Report - www.7-capitals.com/wp-login.php?redirect_to=7-capitals.com/wp-admin/update-core.php&reauth=1

Report Overview

Submitted URL
www.7-capitals.com/wp-login.php?redirect_to=7-capitals.com/wp-admin/update-core.php&reauth=1
IP
198.54.120.224
ASN
#22612 NAMECHEAP-NET
Submitted
2022-12-16 15:25:59
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.214.64.191
www.7-capitals.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	11 kB	131 kB	198.54.120.224
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	797 B	93.184.220.29
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	963 B	172.64.155.188
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	95.101.11.115
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	71 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-16	medium	www.7-capitals.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	Phishing
2022-12-16	medium	www.7-capitals.com/wp-includes/css/buttons-rtl.min.css?ver=6.1.1	Phishing
2022-12-16	medium	www.7-capitals.com/wp-admin/css/l10n-rtl.min.css?ver=6.1.1	Phishing
2022-12-16	medium	www.7-capitals.com/wp-admin/css/login-rtl.min.css?ver=6.1.1	Phishing
2022-12-16	medium	www.7-capitals.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	Phishing
2022-12-16	medium	www.7-capitals.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0	Phishing
2022-12-16	medium	www.7-capitals.com/wp-includes/css/dashicons.min.css?ver=6.1.1	Phishing
2022-12-16	medium	www.7-capitals.com/wp-admin/css/forms-rtl.min.css?ver=6.1.1	Phishing
2022-12-16	medium	www.7-capitals.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5	Phishing
2022-12-16	medium	www.7-capitals.com/wp-admin/js/password-strength-meter.min.js?ver=6.1.1	Phishing
2022-12-16	medium	www.7-capitals.com/wp-includes/js/wp-util.min.js?ver=6.1.1	Phishing
2022-12-16	medium	www.7-capitals.com/wp-includes/js/underscore.min.js?ver=1.13.4	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (20)

	URL	Size	First Seen	Last Seen
	www.7-capitals.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	96 kB	2023-03-09	2023-03-12
Pretty URL www.7-capitals.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 198.54.120.224 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:16:14 Last Seen2023-03-12 14:10:32 Times Seen1 Hash ee753c91502cde57e2154a33babc91f6 32192e52004b62b365d42df8c4283635f5c9d9c5 1b524af747065130b3a93e6c78946b9a48fe0d3fb9af8f76df07936790f91da2 Loading...

	www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1	121 B	2023-03-09	2023-03-09
Pretty URL www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1 IP 198.54.120.224 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:16:14 Last Seen2023-03-09 12:16:14 Times Seen1 Hash e12fae0e92db97a6b9d149a1f1c4b09d aaabce7ba44e1eb46636ef631ea2c9885bdf6245 4d21e9304c8d46d79ef25f8a796551c12521de086173df80be6420be0cd99cdd Loading...

	www.7-capitals.com/wp-admin/js/user-profile.min.js?ver=6.1.1	9.9 kB	2023-03-09	2023-03-09
Pretty URL www.7-capitals.com/wp-admin/js/user-profile.min.js?ver=6.1.1 IP 198.54.120.224 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:16:14 Last Seen2023-03-09 12:16:14 Times Seen1 Hash bab37299bb4ea95da5d9894a352baa79 27c45b0a51dc273047aa40ee18b42347e41f62df cfb0e89b847246ce5c09fe0077ccdc4202c18435742f061a58e576a5a706a7fd Loading...

	www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1	68 B	2023-03-07	2024-04-21
Pretty URL www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1 IP 198.54.120.224 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:53 Last Seen2024-04-21 18:11:14 Times Seen460 Hash 7a000083b726ac992171ab57dba3e4f7 4f50582601c36d21289fcc0624da251f77aa1788 160ef8ab3e41b76dc93b4399da6b6a5056fea9e01caa680a0a09a4eafe72406b Loading...

	www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1	96 B	2023-03-07	2024-04-25
Pretty URL www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1 IP 198.54.120.224 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:51 Last Seen2024-04-25 13:47:32 Times Seen10624 Hash eb3a538fd2a39c22198e72c3b9f498a7 c966ebdbd2701a0980a85671126664f3892d4f1e ac233233e7bcaf806041b243578fab081dced8a045d9a82756410da9ea2382a1 Loading...

	www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1	228 B	2023-03-07	2024-04-17
Pretty URL www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1 IP 198.54.120.224 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:29 Last Seen2024-04-17 09:41:26 Times Seen463 Hash 81a6300c1370ea32679431083298fa57 ecd59449a859df652e0a32e023b4b8d399e19e69 f3432be577367fa855489c2f15145c363008f5131c9ee4d5008cebea9210b302 Loading...

	www.7-capitals.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae	14 kB	2023-03-09	2023-03-09
Pretty URL www.7-capitals.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae IP 198.54.120.224 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:16:14 Last Seen2023-03-09 12:16:14 Times Seen1 Hash 2b6738e871790bdf0f0a314d901d0962 dea8bde8b8ff584c10808eb310cf20c2b7f2d3cd 41e151b6f1c94ea4da761e68bb31b098d7be821412c322eaf52cec009e7fae2f Loading...

	www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1	449 B	2023-03-07	2024-04-19
Pretty URL www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1 IP 198.54.120.224 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:48:29 Last Seen2024-04-19 10:16:08 Times Seen31 Hash 6c16ed70fdcf48b671bc102e842a7a19 c0c3ae476829bbc12d368227664f3548911a6930 ca5f67d9c725eee85adba6697d03281b6245026aa8742e585864778988e30441 Loading...

	www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1	1.2 kB	2023-03-09	2023-03-14
Pretty URL www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1 IP 198.54.120.224 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:16:14 Last Seen2023-03-14 02:12:01 Times Seen1 Hash 5c873f52acd33fdb7b8a65531828e950 9da0784eb8ecbb2907f0bbfed2e1a72fbb560cb7 174efefbe2c1f3d857a0d00a88e483f6fb58fcf1e534cd647af5cb313494135b Loading...

	www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1	87 B	2023-03-09	2023-03-09
Pretty URL www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1 IP 198.54.120.224 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:16:14 Last Seen2023-03-09 12:16:14 Times Seen1 Hash 92da67160c4b77d1ac04e35e8516c085 7fa864d6826bf200f54eb57a1e053eab08c06e08 c444a3a394183cf4e2e0c8047bf03b73fd4035b230113a16201cb3f6d6c2b4bc Loading...

	www.7-capitals.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	10 kB	2023-03-07	2023-03-12
Pretty URL www.7-capitals.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 IP 198.54.120.224 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:49 Last Seen2023-03-12 14:10:32 Times Seen1 Hash b52c397246233395006bd295a7302176 5841544fbd322b63c69d955610e224767fd5c620 4281be1db2a7d3e7b436357b1e3f0087de76eeeda5a91cdbf63986d396cc443f Loading...

	www.7-capitals.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	15 kB	2023-03-09	2023-03-09
Pretty URL www.7-capitals.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 198.54.120.224 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:16:14 Last Seen2023-03-09 12:16:14 Times Seen1 Hash a99bcd492ff18227c0a18b2633959276 f7d36e29460197f1dd545605ed17cae0ebd343de bfeaac8e0a82c9a7fa5e7bc7cad358494bbdd3479042972baf79e9ffbeb597c1 Loading...

	www.7-capitals.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5	8.6 kB	2023-03-09	2023-03-12
Pretty URL www.7-capitals.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 IP 198.54.120.224 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:16:14 Last Seen2023-03-12 14:10:32 Times Seen1 Hash 965c821c8ff4b51e8e97e319f2ea83a9 d73e00d13ce5ea9f38101a09600a03614158c84a 9f0db0b6795d491747e3eb397d48277d7e574c8571b94c56728e6d00fe2a1388 Loading...

	www.7-capitals.com/wp-includes/js/wp-util.min.js?ver=6.1.1	5.2 kB	2023-03-09	2023-03-09
Pretty URL www.7-capitals.com/wp-includes/js/wp-util.min.js?ver=6.1.1 IP 198.54.120.224 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:16:14 Last Seen2023-03-09 12:16:14 Times Seen1 Hash fd7a897814187a795bb21b624ba7d0bc 126ce05b55845ba2ff1961fce675a42b6c835908 da7c490d2448f7edda127a2a6d53c1f360202bf25f584b220c21dcf730af0d71 Loading...

	www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1	1.4 kB	2023-03-09	2023-03-14
Pretty URL www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1 IP 198.54.120.224 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:16:14 Last Seen2023-03-14 02:12:01 Times Seen1 Hash 6481731d7f945ac04a1bb26f38d70e04 b9a050f5a8a20d0d80ad5e6907678ebd1bceb603 73cb6a024c722fe2216dc72854d0846d521c37d162018b5f4a152b726f0fd0e8 Loading...

	www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1	77 B	2023-03-07	2024-04-17
Pretty URL www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1 IP 198.54.120.224 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:29 Last Seen2024-04-17 09:41:26 Times Seen557 Hash 0bef5ebd7941b5e620946a39f3d80705 50ca73634a095a29ecd20636b582d3081f3a0e4d 84f9db72df87daec148b0a21de479cb7a4c9b78c1a0e52cf7e3e3b4cee7c9577 Loading...

	www.7-capitals.com/wp-includes/js/zxcvbn-async.min.js?ver=1.0	4.1 kB	2023-03-09	2023-03-09
Pretty URL www.7-capitals.com/wp-includes/js/zxcvbn-async.min.js?ver=1.0 IP 198.54.120.224 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:16:15 Last Seen2023-03-09 12:16:15 Times Seen1 Hash 5d71ec36a8ffb45ff6b4c74dc43adccc b008805048e49343b9fbca02f7315132c2909b40 b179895b072adaf87e865b657b18cd2a9e8150e661c4f02a2e82043844660538 Loading...

	www.7-capitals.com/wp-admin/js/password-strength-meter.min.js?ver=6.1.1	4.8 kB	2023-03-09	2023-03-09
Pretty URL www.7-capitals.com/wp-admin/js/password-strength-meter.min.js?ver=6.1.1 IP 198.54.120.224 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:16:15 Last Seen2023-03-09 12:16:15 Times Seen1 Hash 4f8e728e76a27d2d976ffc60c2639d11 9c7a69a613a237a575263471aee10778021844c8 c0e6aaf23740659ad446c78f54e8d72d7c60e92a4aa48b23eef27d1add00c063 Loading...

	www.7-capitals.com/wp-includes/js/underscore.min.js?ver=1.13.4	23 kB	2023-03-09	2023-03-09
Pretty URL www.7-capitals.com/wp-includes/js/underscore.min.js?ver=1.13.4 IP 198.54.120.224 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:16:15 Last Seen2023-03-09 12:16:15 Times Seen1 Hash 38bc43df79c82081a481443660fb9497 9410b2580889b9de8987194a856384855d4ce022 5f38dbf4dd9189b8bb258ee84cff5dc0c4524b30e239f397b9609495e91b0c31 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 7268ede57858a2c14b25218c4cbf7d06	663 B	2023-03-08	2023-12-13
Pretty Observations First Seen2023-03-08 14:35:26 Last Seen2023-12-13 00:16:43 Times Seen44 Hash 7268ede57858a2c14b25218c4cbf7d06 c9dc28a1f6ab8bd7ff450be8796ef469be99ac91 dc6acc70fa6a127bcde95478f41fc3ec8b472cc6327b69d1fd5c5e3633a96540 Loading...

HTTP Transactions (41)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
381442da2a14cb93770f4c8f6e19d35b
31c48467751e2450a63004c57eea0c7872023eaf
61b0985f47033bd7020ab3b8cdcbc6c17be6ab9b6feba69e006088b78e21c0f0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61B0985F47033BD7020AB3B8CDCBC6C17BE6AB9B6FEBA69E006088B78E21C0F0"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8608
Expires: Fri, 16 Dec 2022 17:49:16 GMT
Date: Fri, 16 Dec 2022 15:25:48 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4a5e9bc8b7891ac5f4552c29bcbaedb0
39735081eeb64eae477c61c1147daeb68fb37b22
c465efaf205ff2992af02c16187ca14a658cd5335b892903374f3adab32a8cd9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C465EFAF205FF2992AF02C16187CA14A658CD5335B892903374F3ADAB32A8CD9"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4429
Expires: Fri, 16 Dec 2022 16:39:37 GMT
Date: Fri, 16 Dec 2022 15:25:48 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
51bd0cc75ed746fd33c950eb12936b7e
4a1007ea6c6e4f5e8b4a7d1f85f7a3e329dc8f50
188d4a0d544f40048dc7476cb4f5e478f1eb49a8ef1d51699fb155d2ae258655

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "188D4A0D544F40048DC7476CB4F5E478F1EB49A8EF1D51699FB155D2AE258655"
Last-Modified: Tue, 13 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5503
Expires: Fri, 16 Dec 2022 16:57:31 GMT
Date: Fri, 16 Dec 2022 15:25:48 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 16 Dec 2022 14:34:01 GMT
content-type: application/json
age: 3107
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 9wrFp2xyFDwAyuXPbKtZvU0fXp+b1BUFQQyuwYnGtH7Qt6aZmZKdXAZ1APZnwtA3Q5P8AYVNE2w=
x-amz-request-id: B8AVBHHTRKV1RDC3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 16 Dec 2022 14:51:22 GMT
age: 2066
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1

198.54.120.224

301 Moved Permanently

707 B

URL HTTP/1.1
www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1
IP
198.54.120.224:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

HTTP Headers

GET /wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1 HTTP/1.1
Host: www.7-capitals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Fri, 16 Dec 2022 15:25:48 GMT
server: LiteSpeed
location: https://www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1
x-turbo-charged-by: LiteSpeed

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 16 Dec 2022 15:25:48 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 16 Dec 2022 15:08:00 GMT
age: 1069
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
142400be99b933ea5e0c68ea6a6b3e89
80e94132940e5ebe69dd0a03396764127b8fda49
20e8cde3c6907a3c5d97fe9fbcf6a44035e1f7482f7e166adb2c38a30a9084ea

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3187
Cache-Control: max-age=153250
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 15:25:49 GMT
Etag: "639c352c-1d7"
Expires: Sun, 18 Dec 2022 09:59:59 GMT
Last-Modified: Fri, 16 Dec 2022 09:06:52 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
b5e79c13a5106438f3483fa89961ba32
d11422a2a1a9be1d0244774b636315e87b9db71c
857c0bed72feb74a2de247cebfdb289fb0c3a785481c7237e029085b78b988b6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 15:25:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 16 Dec 2022 10:44:14 GMT
Expires: Fri, 23 Dec 2022 10:44:13 GMT
Etag: "d11422a2a1a9be1d0244774b636315e87b9db71c"
Cache-Control: max-age=587303,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77a86f0f9a02fac8-OSL

push.services.mozilla.com/

34.214.64.191

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.214.64.191:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YGSU/Kuw8ejEheTJNVlF5A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +qO9wWuChiBAPnncHQqV7mYvTGg=

www.7-capitals.com/wp-includes/js/zxcvbn-async.min.js?ver=1.0

198.54.120.224

200 OK

1.5 kB

URL HTTP/2
www.7-capitals.com/wp-includes/js/zxcvbn-async.min.js?ver=1.0
IP
198.54.120.224:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (338)
Size
1.5 kB (1451 bytes)
Hash
6302f3d5b04d3ac3308cf17aaf067e56
b87065f167de763f539e0a8a05dce920486f7044
e0c4c6aafd24507c4678e8144278a16f41832f042bdebf251938b6e9f748c8ae

HTTP Headers

GET /wp-includes/js/zxcvbn-async.min.js?ver=1.0 HTTP/1.1
Host: www.7-capitals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1
Connection: keep-alive
Cookie: wordpress_test_cookie=WP+Cookie+check
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Dec 2022 15:25:50 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 09:27:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1451
date: Fri, 16 Dec 2022 15:25:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.7-capitals.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

198.54.120.224

200 OK

3.7 kB

URL HTTP/2
www.7-capitals.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP
198.54.120.224:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (6497)
Size
3.7 kB (3681 bytes)
Hash
a2a6f2880bf527aa2a8654f92ce4c1bd
df1d2e6a403100415e855fb847479bf5b39bc840
4ad60505c5e983b0f4b55b5c109da305b2b65706063198d792bf3e76f97d457d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.7-capitals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1
Connection: keep-alive
Cookie: wordpress_test_cookie=WP+Cookie+check
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Dec 2022 15:25:50 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 09:27:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3681
date: Fri, 16 Dec 2022 15:25:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.7-capitals.com/wp-includes/css/buttons-rtl.min.css?ver=6.1.1

198.54.120.224

200 OK

1.3 kB

URL HTTP/2
www.7-capitals.com/wp-includes/css/buttons-rtl.min.css?ver=6.1.1
IP
198.54.120.224:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (5821)
Size
1.3 kB (1254 bytes)
Hash
6a8e7e5bf156cff79dfcdf2c20023973
94c68fc8019fcce2e684b03d2a1121c7854b5aab
1fd6ea9d82aeb4d0b9861cc87f9e7119b7b17b6a89e1c15c2c11292fbbbfa450

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/buttons-rtl.min.css?ver=6.1.1 HTTP/1.1
Host: www.7-capitals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1
Cookie: wordpress_test_cookie=WP+Cookie+check
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Dec 2022 15:25:50 GMT
content-type: text/css
last-modified: Tue, 09 Mar 2021 21:33:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1254
date: Fri, 16 Dec 2022 15:25:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.7-capitals.com/wp-admin/css/l10n-rtl.min.css?ver=6.1.1

198.54.120.224

200 OK

595 B

URL HTTP/2
www.7-capitals.com/wp-admin/css/l10n-rtl.min.css?ver=6.1.1
IP
198.54.120.224:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2445)
Size
595 B (595 bytes)
Hash
bb3741a136fe4de85a254ecf5315e0c5
fe2d3b088543d885799765e6b1d1b1d39613f666
4b5bf234524ea556736a00264045168bdee499114e24ae6408e28ca8374d7d53

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-admin/css/l10n-rtl.min.css?ver=6.1.1 HTTP/1.1
Host: www.7-capitals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1
Cookie: wordpress_test_cookie=WP+Cookie+check
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Dec 2022 15:25:50 GMT
content-type: text/css
last-modified: Tue, 24 Sep 2019 01:51:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 595
date: Fri, 16 Dec 2022 15:25:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.7-capitals.com/wp-admin/css/login-rtl.min.css?ver=6.1.1

198.54.120.224

200 OK

1.9 kB

URL HTTP/2
www.7-capitals.com/wp-admin/css/login-rtl.min.css?ver=6.1.1
IP
198.54.120.224:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (6282)
Size
1.9 kB (1939 bytes)
Hash
1c81869e9b28e948a750dca71f693869
a870398f22ba9a96a72485483a16e3e352225a30
9dc560765f171e7ca4e64a2319bd63a40a2b474595f31e2d140fd4d5d0b7edff

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-admin/css/login-rtl.min.css?ver=6.1.1 HTTP/1.1
Host: www.7-capitals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1
Cookie: wordpress_test_cookie=WP+Cookie+check
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Dec 2022 15:25:50 GMT
content-type: text/css
last-modified: Tue, 25 Jan 2022 21:28:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1939
date: Fri, 16 Dec 2022 15:25:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18094
Expires: Fri, 16 Dec 2022 20:27:24 GMT
Date: Fri, 16 Dec 2022 15:25:50 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18094
Expires: Fri, 16 Dec 2022 20:27:24 GMT
Date: Fri, 16 Dec 2022 15:25:50 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18094
Expires: Fri, 16 Dec 2022 20:27:24 GMT
Date: Fri, 16 Dec 2022 15:25:50 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18094
Expires: Fri, 16 Dec 2022 20:27:24 GMT
Date: Fri, 16 Dec 2022 15:25:50 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4be35fbc-e4f0-449f-a4a6-8630871dbbca.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4be35fbc-e4f0-449f-a4a6-8630871dbbca.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11887 bytes)
Hash
3ffaf7e3899d2e846612269608ae1286
07e6d729ad09430b483f44c16146dd2707935314
0d101f77b5159818bdac6fd41d43df60d95a08cebea93b9c661d5694a2d92f54

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4be35fbc-e4f0-449f-a4a6-8630871dbbca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11887
x-amzn-requestid: 1bd2cd9d-d47b-4c67-ab16-9b9b6126fcd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNQ9ME94IAMFzWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9521-1f916ee5306bdb53701cba5a;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:44:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CPFHf2jkYX-Eas9cB8nUrwbbdc1b5HOkQmMosBIUXlQxkK8VXRz8ng==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:15:42 GMT
age: 61808
etag: "07e6d729ad09430b483f44c16146dd2707935314"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62fa3452-e15b-41dd-b257-cd6d8cfaea78.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5791 bytes)
Hash
c89c607de35e59fa4b8f79762af0f269
362e1b907abcaccb16b3750c21ed04e4fa91f04c
7b9a28ad984bc7544d0798ff38cf8e1ce9f2f21a0112c18ee127a7566ba683e4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62fa3452-e15b-41dd-b257-cd6d8cfaea78.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5791
x-amzn-requestid: 2fb8518c-1fe3-426e-94ed-eea686005473
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNRKYHeoIAMFgKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9575-0e312c40469090d033c6fc6a;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:45:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -baQ_JUiZDWWBIizZVrOZrXdHTSgQbIJubNqHqA7Zjj-eKTvCNfKSg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:09:08 GMT
age: 62202
etag: "362e1b907abcaccb16b3750c21ed04e4fa91f04c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f6337-b00d-4487-82ce-cbed5b4f3f4f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7616 bytes)
Hash
0d2294cdacdc84b8b19874ba56035a6d
53009a81b15e464d5529d36b1e04b841b2ae034e
67d59aa026b43ed3f698f3853b986fc7c07e4e6e5f7b3551e59238f79978480a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f6337-b00d-4487-82ce-cbed5b4f3f4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7616
x-amzn-requestid: 71bbe208-11e3-4280-bf09-bff8bd18fcb4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c82fXGmPoAMF3Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63950462-12393ca432808b7f0b2771dc;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 22:12:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G1MopDnv-WOAbIBMe0v-V9xXeJIVDReKWSMG33dQt1q5GpK41RU0PQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 07:15:01 GMT
age: 29449
etag: "53009a81b15e464d5529d36b1e04b841b2ae034e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d782d01-6608-4338-b97b-e67de1b79501.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11517 bytes)
Hash
61f4298f623f1d3736e5a4e34d42cb29
d183592b6efcd90bc1b10b11641999e82b30b813
3f69949de6c2328a1cb564d90338220812b05b50acafd02051619a0777b90a57

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d782d01-6608-4338-b97b-e67de1b79501.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11517
x-amzn-requestid: 0a7dcdfb-d929-402d-9c1b-3fb369ae56d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNRJJELFIAMFRVA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b956d-2a8feedd7c51991c1fb9676c;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:45:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bfTeGDInC1kr-T9TbxxhYeym2_TeJp734xXUh87QOybYDZFgROncQw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:19:32 GMT
age: 61578
etag: "d183592b6efcd90bc1b10b11641999e82b30b813"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F119528a5-7370-4990-b83c-626c858ba99d.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8601 bytes)
Hash
20c9788db0532c15e2d42faffc192bba
5051c939cdedb14e313d7413c0dff5fa0eab50ea
0a2e782b848394b167d6e2a9b521be11d473e96048de715a22bd6afaf7c58057

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F119528a5-7370-4990-b83c-626c858ba99d.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8601
x-amzn-requestid: f3be9b43-d8d9-4862-b06a-bac1de46d2c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNQ84Hh6oAMFRGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b951f-3b85d738211ce0ff0f8e6e74;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:43:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZISFRsj2Nq7L27qJheQ33qkfyNdG5_q6S6BcV-dGgcUmvPnYUS2FmA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:09:03 GMT
age: 62207
etag: "5051c939cdedb14e313d7413c0dff5fa0eab50ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad9b3731-4e58-4b83-86cf-7f2ecd6c4eb1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10132 bytes)
Hash
cab96eaa42941683dff4d1b6b093c007
ba5269c77dd0422ab275c9a3529fb2e1a1af6bc3
4fe48e9a35a50b7ae88f4b4de67aa82c4acbbe43aab655921f7bacb5524789f1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad9b3731-4e58-4b83-86cf-7f2ecd6c4eb1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10132
x-amzn-requestid: 9484ad87-61cb-40e5-9823-930ec9925e02
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dH-dXEfTIAMFZQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63997788-5dea61195ba653a87915845d;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 07:13:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VImsv72dpcwiDXWm67XU-rpUEuO5CMDwFs00DA9C6l-sKX5e2ChsQA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 06:51:09 GMT
age: 30881
etag: "ba5269c77dd0422ab275c9a3529fb2e1a1af6bc3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.7-capitals.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

198.54.120.224

200 OK

32 kB

URL HTTP/2
www.7-capitals.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
198.54.120.224:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (62895)
Size
32 kB (32223 bytes)
Hash
9cba33b887f822ba332f6d85eb5b5072
fd1fc921375281798fe4d07f0b7260092555de65
e3b8d3509cf2f371c822835351715ae906afd6ef80df03459aa57d487ed33cc0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.7-capitals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1
Connection: keep-alive
Cookie: wordpress_test_cookie=WP+Cookie+check
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Dec 2022 15:25:50 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 18:41:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 32223
date: Fri, 16 Dec 2022 15:25:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.7-capitals.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

198.54.120.224

200 OK

5.3 kB

URL HTTP/2
www.7-capitals.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
198.54.120.224:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (11126)
Size
5.3 kB (5302 bytes)
Hash
956cf065275d8f20bd7308cc227b326a
8afe0c8f3982b9455ee8f6a8c26e41d57d084eec
09d044a84da3eabdd0c8a5e2640bc2cb1bc0ecb77a85323e915cb5540c325e7c

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.7-capitals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1
Connection: keep-alive
Cookie: wordpress_test_cookie=WP+Cookie+check
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Dec 2022 15:25:50 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 09:27:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5302
date: Fri, 16 Dec 2022 15:25:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.7-capitals.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

198.54.120.224

200 OK

7.6 kB

URL HTTP/2
www.7-capitals.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
198.54.120.224:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (17841)
Size
7.6 kB (7644 bytes)
Hash
f27809af9d2de51e5dd42eb205fe4d11
8c9d0e14d0b6cc83c06f6d165080827d1bd073a4
7c80b97e702545ffb6f69c472447c89cdb3df60190c3e16b330edbba6ebf7f62

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.7-capitals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1
Connection: keep-alive
Cookie: wordpress_test_cookie=WP+Cookie+check
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Dec 2022 15:25:50 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 09:27:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7644
date: Fri, 16 Dec 2022 15:25:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.7-capitals.com/wp-includes/css/dashicons.min.css?ver=6.1.1

198.54.120.224

200 OK

35 kB

URL HTTP/2
www.7-capitals.com/wp-includes/css/dashicons.min.css?ver=6.1.1
IP
198.54.120.224:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (58981)
Size
35 kB (35110 bytes)
Hash
54c5bfb8a890d87139d9abfe01662c83
f9eddf5b8a3269e6d6fa40b4f13083705e6267c6
9685e5cabe4efc8c85e986725af8009b306416aad3ecc9086ca5bb12b84ce4ef

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dashicons.min.css?ver=6.1.1 HTTP/1.1
Host: www.7-capitals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1
Cookie: wordpress_test_cookie=WP+Cookie+check
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Dec 2022 15:25:50 GMT
content-type: text/css
last-modified: Fri, 16 Apr 2021 00:40:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 35110
date: Fri, 16 Dec 2022 15:25:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.7-capitals.com/wp-admin/css/forms-rtl.min.css?ver=6.1.1

198.54.120.224

200 OK

6.0 kB

URL HTTP/2
www.7-capitals.com/wp-admin/css/forms-rtl.min.css?ver=6.1.1
IP
198.54.120.224:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (26198)
Size
6.0 kB (6033 bytes)
Hash
7aedd82a0d8db3a40695be76b021c0da
0712062946775c5123fe0c07f09e4316646dd89f
05680535d459807435fae743ac393b2473d58157c7ed25e63d82f9efdc0e4576

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-admin/css/forms-rtl.min.css?ver=6.1.1 HTTP/1.1
Host: www.7-capitals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1
Cookie: wordpress_test_cookie=WP+Cookie+check
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Dec 2022 15:25:50 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 09:27:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6033
date: Fri, 16 Dec 2022 15:25:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.7-capitals.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5

198.54.120.224

200 OK

2.9 kB

URL HTTP/2
www.7-capitals.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP
198.54.120.224:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (4897)
Size
2.9 kB (2863 bytes)
Hash
939c15b9831812819e44d4f8dd3f56a2
8f2136b4708dc9c17bc7e8bc480f3908d421b6a3
97e2d155d62a9bea95fd45984c183991c2428ce0940a574d11effd619a4fc3f9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: www.7-capitals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1
Connection: keep-alive
Cookie: wordpress_test_cookie=WP+Cookie+check
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Dec 2022 15:25:50 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 09:27:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2863
date: Fri, 16 Dec 2022 15:25:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.7-capitals.com/wp-admin/js/password-strength-meter.min.js?ver=6.1.1

198.54.120.224

200 OK

1.8 kB

URL HTTP/2
www.7-capitals.com/wp-admin/js/password-strength-meter.min.js?ver=6.1.1
IP
198.54.120.224:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1110)
Size
1.8 kB (1829 bytes)
Hash
c7655a5d04edd73e316185456e9cfe59
8e7f4f5e1744522d4f975a70e9cb1c22cbd788cf
77284203db8c491af92a4914f7de740fb047aa85e533269b429a2e15f0889a8c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-admin/js/password-strength-meter.min.js?ver=6.1.1 HTTP/1.1
Host: www.7-capitals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1
Connection: keep-alive
Cookie: wordpress_test_cookie=WP+Cookie+check
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Dec 2022 15:25:50 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 09:27:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1829
date: Fri, 16 Dec 2022 15:25:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.7-capitals.com/wp-includes/js/wp-util.min.js?ver=6.1.1

198.54.120.224

200 OK

2.2 kB

URL HTTP/2
www.7-capitals.com/wp-includes/js/wp-util.min.js?ver=6.1.1
IP
198.54.120.224:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1413)
Size
2.2 kB (2190 bytes)
Hash
a9337c7bba70c6dea845566b5fe1344d
fd9f9b4c415ef4a40d5d52028857630cd45626f9
6a31587c866fd4e8db7a0665fbc9072f299634959835d6ac13efe8a26d84ad40

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-util.min.js?ver=6.1.1 HTTP/1.1
Host: www.7-capitals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1
Connection: keep-alive
Cookie: wordpress_test_cookie=WP+Cookie+check
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Dec 2022 15:25:50 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 09:27:45 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2190
date: Fri, 16 Dec 2022 15:25:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.7-capitals.com/wp-admin/js/user-profile.min.js?ver=6.1.1

198.54.120.224

200 OK

3.4 kB

URL HTTP/2
www.7-capitals.com/wp-admin/js/user-profile.min.js?ver=6.1.1
IP
198.54.120.224:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (6174)
Size
3.4 kB (3412 bytes)
Hash
100347b5af3ef64525319f6302eb3f4c
5af8edebcb83fd73598b70467585f42d0e39c166
acc71fde53e635ec5d1f0e440b5156d66823cf04c04ec0848f7d82d4616a7aa8

HTTP Headers

GET /wp-admin/js/user-profile.min.js?ver=6.1.1 HTTP/1.1
Host: www.7-capitals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1
Connection: keep-alive
Cookie: wordpress_test_cookie=WP+Cookie+check
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Dec 2022 15:25:50 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 09:27:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3412
date: Fri, 16 Dec 2022 15:25:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.7-capitals.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae

198.54.120.224

200 OK

5.0 kB

URL HTTP/2
www.7-capitals.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP
198.54.120.224:0
ASN
#22612 NAMECHEAP-NET

File type
data
Size
5.0 kB (5025 bytes)
Hash
e5cc6225bb64793d6a553f3632403830
52b856437aeb331d0a0afd0d18eda392f042cc3b
bd8d16f5f20423aa31f368ebc7398c56f08198767040b25e39b2710431355893

HTTP Headers

GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: www.7-capitals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1
Connection: keep-alive
Cookie: wordpress_test_cookie=WP+Cookie+check
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Dec 2022 15:25:50 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 09:27:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5025
date: Fri, 16 Dec 2022 15:25:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.7-capitals.com/wp-includes/js/underscore.min.js?ver=1.13.4

198.54.120.224

200 OK

8.5 kB

URL HTTP/2
www.7-capitals.com/wp-includes/js/underscore.min.js?ver=1.13.4
IP
198.54.120.224:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (18820)
Size
8.5 kB (8493 bytes)
Hash
63aa5f127de28e002c08cbeb2f0c69be
e56b3f71de739e3b72d8076413b0b99792b1b567
648ce373f2c8caef18328310424ccfb4e127203de50526bcf3d932ede1e38c9c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: www.7-capitals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1
Connection: keep-alive
Cookie: wordpress_test_cookie=WP+Cookie+check
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Dec 2022 15:25:50 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 09:27:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8493
date: Fri, 16 Dec 2022 15:25:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.7-capitals.com/wp-admin/images/wordpress-logo.svg?ver=20131107

198.54.120.224

200 OK

759 B

URL HTTP/2
www.7-capitals.com/wp-admin/images/wordpress-logo.svg?ver=20131107
IP
198.54.120.224:0
ASN
#22612 NAMECHEAP-NET

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1521), with no line terminators
Size
759 B (759 bytes)
Hash
deb0f7abad4fbc357a47038655c37d4c
e1aaf6812072f69785cac714e12e8678b0b0cac6
da9b46378d85ef440ae0461bd15c90bf606059e6bd2f8590a4fc4be4a9f6fcc0

HTTP Headers

GET /wp-admin/images/wordpress-logo.svg?ver=20131107 HTTP/1.1
Host: www.7-capitals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.7-capitals.com/wp-admin/css/login-rtl.min.css?ver=6.1.1
Cookie: wordpress_test_cookie=WP+Cookie+check
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Dec 2022 15:25:51 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Apr 2015 06:50:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 759
date: Fri, 16 Dec 2022 15:25:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.7-capitals.com/favicon.ico

198.54.120.224

404 Not Found

1.2 kB

URL HTTP/2
www.7-capitals.com/favicon.ico
IP
198.54.120.224:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.7-capitals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1
Connection: keep-alive
Cookie: wordpress_test_cookie=WP+Cookie+check
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Fri, 16 Dec 2022 15:25:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff22fa4a3-ba63-491d-a915-4c7ea375f720.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7896 bytes)
Hash
1439b219bc14c22c96fdba089d03dc40
bfe8173cae5e2c8fa781f11661dc0893fc159eb3
a5aad1c8c3464232f0bb74c8115ea0cb0d2ac6f43c5418feb967803ea8286ff3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff22fa4a3-ba63-491d-a915-4c7ea375f720.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7896
x-amzn-requestid: cf094f2f-ce6b-4626-8168-36944d557cb7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dHbA4FexoAMFe-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63993ed2-60e1d5f53f3d2ad01060a8d4;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 03:11:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mll3QERZM31KbfZHDwBbhVAn07NlWeRTNTL4hVyHXp1ctwbk-_Djjg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 04:14:19 GMT
age: 40298
etag: "bfe8173cae5e2c8fa781f11661dc0893fc159eb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1

198.54.120.224

200 OK

0 B

URL HTTP/2
www.7-capitals.com/wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1
IP
198.54.120.224:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-login.php?redirect_to=https://7-capitals.com/wp-admin/update-core.php&reauth=1 HTTP/1.1
Host: www.7-capitals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
x-powered-by: PHP/7.2.34
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
set-cookie: wordpress_test_cookie=WP+Cookie+check; path=/; secure
wordpress_c106789d3b19a000db832f0d0571400d=+; expires=Thu, 16-Dec-2021 15:25:50 GMT; Max-Age=0; path=/wp-admin; secure
wordpress_sec_c106789d3b19a000db832f0d0571400d=+; expires=Thu, 16-Dec-2021 15:25:50 GMT; Max-Age=0; path=/wp-admin; secure
wordpress_c106789d3b19a000db832f0d0571400d=+; expires=Thu, 16-Dec-2021 15:25:50 GMT; Max-Age=0; path=/wp-content/plugins; secure
wordpress_sec_c106789d3b19a000db832f0d0571400d=+; expires=Thu, 16-Dec-2021 15:25:50 GMT; Max-Age=0; path=/wp-content/plugins; secure
wordpress_logged_in_c106789d3b19a000db832f0d0571400d=+; expires=Thu, 16-Dec-2021 15:25:50 GMT; Max-Age=0; path=/; secure
wordpress_logged_in_c106789d3b19a000db832f0d0571400d=+; expires=Thu, 16-Dec-2021 15:25:50 GMT; Max-Age=0; path=/; secure
wp-settings-0=+; expires=Thu, 16-Dec-2021 15:25:50 GMT; Max-Age=0; path=/; secure
wp-settings-time-0=+; expires=Thu, 16-Dec-2021 15:25:50 GMT; Max-Age=0; path=/; secure
wordpress_c106789d3b19a000db832f0d0571400d=+; expires=Thu, 16-Dec-2021 15:25:50 GMT; Max-Age=0; path=/; secure
wordpress_c106789d3b19a000db832f0d0571400d=+; expires=Thu, 16-Dec-2021 15:25:50 GMT; Max-Age=0; path=/; secure
wordpress_sec_c106789d3b19a000db832f0d0571400d=+; expires=Thu, 16-Dec-2021 15:25:50 GMT; Max-Age=0; path=/; secure
wordpress_sec_c106789d3b19a000db832f0d0571400d=+; expires=Thu, 16-Dec-2021 15:25:50 GMT; Max-Age=0; path=/; secure
wordpressuser_c106789d3b19a000db832f0d0571400d=+; expires=Thu, 16-Dec-2021 15:25:50 GMT; Max-Age=0; path=/; secure
wordpresspass_c106789d3b19a000db832f0d0571400d=+; expires=Thu, 16-Dec-2021 15:25:50 GMT; Max-Age=0; path=/; secure
wordpressuser_c106789d3b19a000db832f0d0571400d=+; expires=Thu, 16-Dec-2021 15:25:50 GMT; Max-Age=0; path=/; secure
wordpresspass_c106789d3b19a000db832f0d0571400d=+; expires=Thu, 16-Dec-2021 15:25:50 GMT; Max-Age=0; path=/; secure
wp-postpass_c106789d3b19a000db832f0d0571400d=+; expires=Thu, 16-Dec-2021 15:25:50 GMT; Max-Age=0; path=/; secure
content-encoding: br
vary: Accept-Encoding
date: Fri, 16 Dec 2022 15:25:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations