
0d8a121b88f25f73506c24a106f1be124fc72eab1b3eba13b9b8f5f87e39c47f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-video-general.js?ver=1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41dd7-1a93-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1972
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-lightbox.js?ver=1
68.178.245.75200 OK 2.1 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-lightbox.js?ver=1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (7317), with no line terminators
Hash f3368b4cd93d627d8d00d3ed91ddd54f
dc7988e5159ab955993cf9d3e9dcb707160156ab
530b1578c9d36331293e6e649098e9243a350b25e96c7242e7869f5e52515510
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-lightbox.js?ver=1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41db2-1c95-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2122
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-flexslider.js?ver=1
68.178.245.75200 OK 1.4 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-flexslider.js?ver=1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (6195), with no line terminators
Hash 37451bc81d9fa028f029622c0741ae1e
714c5037c06156df8983035b927abb309b2f477c
fbda58ef83f978ea1459a1454f1046ca1f53341b862288e04755fc10683bb5cd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-flexslider.js?ver=1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41dba-1833-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1373
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-tooltip.js?ver=1
68.178.245.75200 OK 495 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-tooltip.js?ver=1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1717), with no line terminators
Hash 2a841a838db4c48c8d30269f941b9ab0
92c353c500f97dba7cce5c27a81302a1fe0e3fa5
451d23371d267ebac0cfd243c9090509b1c488f5eb9c3b9694f7b2b9d456284b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-tooltip.js?ver=1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41db5-6b5-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 495
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-sharing-box.js?ver=1
68.178.245.75200 OK 363 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-sharing-box.js?ver=1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (945), with no line terminators
Hash 31608b942a5fd102bd7061606beea21c
96d21bcd71d24e308fdab545337b51b0602d7b1b
94a33800d6c16d440ac846bdcd2620e5e794f4c1849e825d9b262d1c12121ea5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-sharing-box.js?ver=1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41db6-3b1-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 363
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/uploads/2018/03/prime-rate-footer-background-1.jpg
68.178.245.75404 Not Found 12 kB URL HTTP/2 www.primeratemerchant.com/wp-content/uploads/2018/03/prime-rate-footer-background-1.jpg
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2701), with CRLF, LF line terminators
Hash 82924b1b663d74e36fe41f1008e3c487
397b8d898ef1766fdd0b1041893cdc78301056bf
5d35981b976f480846268bfb53228874c871d515c348938bed2af667c1270069
GET /wp-content/uploads/2018/03/prime-rate-footer-background-1.jpg HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.primeratemerchant.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.30
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.primeratemerchant.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: br
content-length: 11504
content-type: text/html; charset=UTF-8
date: Fri, 09 Sep 2022 06:16:16 GMT
server: Apache
X-Firefox-Spdy: h2
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.sticky-kit.js?ver=1.1.2
68.178.245.75200 OK 2.0 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.sticky-kit.js?ver=1.1.2
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (5894), with no line terminators
Hash 9abbc997e33d8286d961be9c3b665d6e
c1dfbc4a33bbce6e9d9f43248450aa7268da8577
2c0afa3f8824bd4539e024767ed12bbcf93f10d6952b85f19a9f1d0c2c0ea20d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.sticky-kit.js?ver=1.1.2 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41dbf-1706-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1987
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/vimeoPlayer.js?ver=2.2.1
68.178.245.75200 OK 5.3 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/vimeoPlayer.js?ver=2.2.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (16292)
Hash 1afce9330bd32008d443e1e6e75c2b8f
b5fb6d07870e9f11950adb3a0d651044a90b68a1
70f2980f14fec6a9bbf9c6e29ae1b255843fa12e3d5e51b64421fe0a7a92891b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/vimeoPlayer.js?ver=2.2.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41dc8-40bd-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5319
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-skip-link-focus-fix.js?ver=7.3.1
68.178.245.75200 OK 242 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-skip-link-focus-fix.js?ver=7.3.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (325), with no line terminators
Hash 08d2bf4a763267afc84beb93b7c39f88
2221be913b0428a1bafe766ec95a841b488318bc
2902a191ee6ba196d11c1606d3d05bcc3e9ed69a71e101ea4ab3735f6aa81105
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/assets/min/js/general/avada-skip-link-focus-fix.js?ver=7.3.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:27 GMT
ETag: "3d4150d-145-5c0a808216bc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 242
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-general-footer.js?ver=7.3.1
68.178.245.75200 OK 218 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-general-footer.js?ver=7.3.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (413), with no line terminators
Hash 23f2f1c5d7ea17a286f0786a6e140c57
07747eb896e632ae0be9434bd6f72f23bfd5deba
37ec369020564a393ed54f305a9405de87340872e44669cc0a5d4f93b579715f
GET /wp-content/themes/Avada/assets/min/js/general/avada-general-footer.js?ver=7.3.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:27 GMT
ETag: "3d41504-19d-5c0a808216bc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 218
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-quantity.js?ver=7.3.1
68.178.245.75200 OK 761 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-quantity.js?ver=7.3.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1850), with no line terminators
Hash 0e215e276af40d8a4cf6e90b7e299bca
380b2866ba9554737f2325e3c7e426f6b111f525
64a81e3ef543e325dcf323ca4325278f5e48f6296592186cbde49cd751f3511c
GET /wp-content/themes/Avada/assets/min/js/general/avada-quantity.js?ver=7.3.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:27 GMT
ETag: "3d414ee-73a-5c0a808216bc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 761
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-crossfade-images.js?ver=7.3.1
68.178.245.75200 OK 190 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-crossfade-images.js?ver=7.3.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (418), with no line terminators
Hash 23f20a4910baec4f89ee4b41c41663a9
0137dfa686ad8e3c03afee4cb72ded6dafc52d65
cc1fc5dea521e84e6bc2f3ed7128896dce516f4c0f40c6e668a43fc7464badf5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/assets/min/js/general/avada-crossfade-images.js?ver=7.3.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:27 GMT
ETag: "3d4150b-1a2-5c0a808216bc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 190
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-select.js?ver=7.3.1
68.178.245.75200 OK 343 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-select.js?ver=7.3.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (886), with no line terminators
Hash 80ada6e5a72910c7934660b7b2abdd8e
bf9d02b2475365b25199119600c7887451b88cac
9bf5381e6f406dbc72404c0994322ae2dec8cffbe4bc0575a6909e1dae3b9639
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/assets/min/js/general/avada-select.js?ver=7.3.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:16 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:27 GMT
ETag: "3d414fe-376-5c0a808216bc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 343
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-tabs-widget.js?ver=7.3.1
68.178.245.75200 OK 259 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-tabs-widget.js?ver=7.3.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (503), with no line terminators
Hash 1e46ce5880df5dbf12b6a8f7f7d75e81
bdb3cc8f74ae0e319c3691c7ff4fa846a873498e
c87434343054c77a10df2527ae4041e503db763e1a6f7a901e1195917f27dc09
GET /wp-content/themes/Avada/assets/min/js/general/avada-tabs-widget.js?ver=7.3.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:17 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:27 GMT
ETag: "3d414fa-1f7-5c0a808216bc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 259
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-rev-styles.js?ver=7.3.1
68.178.245.75200 OK 612 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-rev-styles.js?ver=7.3.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document, ASCII text, with very long lines (2774), with no line terminators
Hash 097c2e260afbf3484166dda09e369911
36b67a6a92d6eea470126e3f3e8e86b9e676ef70
9d1c0dae4745147702c71abe73f2439f73a99d7e578634803eac2851d4343367
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/assets/min/js/general/avada-rev-styles.js?ver=7.3.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:17 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:27 GMT
ETag: "3d41510-ad6-5c0a808216bc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 612
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-contact-form-7.js?ver=7.3.1
68.178.245.75200 OK 557 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-contact-form-7.js?ver=7.3.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1575), with no line terminators
Hash 6517d28c2c75f000189e9cfc8d41ba51
58aadfab83f53b635aa85e6c5813ca438a7eb569
0466048b42c59af8e1e809edf0a6aa575a5b824b595668a191a6fe7b2dcc0437
GET /wp-content/themes/Avada/assets/min/js/general/avada-contact-form-7.js?ver=7.3.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:17 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:27 GMT
ETag: "3d41511-627-5c0a808216bc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 557
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/library/jquery.elasticslider.js?ver=7.3.1
68.178.245.75200 OK 1.6 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/library/jquery.elasticslider.js?ver=7.3.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (4545), with no line terminators
Hash 5c13f086cb84099d069d4d0449c51ea4
89658ad053d508b0ee8e4617ef30248c6e4af1a2
c4f8c62958bf680ad484050f2b46ff51aea04cd0de214d676ad9f98bde5b441a
GET /wp-content/themes/Avada/assets/min/js/library/jquery.elasticslider.js?ver=7.3.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:17 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:27 GMT
ETag: "3d41515-11c1-5c0a808216bc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1598
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-live-search.js?ver=7.3.1
68.178.245.75200 OK 1.0 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-live-search.js?ver=7.3.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (3070), with no line terminators
Hash 9337e45569b5da6528372366fe6c3cbb
1e16e3874378519a5b67133101d25db21210ed1d
ced45498ab6ba3ee60397af8fb325dde6579a6517087fda1f3c7b6209bab5ce8
GET /wp-content/themes/Avada/assets/min/js/general/avada-live-search.js?ver=7.3.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:17 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:27 GMT
ETag: "3d41509-bfe-5c0a808216bc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1029
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-blog.js?ver=5.7.7
68.178.245.75200 OK 2.2 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-blog.js?ver=5.7.7
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (7988), with no line terminators
Hash 9b4b1986f4c0c2ab21ad2bcf5445b2fd
f326b6809a3fe6726dc05abdff703020ec3b8902
0c16a43552b7b2952027f180e4969f5f44b35acf6d85da3ac6c9d9220b996c70
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-blog.js?ver=5.7.7 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:17 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41db9-1f34-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2153
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-elastic-slider.js?ver=7.3.1
68.178.245.75200 OK 233 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-elastic-slider.js?ver=7.3.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (565), with no line terminators
Hash f39dd41bde45ff29bd8ce208c94482ca
82c273265b6ed4d17be7f2cd63d105892cc6fd77
ede9659bfe70a2ce8c8e5a06b443c7e70c93d0b83f930c7b5e6010674a4be1f5
GET /wp-content/themes/Avada/assets/min/js/general/avada-elastic-slider.js?ver=7.3.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:17 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:27 GMT
ETag: "3d4150c-235-5c0a808216bc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 233
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-gravity-forms.js?ver=7.3.1
68.178.245.75200 OK 730 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-gravity-forms.js?ver=7.3.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (2039), with no line terminators
Hash 1d0aba3d090011d6ee8b6fc97f8f9251
2bb0b72b4fb9d00dbabbdd18e1dcdeb862dd4f09
e2102246f5a02b5a1632f285ba127ed4e4f43404bfd8a1db45de949ca2481441
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/assets/min/js/general/avada-gravity-forms.js?ver=7.3.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:17 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:27 GMT
ETag: "3d414f0-7f7-5c0a808216bc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 730
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-alert.js?ver=5.7.7
68.178.245.75200 OK 195 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-alert.js?ver=5.7.7
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with no line terminators
Hash 035163682275e8f6a212787443a5bec6
030d18ea4df0e92fc24075a087a5d9348ac9ec05
a8c8562166bc6c2f9865bcd3ce89dd0e9d5e49cb6583bcb7d4579e173a882f60
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-alert.js?ver=5.7.7 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:17 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41db3-104-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 195
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-fade.js?ver=7.3.1
68.178.245.75200 OK 246 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-fade.js?ver=7.3.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (496), with no line terminators
Hash f05f5ec2448ec0578515239fee054001
394e5b03e4de93567121d3a7990ea810d8020501
96f1e9294cb4292d07d6a7128cf696e6c1fd2cd676e21ce975f9f2b8783697b0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/assets/min/js/general/avada-fade.js?ver=7.3.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:17 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:27 GMT
ETag: "3d41501-1f0-5c0a808216bc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 246
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-drop-down.js?ver=7.3.1
68.178.245.75200 OK 1.1 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-drop-down.js?ver=7.3.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (6070), with no line terminators
Hash 0baeb7c429def8c0be7224b8e7aa9782
e81e7e2cbbc9e60976715eb09b1525fd3d5bc55d
18c5bbff643f0ddb6dbeedcb7818d9ba3fe92ce5c872128956c0bf1b6dc5df39
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/assets/min/js/general/avada-drop-down.js?ver=7.3.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:17 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:27 GMT
ETag: "3d4150a-17b6-5c0a808216bc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1136
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-to-top.js?ver=7.3.1
68.178.245.75200 OK 460 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-to-top.js?ver=7.3.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1017), with no line terminators
Hash 0d808ead6673893f722abf2029709e16
678c466d63ccf49207902170d3bcca89b507ee7c
83774becdc5fb0a255975716cfd24378f4e459a94896aab680f5ef604e75e9c0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/assets/min/js/general/avada-to-top.js?ver=7.3.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:17 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:27 GMT
ETag: "3d414f9-3f9-5c0a808216bc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 460
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-header.js?ver=7.3.1
68.178.245.75200 OK 4.1 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-header.js?ver=7.3.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (33006), with no line terminators
Hash a6e5a67992114e48c4e3b9cfda4eff63
361c33d57248f2c43bb688d28cc1f307bd024095
49df5e703ea6d5d1d96f72468bdd5ff538cda78464430743a8b3a91de1914819
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/assets/min/js/general/avada-header.js?ver=7.3.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:17 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:27 GMT
ETag: "3d414f2-80ee-5c0a808216bc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4078
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-menu.js?ver=7.3.1
68.178.245.75200 OK 6.8 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-menu.js?ver=7.3.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (39902), with no line terminators
Hash e3a881a195380efa4572ba3a5762d59a
d5ddfac3f8e52c2616afc76abf4d3ab5e60449db
ef04429454d22c068a21ecbf1f307eb5d449ac09a37a2ad8a1f2ace012e120f1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/assets/min/js/general/avada-menu.js?ver=7.3.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:17 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:27 GMT
ETag: "3d4150f-9bde-5c0a808216bc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6836
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-sidebars.js?ver=7.3.1
68.178.245.75200 OK 832 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-sidebars.js?ver=7.3.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (3566), with no line terminators
Hash 6a82c324cb93e77ab2b8a9879cc5c38a
5d17346f6f415a307a4b224453aade471afa0dc3
e76afe47c7217a7b0f1c28fb531d78caa6b71d988f5e6e3cce291627c67defa1
GET /wp-content/themes/Avada/assets/min/js/general/avada-sidebars.js?ver=7.3.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:17 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:27 GMT
ETag: "3d414f6-dee-5c0a808216bc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 832
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/library/bootstrap.scrollspy.js?ver=3.3.2
68.178.245.75200 OK 1.1 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/library/bootstrap.scrollspy.js?ver=3.3.2
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (2714), with no line terminators
Hash 7f41adcb84a77075362c6affce11078a
58b616bb090204de6cc88fbe8da8e222205a6396
32dfd86802e207fa718bf2a93eb925cf18313e4c5fb5b70ba0dab17dc2775bfb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/assets/min/js/library/bootstrap.scrollspy.js?ver=3.3.2 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:17 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:27 GMT
ETag: "3d41514-a9a-5c0a808216bc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1066
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-scrollspy.js?ver=7.3.1
68.178.245.75200 OK 331 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/assets/min/js/general/avada-scrollspy.js?ver=7.3.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (761), with no line terminators
Hash 23f44935192d6700820ccbb499e217ff
1a0df8aae68cef2f7046b3db9ab37e457b856153
7ff3a2a48c48f952369cd8e286aa3a4dc0f2cb300c6904a5b2b6b504e7c2c58b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/assets/min/js/general/avada-scrollspy.js?ver=7.3.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:17 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:27 GMT
ETag: "3d41507-2f9-5c0a808216bc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 331
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-responsive-typography.js?ver=1
68.178.245.75200 OK 1.1 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-responsive-typography.js?ver=1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (3575), with no line terminators
Hash 362c505132be35e91689b992dd43700f
87ec7277f10693dfa2fd657f0898e543262a390b
034d91f636a76931100306dcdb9c90a9eb57702ae4ed82bbbee11f1ea5240622
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-responsive-typography.js?ver=1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:17 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41dad-df7-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1068
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-scroll-to-anchor.js?ver=1
68.178.245.75200 OK 1.7 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-scroll-to-anchor.js?ver=1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (5512), with no line terminators
Hash c1c49ff3587c1ae434e3137369d31f39
bfd30d6c0689e3fee6eb3858dd4e1d6320452c46
a76772acd19ffe787b9070b93371a2757d953868c471fb890c719528d6827a81
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-scroll-to-anchor.js?ver=1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:17 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41dac-1588-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1722
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-general-global.js?ver=1
68.178.245.75200 OK 245 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-general-global.js?ver=1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (483), with no line terminators
Hash 4001b77cd3b0c975837e565ac678502a
044aa2eddb3c3f51fb12a4d2a28e251c80878202
040c6f4cd99e486f79e06fffdc110d3a554dd72a8d76ac025cf9a6c7110518ca
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-general-global.js?ver=1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:17 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41db7-1e3-5c0a80830ae00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 245
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-video.js?ver=1
68.178.245.75200 OK 675 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-video.js?ver=1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (2069), with no line terminators
Hash b97f92b47d360b9d94636d8afbf305fd
e1f9cc5abcf5ae59ea3a74efa17309363707d811
8242a3995bf277eaaa72deb3abe069ce495d8618fa455906fcf24684251f0676
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-video.js?ver=1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:17 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:34:35 GMT
ETag: "402057d-815-5c0a80c2f04c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 675
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-column.js?ver=1
68.178.245.75200 OK 937 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-column.js?ver=1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (5090), with no line terminators
Hash 497acc34690a86decc1170db80da3e38
4427441b2a3446d1e1866cf3c4009d8d4f8f9dc4
73a7aa0e138acd8b1655afbafda4244139db4acabbfe4ebcb6e2013328fd5026
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-column.js?ver=1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:17 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:34:35 GMT
ETag: "4020593-13e2-5c0a80c2f04c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 937
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/plugins/fusion-core/js/min/fusion-vertical-menu-widget.js?ver=5.3.1
68.178.245.75200 OK 461 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/plugins/fusion-core/js/min/fusion-vertical-menu-widget.js?ver=5.3.1
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1887), with no line terminators
Hash 9cc19293a40d35fcc8a3445fd1b0c646
372a64f473c7869f3c6534732f0d1b6951113fe2
12d77d43b3baa7b1dbc49d8ee870ad55edb617a8e3058bf821cc02d91d944c43
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/fusion-core/js/min/fusion-vertical-menu-widget.js?ver=5.3.1 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:17 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:34:39 GMT
ETag: "4020240-75f-5c0a80c6c0dc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 461
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff
68.178.245.75200 OK 21 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type Web Open Font Format, TrueType, length 20908, version 1.0\012- data
Hash 00491de6282bc94e9cc6a2ccbb4b3ae6
a3f9f4a0e469c3557e64029415698942903f10a4
22c851d5f36813ff8cbb4ab0d16273aa1eb536f84f2c56b53df8d2c7a54479a4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.primeratemerchant.com/wp-content/uploads/fusion-styles/c7c7ab11701bab44ec84d24c4510eaba.min.css?ver=3.3.1
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:17 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41e04-51ac-5c0a80830ae00"
Accept-Ranges: bytes
Content-Length: 20908
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: font/woff
www.primeratemerchant.com/wp-content/uploads/2022/02/Prime-merchant2-logo-1.png
68.178.245.75200 OK 12 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/uploads/2022/02/Prime-merchant2-logo-1.png
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 300 x 56, 8-bit/color RGBA, non-interlaced\012- data
Hash 49d76b8eda4df7867e9865c3abe57b7c
212a5a13ac8b2c7a1f57e82f610c8c8cf1113a64
6246001055eddb85c011c673431e04ada3102d38489d43bb6e971beadaf8ce69
GET /wp-content/uploads/2022/02/Prime-merchant2-logo-1.png HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:17 GMT
Server: Apache
Last-Modified: Sat, 26 Feb 2022 17:41:18 GMT
ETag: "402022e-2d5b-5d8ef529f2c8f"
Accept-Ranges: bytes
Content-Length: 11611
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__en.js
142.250.74.163200 OK 158 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__en.js
IP 142.250.74.163:0
File type HTML document, ASCII text, with very long lines (579)
Size 158 kB (158056 bytes)
Hash d63a69f898e1d00cfc7c871744ded8c4
e166540eccb571c95c8c1135c2168cf5df306991
ed7892ca1498d6dfc0ff8b354ab8c409eed81b1fa77b427467815d0c7f45021c
GET /recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.primeratemerchant.com
Connection: keep-alive
Referer: http://www.primeratemerchant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158056
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 21:31:14 GMT
expires: Sat, 02 Sep 2023 21:31:14 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 18:40:58 GMT
content-type: text/javascript
age: 549903
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.121200 OK 3.1 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.121:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (7751)
Hash 57efbbeb3e1d23c82b677511c67c8b0e
f927ba115ef4be362694c22850ddbdd1c1b054d1
873b38d80c8ff1ffcac23ecdb7fb2d17413ae3c217236d8e1e24574b1c4707c6
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.primeratemerchant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=11426
date: Fri, 09 Sep 2022 06:16:17 GMT
content-length: 3063
x-cdn: AKAM
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.primeratemerchant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Fri, 09 Sep 2022 04:41:12 GMT
expires: Fri, 09 Sep 2022 06:41:12 GMT
cache-control: public, max-age=7200
age: 5705
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 8e7e24fb3539746aa8b869558f589615
d8086d86bbd5cfacc3b6a5ef14aa917830e137dd
7304497ee417a664bdea67d7307ca36a36013556b927c3ea5bca6c04b66236ef
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.primeratemerchant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 9ykuBk6FzgA7xP0cbrELmQQ03IZXzD99KnRr6mBFG7yuThNOiE2KZX1i2UseMoYzgTWNrPQcHL0DUD8v43A8og==
content-length: 26737
x-fb-trip-id: 2050670934
date: Fri, 09 Sep 2022 06:16:17 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0adcdf311c307962c09ff6e0b3a4d0a6
2f358cc3b121ec7340c2c38721c292cd7fb0ebb4
2bbda38cb2eb20dbe9286311420c33cd52e7582fd336fcbbcaa922464507635a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5724
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 06:16:18 GMT
Last-Modified: Fri, 09 Sep 2022 04:40:55 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
68.178.245.75200 OK 78 kB URL HTTP/1.1 www.primeratemerchant.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type Web Open Font Format (Version 2), TrueType, length 78212, version 331.-31261\012- data
Hash 8c4f474a3aaa695346196b1f33fab616
abc1ae262d760e104a5a5cb68614ac119fd0db18
ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.primeratemerchant.com/wp-content/uploads/fusion-styles/c7c7ab11701bab44ec84d24c4510eaba.min.css?ver=3.3.1
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 06:16:17 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 18:33:28 GMT
ETag: "3d41dff-13184-5c0a80830ae00"
Accept-Ranges: bytes
Content-Length: 78212
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: font/woff2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=320298&time=1662704169561&url=http%3A%2F%2Fwww.primeratemerchant.com%2Fab%2Fapp%2Fseleccione_medio_de_codigo_loading.php
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=320298&time=1662704169561&url=http%3A%2F%2Fwww.primeratemerchant.com%2Fab%2Fapp%2Fseleccione_medio_de_codigo_loading.php
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=320298&time=1662704169561&url=http%3A%2F%2Fwww.primeratemerchant.com%2Fab%2Fapp%2Fseleccione_medio_de_codigo_loading.php HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.primeratemerchant.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D320298%26time%3D1662704169561%26url%3Dhttp%253A%252F%252Fwww.primeratemerchant.com%252Fab%252Fapp%252Fseleccione_medio_de_codigo_loading.php%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQLPXcA9h9QJKQAAAYMg5FRShJMEYFC98CTKDu_7R88nABEF3Vsm5wssbAqEWQNFmmjcPoBCgvXqJw; Max-Age=2592000; Expires=Sun, 09 Oct 2022 06:16:18 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQKMLQbd2ZizugAAAYMg5FRSpvDfRDrUqjcP4-mC2TqoyOq47YVkbIE2BKoXZ2eIvR5Qxet-Eri8xq9TkmXCAw; Max-Age=2592000; Expires=Sun, 09 Oct 2022 06:16:18 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&5de4c8e0-cf83-4282-8824-b0e5fbb45e02"; domain=.linkedin.com; Path=/; Secure; Expires=Sat, 09-Sep-2023 06:16:18 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2341:u=1:x=1:i=1662704178:t=1662790578:v=2:sig=AQFaTqDow02TFR_MQMU1HD6pNlGpct0P"; Expires=Sat, 10 Sep 2022 06:16:18 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXoOHvpLUP/6TkJJ5ba7w==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 0A21CACA5BB546EA982EC3734E580CD3 Ref B: OSL30EDGE0413 Ref C: 2022-09-09T06:16:18Z
date: Fri, 09 Sep 2022 06:16:17 GMT
content-length: 0
X-Firefox-Spdy: h2
www.primeratemerchant.com/wp-content/uploads/2018/03/cropped-favicon-192x192.png
68.178.245.75404 Not Found 12 kB URL HTTP/2 www.primeratemerchant.com/wp-content/uploads/2018/03/cropped-favicon-192x192.png
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2701), with CRLF, LF line terminators
Hash 3a6beab9a67db16a23b790719603697a
c66649571273ca562d317c1583184ac80c7812d4
d62ac63ad65a4b4ba1fcf0a8c2c1211bc43632e9b871ee70ddbd098d54115a8d
GET /wp-content/uploads/2018/03/cropped-favicon-192x192.png HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.primeratemerchant.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.30
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.primeratemerchant.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: br
content-length: 11505
content-type: text/html; charset=UTF-8
date: Fri, 09 Sep 2022 06:16:17 GMT
server: Apache
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1812766528977188&ev=PageView&dl=http%3A%2F%2Fwww.primeratemerchant.com%2Fab%2Fapp%2Fseleccione_medio_de_codigo_loading.php&rl=&if=false&ts=1662704170002&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.1.1662704170001.1343254501&it=1662704169614&coo=false&rqm=GET
31.13.72.36200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=1812766528977188&ev=PageView&dl=http%3A%2F%2Fwww.primeratemerchant.com%2Fab%2Fapp%2Fseleccione_medio_de_codigo_loading.php&rl=&if=false&ts=1662704170002&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.1.1662704170001.1343254501&it=1662704169614&coo=false&rqm=GET
IP 31.13.72.36:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=1812766528977188&ev=PageView&dl=http%3A%2F%2Fwww.primeratemerchant.com%2Fab%2Fapp%2Fseleccione_medio_de_codigo_loading.php&rl=&if=false&ts=1662704170002&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.1.1662704170001.1343254501&it=1662704169614&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.primeratemerchant.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Fri, 09 Sep 2022 06:16:18 GMT
expires: Fri, 09 Sep 2022 06:16:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.primeratemerchant.com/wp-content/uploads/2018/03/cropped-favicon-32x32.png
68.178.245.75404 Not Found 12 kB URL HTTP/2 www.primeratemerchant.com/wp-content/uploads/2018/03/cropped-favicon-32x32.png
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2701), with CRLF, LF line terminators
Hash 3a6beab9a67db16a23b790719603697a
c66649571273ca562d317c1583184ac80c7812d4
d62ac63ad65a4b4ba1fcf0a8c2c1211bc43632e9b871ee70ddbd098d54115a8d
GET /wp-content/uploads/2018/03/cropped-favicon-32x32.png HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.primeratemerchant.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.30
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.primeratemerchant.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: br
content-length: 11505
content-type: text/html; charset=UTF-8
date: Fri, 09 Sep 2022 06:16:17 GMT
server: Apache
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D320298%26time%3D1662704169561%26url%3Dhttp%253A%252F%252Fwww.primeratemerchant.com%252Fab%252Fapp%252Fseleccione_medio_de_codigo_loading.php%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D320298%26time%3D1662704169561%26url%3Dhttp%253A%252F%252Fwww.primeratemerchant.com%252Fab%252Fapp%252Fseleccione_medio_de_codigo_loading.php%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D320298%26time%3D1662704169561%26url%3Dhttp%253A%252F%252Fwww.primeratemerchant.com%252Fab%252Fapp%252Fseleccione_medio_de_codigo_loading.php%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.primeratemerchant.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=320298&time=1662704169561&url=http%3A%2F%2Fwww.primeratemerchant.com%2Fab%2Fapp%2Fseleccione_medio_de_codigo_loading.php&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&c6527202-3b4e-4899-8e20-e25239c9571a"; Domain=.linkedin.com; Expires=Sat, 09-Sep-2023 06:16:18 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20220909061618b3a07857-e108-4f7a-8f90-b468aae55917AQGCv3MRUeHqQQZutFNsqh4rUekBr64H"; Domain=.www.linkedin.com; Expires=Sat, 09-Sep-2023 06:16:18 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NjI3MDQxNzg7MjswMjGdcv2apGDRn2WeR/mmAwnwo8FtPLqpC6N07Q429Ce16Q==; Domain=.linkedin.com; Expires=Wed, 08 Mar 2023 06:16:18 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2341:u=1:x=1:i=1662704178:t=1662790578:v=2:sig=AQFaTqDow02TFR_MQMU1HD6pNlGpct0P"; Expires=Sat, 10 Sep 2022 06:16:18 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXoOHvsQ9YDTH2SzsEkRQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 8A1AE1E28CCC4886B10E9BEB957C8ED7 Ref B: OSL30EDGE0413 Ref C: 2022-09-09T06:16:18Z
date: Fri, 09 Sep 2022 06:16:17 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dad8f08be4d6d5166c7f54004cb37c64
949b5738d5c880445510774f1da0e0af667308b3
398205f8248c3e00126eb21e6cb1d4e21a981a1b46d59ff4993e6023f33c6b9f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 06:16:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-116677182-1&cid=1132632483.1662704170&jid=1087559649&gjid=983035779&_gid=865831636.1662704170&_u=YEBAAUAAAAAAAC~&z=114571968
142.251.1.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-116677182-1&cid=1132632483.1662704170&jid=1087559649&gjid=983035779&_gid=865831636.1662704170&_u=YEBAAUAAAAAAAC~&z=114571968
IP 142.251.1.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-116677182-1&cid=1132632483.1662704170&jid=1087559649&gjid=983035779&_gid=865831636.1662704170&_u=YEBAAUAAAAAAAC~&z=114571968 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.primeratemerchant.com
Connection: keep-alive
Referer: http://www.primeratemerchant.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.primeratemerchant.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 09 Sep 2022 06:16:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dad8f08be4d6d5166c7f54004cb37c64
949b5738d5c880445510774f1da0e0af667308b3
398205f8248c3e00126eb21e6cb1d4e21a981a1b46d59ff4993e6023f33c6b9f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 06:16:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
px.ads.linkedin.com/collect?v=2&fmt=js&pid=320298&time=1662704169561&url=http%3A%2F%2Fwww.primeratemerchant.com%2Fab%2Fapp%2Fseleccione_medio_de_codigo_loading.php&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=320298&time=1662704169561&url=http%3A%2F%2Fwww.primeratemerchant.com%2Fab%2Fapp%2Fseleccione_medio_de_codigo_loading.php&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=320298&time=1662704169561&url=http%3A%2F%2Fwww.primeratemerchant.com%2Fab%2Fapp%2Fseleccione_medio_de_codigo_loading.php&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.primeratemerchant.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&020b5cc3-1de6-4fc9-8769-331a14940135"; domain=.linkedin.com; Path=/; Secure; Expires=Sat, 09-Sep-2023 06:16:18 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2341:u=1:x=1:i=1662704178:t=1662790578:v=2:sig=AQFaTqDow02TFR_MQMU1HD6pNlGpct0P"; Expires=Sat, 10 Sep 2022 06:16:18 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXoOHvwqjPTFpBvdyzQtw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 4608B7DDA19140A1ACEF294404128DCC Ref B: OSL30EDGE0413 Ref C: 2022-09-09T06:16:18Z
date: Fri, 09 Sep 2022 06:16:18 GMT
content-length: 0
X-Firefox-Spdy: h2
www.primeratemerchant.com/wp-content/uploads/2018/03/prime-rate-footer-payment-options.jpg
68.178.245.75404 Not Found 0 B URL HTTP/1.1 www.primeratemerchant.com/wp-content/uploads/2018/03/prime-rate-footer-payment-options.jpg
IP 68.178.245.75:0
ASN #398101 GO-DADDY-COM-LLC
GET /wp-content/uploads/2018/03/prime-rate-footer-payment-options.jpg HTTP/1.1
Host: www.primeratemerchant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.primeratemerchant.com/ab/app/seleccione_medio_de_codigo_loading.php
HTTP/1.1 404 Not Found
Date: Fri, 09 Sep 2022 06:16:17 GMT
Server: Apache
X-Powered-By: PHP/7.4.30
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.primeratemerchant.com/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8